Users and roles

Check whether a user is in a role

The following example checks whether the user is in the specified role.
First, you get an instance of the roles and users managers. Then, to get a value indicating whether the specified user is in the specified role, you call the IsUserInRolemethod of the roles manager.

using Telerik.Sitefinity.Security;
using Telerik.Sitefinity.Security.Model;

namespace Telerik.Sitefinity.Documentation.CodeSnippets.DeepDive.Security.Roles.UsersAndRoles
{
   public partial class RolesApiSnippets
   {
       public static bool IsUserInRole(string userName, string roleName)
       {
           bool isUserInRole = false;

           UserManager userManager = UserManager.GetManager();
           RoleManager roleManager = RoleManager.GetManager(SecurityConstants.ApplicationRolesProviderName);

           bool userExists = userManager.UserExists(userName);
           bool roleExists = roleManager.RoleExists(roleName);

           if (userExists && roleExists)
           {
               User user = userManager.GetUser(userName);
               isUserInRole = roleManager.IsUserInRole(user.Id, roleName);
           }

           return isUserInRole;
       }
   }
}

Get all users in role

The following example returns all users in the specified role.
First, you get an instance of the roles manager. Then, to get all users in the specified role, you call the GetUsersInRolemethod passing the role name as an argument.

using System.Collections.Generic;
using System.Linq;
using Telerik.Sitefinity.Security;
using Telerik.Sitefinity.Security.Model;

namespace Telerik.Sitefinity.Documentation.CodeSnippets.DeepDive.Security.Roles.UsersAndRoles
{
   public partial class RolesApiSnippets
   {
       public static List<User> GetUsersInRole(string roleName)
       {
           List<User> users = new List<User>();

           RoleManager roleManager = RoleManager.GetManager(SecurityConstants.ApplicationRolesProviderName);

           if (roleManager.RoleExists(roleName))
           {
               users = roleManager.GetUsersInRole(roleName).ToList();
           }

           return users;
       }
   }
}

Get all roles for user

The following example returns all roles that the specified user is in.
First, you get an instance of the roles manager. Then, you get the user by calling the GetUser method of the users’ manager. Finally, to get all roles for the user, you call the GetRolesForUsermethod of the roles manager passing the IDof the user as an argument.

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using Telerik.Sitefinity.Security;
using Telerik.Sitefinity.Security.Model;

namespace Telerik.Sitefinity.Documentation.CodeSnippets.DeepDive.Security.Roles.UsersAndRoles
{
   public partial class RolesApiSnippets
   {
       public static List<Role> GetRolesForUser(string userName)
       {
           List<Role> roles = new List<Role>();

           RoleManager roleManager = RoleManager.GetManager(SecurityConstants.ApplicationRolesProviderName);
           UserManager userManager = UserManager.GetManager();

           bool userExists = userManager.UserExists(userName);

           if (userExists)
           {
               User user = userManager.GetUser(userName);
               roles = roleManager.GetRolesForUser(user.Id).ToList();
           }

           return roles;
       }
   }
}

Add user to roles

The following example adds the specified user to the specified roles.
First, you get an instance of the roles and users managers. Then, you get the user by calling the GetUsermethod of the users’ manager. Then, for each role in the list, you add the user in it by calling the AddUserToRolemethod of the roles manager. Finally, you save the changes.

//  SF_10.1, SF_10.2 - https://docs.sitefinity.com/for-developers-users-and-roles
// https://gist.github.com/d84a6e6a421892904c56ebfde31c033d
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using Telerik.Sitefinity.Security;
using Telerik.Sitefinity.Security.Model;

namespace SitefinityWebApp
{
   public partial class RolesApiSnippets
   {
       public static void AddUserToRoles(string userName, List<string> rolesToAdd)
       {
           UserManager userManager = UserManager.GetManager();
           RoleManager roleManager = RoleManager.GetManager(SecurityConstants.ApplicationRolesProviderName);
           roleManager.Provider.SuppressSecurityChecks = true;

           if (userManager.UserExists(userName))
           {
               User user = userManager.GetUser(userName);

               foreach (var roleName in rolesToAdd)
               {
                   if (roleManager.RoleExists(roleName))
                   {
                       Role role = roleManager.GetRole(roleName);
                       roleManager.AddUserToRole(user, role);
                   }
               }
           }

           roleManager.SaveChanges();
           roleManager.Provider.SuppressSecurityChecks = false;
       }
   }
}

Remove user from roles

The following example removes the specified user from the specified roles.
First, you get an instance of the roles and users managers. Then, you get the user by calling the GetUsermethod of the users’ manager. Then, for each role in the list, you remove the user from it by calling the RemoveUserFromRolemethod of the roles manager. Finally, you save the changes.

using System.Collections.Generic;
using Telerik.Sitefinity.Security;
using Telerik.Sitefinity.Security.Model;

namespace Telerik.Sitefinity.Documentation.CodeSnippets.DeepDive.Security.Roles.UsersAndRoles
{
   public partial class RolesApiSnippets
   {
       public static void RemoveUserFromRoles(string userName, List<string> rolesToRemove)
       {
           UserManager userManager = UserManager.GetManager();
           RoleManager roleManager = RoleManager.GetManager(SecurityConstants.ApplicationRolesProviderName);
           roleManager.Provider.SuppressSecurityChecks = true;

           if (userManager.UserExists(userName))
           {
               User user = userManager.GetUser(userName);

               foreach (var roleName in rolesToRemove)
               {
                   if (roleManager.RoleExists(roleName))
                   {
                       Role role = roleManager.GetRole(roleName);
                       roleManager.RemoveUserFromRole(user, role);
                   }
               }
           }

           roleManager.SaveChanges();
           roleManager.Provider.SuppressSecurityChecks = false;
       }
   }
}

Want to learn more?

Enhance your Sitefinity skills by enrolling in free training sessions. Become Sitefinity certified through Progress Education Community to strengthen your professional credentials.

Get started with Integration Hub | Sitefinity Cloud

This free lesson teaches administrators, marketers, and other business professionals how to use Sitefinity Integration Hub to create automated workflows between Sitefinity and other business systems.

Web Security for Sitefinity Administrators

This free lesson teaches administrators the basics about protecting your Sitefinity instance and your sites from external threats. Configure HTTPS, SSL, allow lists for trusted sites, and cookie security, among others.

Foundations of Sitefinity ASP.NET Core Development

The free on-demand video course teaches developers how to use Sitefinity ASP.NET Core and take advantage of its decoupled architecture and modern development model.