Is there a way to see if a specific user is in a specific role?

I am working on a sync utility that will allow us to synchronize DNN roles (i.e., permissions) with an external datastore that we have.  It will run nightly and ensure that users are in the proper roles based on whether or not they are current members of our organization.

So, when I check our external datastore and see that someone is a member, I want to then check to see if the corresponding user in DNN is in the proper role.  If not, I will add them to the role.

So far I have been unable to find a method that will allow me to ask "is username smith in rolename member?"  or "is UserID 12 in RoleID 3?"

Is there a way to do this?

It looks like I can get all the roles that a user is in by calling

string[] RoleController::GetRolesByUser(UserID, PortalID)

And I get an array of strings back... I assume then I could iterate through this array, and if I don't find a match, I know they're not in the role.

But it just seems like there would already be something in the DNN framework to do what I want, without reinventing anything.

Thoughts?

While this is easy to do for the currently logged in user, there does not appear to be a way to do so without iterating through an array of roles or users or writing your own sproc to directly acces the various role and user related tables.  Here's code that I recently used (DNN 3.1) to populate one side of a dual listbox with the usernames of those in a comma delimited string of rolenames:

Imports AspNetRoles = Microsoft.ScalableHosting.Security.Roles 'Set AspNetRoles alias

' . . . .

Private Sub PopulateAvailableAuthorizedContacts()
            'Note if any users already assigned are to be properly removed from the Available
            'AuthorizedContacts listbox, the PopulateAssignedAuthorizedContacts must be called first
            Dim UC As New UserController
            Dim UsersInRole() As String
            Dim Username As String
            Dim UserID As String
            If Not Settings("editroles") Is Nothing Then
                AvailableAuthorizedContacts.Clear()
                For Each EditRole As String In CType(Settings("editroles"), String).Split(";"c)
                    If EditRole.Length > 0 Then
                        Try
                            For Each Username In AspNetRoles.GetUsersInRole(EditRole)
                                Dim User As UserInfo = UC.GetUserByUsername(PortalId, Username)
                                UserID = User.UserID.ToString
                                If FindAuthorizedContact(AssignedAuthorizedContacts, UserID) Is Nothing Then
                                    AvailableAuthorizedContacts.Add(New ListItem(Username & " (" & User.FullName & ")", UserID))
                                End If
                            Next
                        Catch ex As Exception
                            'Eat any exception - can't populate so will return empty or partial list
                        End Try
                    End If
                Next
                With dlcAuthorizedContacts
                    .DataTextField = "Text"
                    .DataValueField = "Value"
                    .Available = AvailableAuthorizedContacts
                End With
            End If
        End Sub

        Private Function FindAuthorizedContact(ByVal AuthorizedContacts As ArrayList, ByVal UserID As String) As ListItem
            For Each li As ListItem In AuthorizedContacts
                If li.Value = UserID Then Return li
            Next
            Return Nothing
        End Function

Note that this code is for DNN 3.1.  There was a major change in the role provider between DNN 3.1 (which referenced Microsoft.ScalableHosting.Security.Roles) and DNN 4.0 (which references the built-in ASP.NET 2.0 roles provider (System.Web.Security).  I discovered this breaking change when patching FotoVisionDNN's webservice authentication code to work with DNN 4.  Here's a section of that code which interates through a module's permissions to see if a specific user is in an authorized role:

Imports AspNetSecurity = System.Web.Security

' . . . .

Dim mpc As New ModulePermissionController
Dim m As ModulePermissionCollection=mpc.GetModulePermissionsCollectionByModuleID(ModuleID)
For Each mp As ModulePermissionInfo In m
   If mp.PermissionKey = "EDIT" AndAlso AspNetSecurity.Roles.IsUserInRole(Me.Credentials.Username, mp.RoleName) Then
        blnHasAccess = True
        'is in acceptable role so set up folder dir . . . etc.                   
   End If
Next

Hope this helps get you started - would sure be nice to have a method in the roles or users controller to do this more easily.

---

Bill, WESNet Designs
Team Lead - DotNetNuke Gallery Module Project (Not Actively Being Developed)
Extensions Forge Projects . . .
Current: UserExport, ContentDeJour, ePrayer, DNN NewsTicker, By Invitation
Coming Soon: FRBO-For Rent By Owner

I wound up doing just what I said: iterating through the strings I got back to see if they're in the role I was interested in.

Oh well.