Close this search box.

Implementing RoleManager in ASP.NET MVC 5

There is something great included in ASP.NET MVC 5 that seems underutilized except by the ASP.NET MVC team. The rest of us seem to be ignoring it, which is apparent when looking at the solutions on StackOverflow (and blogs) for questions like “how do I use roles with ASP.NET MVC 5?” When I look at how identity is implemented in mvc, what stands out is the dependency injection. And, that dependency injection appears to be missing in the answers to how to implement roles. Dependency is a great tool, it’s built into the OWIN implementation, so why not use it?

To implement the role manager in MVC 5, look for a file in App_Start called IdentityConfig.cs. If you don’t have this file, look for the file that contains the implementation of your ApplicationUserManager (derived from UserManager) and ApplicationSignInManager (derived from SignInManager). At the bottom of that file, inside the namespace, add the following class definition:

public class ApplicationRoleManager : RoleManager<IdentityRole> {
  public ApplicationRoleManager(IRoleStore<IdentityRole, string> store)
      : base(store) {}
  public static ApplicationRoleManager Create(
      IdentityFactoryOptions<ApplicationRoleManager> options,
      IOwinContext context) {
    var roleStore =
        new RoleStore<IdentityRole>(context.Get<AuthenticationDbContext>());
    return new ApplicationRoleManager(roleStore);

There are a couple of prototypes for the Create method. In this case, I wanted to get the database context from the OWIN context, so I used the more elaborate overload. If you don’t want to do that, you can use the Create(Func<T>) overload, which doesn’t take any parameters.  Now, to make sure OWIN knows about your ApplicationRoleManager class, go the ConfigureAuth method in your Startup partial class implementation in Startup.Auth.cs (also in App_Start).  Or, you can also put what I’m getting ready to show you in the Configuration method of the OWIN startup class. This class is usually called Startup.cs and you’ll find it in the same directory as the root web.config.

public void ConfigureAuth(IAppBuilder app) {
  // Configure the db context, user manager and signin manager to use a single
  // instance per request

See how I just stuck that line for ApplicationRoleManager there next to the other authentication delegate registrations?  Alright, so here comes the cool part…now we can just inject the role manager right into the AccountController or whatever other controller we need.  Check this out…

public AccountController(SendMailManager emailManager,
                         ApplicationUserManager userManager,
                         ApplicationSignInManager signInManager,
                         ApplicationRoleManager roleManager) {
  this.MailManager = emailManager;
  this.RoleManager = roleManager;
  this.SignInManager = signInManager;
  this.UserManager = userManager;

As you can see, I have already used the dependency injection to insert my own mail manager. AccountController should already be set up with this kind of structure. If it’s not, though, simply changing your constructor to look like this will cause MVC to inject those dependencies into your controller. Then, all you have to do is create a property to hold that ApplicationRoleManager thing and you’re all set!

private ApplicationRoleManager roleManager;
public ApplicationRoleManager RoleManager {
  get {
    return this.roleManager ??
  set { this.roleManager = value; }

What?  What?  Dudes, I kid you not. ApplicationRoleManager is now available to your controller through this.RoleManager. And, get this, you haven’t thwarted the testability of your controller by newing up a role manager, user manager, and context in your controller actions.  What?  What?  Dudes, come on.  Dudes.


Posted on Sunday, December 28, 2014 6:42 PM Web , ASP.NET , MVC | Back to top

This article is part of the GWB Archives. Original Author: MARKUS POPE

Related Posts