DNN Forums

Ask questions about your website to get help learning DNN and help resolve issues.

Create roles with custom RoleID

 11 Replies
 2 Subscribed to this topic
 23 Subscribed to this forum
Sort:
Page 1 of 212 > >>
Author
Messages
Growing Member
Posts: 53
Growing Member

    Hi everyone.
    I need to create DNN roles with custom ids.
    I see that the insertion in the "Roles" table is carried out by a store procedure which returns the value of the self-incrementing field which represents its key.
    I don't want to modify the DB, I would like to do it in an "orthodox" way by writing a provider that allows all of this


    SET IDENTITY_INSERT Roles] ON;
    INSERT INTO Roles (...) Values(...);
    SET IDENTITY_INSERT Roles] OFF;

    but I have no idea how to override the default DNN provider.

    Am I going the wrong way?
    Has the same need happened to you?
    Could you share your insights by providing examples?

    Thanks
    S.

    Veteran Member
    Posts: 1179
    Veteran Member
      Even if this is an interesting question, I wonder why you would like to do this. An ID is just an ID and should never be interpretable in some way. So what is the reason and usecase to do this?

      Happy DNNing!
      Michael

      Michael Tobisch
      DNN★MVP

      DNN Connect
      Growing Member
      Posts: 53
      Growing Member
        Legitimate question, but I avoided providing explanations in advance so as not to confuse ideas.
        Standard roles are provided in our product, but customers can create their own. As well as other types of objects.
        Roles are matched to the objects they can view.

        But what happens when I update the product?
        The new roles created as standard are installed, overwriting those created by the customer.

        So if I have 20 roles as a standard (IDs from 1 to 20), the customer ones start at 21.
        If at the next update I provide 5 more roles as standard (with related DNN site object enablements), 5 of the customer will be overwritten.
        During the upgrade I could update the references of the custom roles, but in the DNN object collection it is difficult to distinguish between the standard role ID and the custom role ID.
        Veteran Member
        Posts: 1179
        Veteran Member

          Although this gets more into a "philosophical" discussion: in your concept is some meaning in the RoleID (RoleID <= 20 means Standard Role etc.). This is something I would avoid, because an ID is just an ID. Using the RoleName is much more the way to go, eg.

          UserInfo.IsInRole(string roleName)

          So you have to flag the "Standard" roles in some way, that they cannot get deleted or renamed by the customers, as some logic from your side relays on them. And there is something in DNN to reach this, and this is the IsSystemRole property of the RoleInfo object. Just set it to true when you create the role.

          Hope that helps.

          Happy DNNing!
          Michael

          Michael Tobisch
          DNN★MVP

          DNN Connect
          Growing Member
          Posts: 53
          Growing Member

            I fully agree with your observations.
            But the DNN DB is structured in order to relate the PKs of the objects, as it should be.
            In a purely functional context, there is no other way than to rely on the name of the role, which in fact establishes its purpose.
            But if we go down one level, I have to consider that DNN objects are assigned visibility (or not) to the role with a certain ID, because in fact it is the data persisted in the database.

            PS: the customer cannot modify anything of the standard, he can only add: roles, users, objects, etc...

            Thanks
            S.

            Senior Member
            Posts: 1430
            Senior Member

              Honestly, I think this is indeed possible, but it would be pretty hacky and would require a custom RoleProvider is created to handle all of these things.  Though, even with all of this work, you'll have weird bugs that you'll just have to deal with.  This is because the rest of DNN uses IDs/PKs differently than your app intends to.  

              However, to avoid these kinds of "workarounds" in the past, we've simply implemented logic around the naming convention of Role Names, as Michael suggested.  

              Growing Member
              Posts: 53
              Growing Member

                Thanks Will,
                if customer create custom roles, how can i know:
                1) Their names?
                2) What objects they enable?
                3) Which users are assigned to?
                From the database and its relationships.

                Before each update I save the customer's custom data, but repopulate them in the db after the update (yes, in fact I'm going to replace it with that of the updated version...) at the moment it is only possible by going through the DNN API.


                RoleController.Instance.AddRole

                Which results in a new id being assigned to an old role that is already set to existing objects that I don't have direct control over.

                So you're referring to implementing a RoleController instead of a RoleProvider?

                Sorry for my noobish questions.

                Thanks
                S.

                Growing Member
                Posts: 53
                Growing Member
                  Additional question: how to correctly load/inject a RoleController/RoleProvider instead of default one?
                  I'm working on DNN 7.4 (but I'm slowly migrating to 9.11.02 :-D)

                  Thanks
                  S.
                  Veteran Member
                  Posts: 1179
                  Veteran Member
                    Posted By Seek on 8/10/2023 5:02 PM

                    Thanks Will,
                    if customer create custom roles, how can i know:
                    1) Their names?
                    2) What objects they enable?
                    3) Which users are assigned to?
                    From the database and its relationships.

                    ad 1) and 3): There are three tables, Roles, Users and UserRoles. The names of the roles can be found in the Roles table ("RoleName"), and the users assigned are in the UserRoles table. Eg, to find all users in the Administrators role, you can use this statement in the SQL Console:

                    SELECT
                      r.RoleName,
                      u.FirstName,
                      u.LastName,
                      u.Username,
                      u.Email
                    FROM
                      dbo.Roles r
                      INNER JOIN dbo.UserRoles ur ON ur.RoleID = r.RoleID
                      INNER JOIN dbo.Users u ON u.UserID = ur.UserID
                    WHERE
                      r.PortalID = your_portal_id AND
                      r.RoleName = 'Administrators'

                    ad 2) I think the relevant tables are Permission, PortalPermission (PortalID from Partals), TabPermission (TabID from Tabs), FolderPermission (FolderID from Folders) and ModulePermission (ModuleID from Modules), maybe there are some more in your usecase (PersonaBarPermission, ContententWorkflowStatePermission, and others related to some third party modules like ActiveForums_Permissions etc.), but it's quite easy to explore.

                    Happy DNNing!
                    Michael

                     

                    Michael Tobisch
                    DNN★MVP

                    DNN Connect
                    Veteran Member
                    Posts: 1179
                    Veteran Member
                      Posted By Seek on 8/11/2023 9:35 AM
                      Additional question: how to correctly load/inject a RoleController/RoleProvider instead of default one?
                      I'm working on DNN 7.4 (but I'm slowly migrating to 9.11.02 :-D)

                      Thanks
                      S.

                      The role provider is defined in the web(dot)config, the original entry is

                      {roles defaultProvider="DNNRoleProvider"}
                        {providers}
                          {clear /}
                          {add name="DNNRoleProvider" type="DotNetNuke.Security.Roles.DNNRoleProvider, DotNetNuke" providerPath="~\Providers\MembershipProviders\DNNMembershipProvider\" /}
                        {/providers}
                      {/roles}

                      (use < and > instead of { and })

                      Happy DNNing!
                      Michael

                      Michael Tobisch
                      DNN★MVP

                      DNN Connect
                      Page 1 of 212 > >>

                      These Forums are dedicated to the discussion of DNN Platform.

                      For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

                      1. If you have (suspected) security issues, please DO NOT post them in the forums but instead follow the official DNN security policy
                      2. No Advertising. This includes the promotion of commercial and non-commercial products or services which are not directly related to DNN.
                      3. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
                      4. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
                      5. No Flaming or Trolling.
                      6. No Profanity, Racism, or Prejudice.
                      7. Site Moderators have the final word on approving / removing a thread or post or comment.
                      8. English language posting only, please.

                      Would you like to help us?

                      Awesome! Simply post in the forums using the link below and we'll get you started.

                      Get Involved