Community Server on my mind

J-O Eriksson's blog

  • Running on CS 2.1 SP 2

    See top menu for subscription options

    Technology Blogs - Blog Top Sites

    BlogRankers.com

    Add to Technorati Favorites

13 Mar 2007
How to add new users to different roles on the fly

Sometimes there might be a need to add your users to different roles, depending on certain invitations, at registration time. Is that possible in Community Server (CS)?

Well, in this case CSModules can be your friend as in many other situations. The other day there was a request for this functionality in the CSOrg Forums. I thought it would be an interesting case to do some sample code for a CSModule that did this by reading an argument from the query string.

You might think that this could be done with a new drop down field on the registration page. Well , you're right, but in this case that was requested the user should not be able to choose their own role. The role should be decided by a person that invited the user. So it should probably be a link in an e-mail or similar.

My thinking was that you would put an RoleID as an argument in the query string, like:

http://<your server>/CreateUser.aspx?roleid=<RoleID>

Then design a CSModule that would read the QueryString and add the user to that role within the PreUserUpdate event.

First register for the PreUserUpdate event. (Sorry for the pictures not looking as good or acting as they should, but my QGyen Flickr CSModule has suddenly stopped working. Click on the pictures to see them in original size.)

Visual Basic
RolesByQueryVB

C#
RolesByQueryCSharp

After that we handle the reading of the querystring, check if it is an existing role that is not one of the built-in roles. We wouldn't want anyone guessing the roleID of the Administrators role and register themselves as Admins. Lastly if all validations are ok, add the user to the desired role.

Visual Basic
RolesByQueryVB2

C#
RolesByQueryCSharp2

This is a sample on how you could do it. I haven't put much more thought on the security aspects of it, more that making sure no one adds himself to the admin (or other high permission) role. If you have feedback on how the security could be increased on this CSModule please post a comment.

Download it from here and try it out! I have included the source code in this download (VB and C#).

If you enjoyed this post Subscribe to my feed via RSS or e-mail!
Posted: Tuesday, March 13, 2007 2:53 AM by J-O Eriksson

Comments

Dave Burke's Community Server Bits said:

I was waiting for this post! J-O Eriksson mentioned on a CS Forums post that he would demonstrate how

# March 12, 2007 8:50 PM

Announcements said:

This week... Scott Watermasysk announces the availability of the book Professional Community Server!

# March 16, 2007 8:55 AM

Community Server said:

This week... Scott Watermasysk announces the availability of the book Professional Community Server!

# March 16, 2007 8:58 AM

Rob Blankenship said:

Is it possible to make it so that when you invite folks you can select the user type your want them to be.  Then, encode that info so that we they "redeem" their activation code it reads it from that?  This would avoid any hacking attempts as it is stored in the encrypted string.

# March 28, 2007 10:01 PM

J-O Eriksson said:

Rob,

Sure, it is possible. The code I did above is not hooked into the CS invitation feature though. But one could of course build a custom invite page in the admin section with for example an e-mail field and a drop-down with roles that you want the invited user to get into at registration. When clicking invite on that form, a mail is sent to the email address with the encoded URL argument that you are suggesting.

# March 29, 2007 1:30 AM

shakes said:

I am using cs 2007 and was wondering if your code would work for my scenario (i noticed it was for 2.1). I would like my users to be able to select their roles upon registration possibly with a drop down box or some radio buttons.

# June 13, 2007 6:09 PM

J-O Eriksson said:

I just recompiled the code after referencing the 2007 binaries instead of the 2.1 ones. And that worked fine.

I had to change the event from PreUserUpdate to PostUserUpdate though for it to work. I don't remember, but that change might have been necessary for 2.1 as well.

Do you have Visual Studio and are able to do this, or should I upload a new version to my download section?

# June 14, 2007 2:26 AM

shakes said:

I have visual web developer express...in all honesty i probably would not know what i am doing...i kind of bumble my way through code

# June 25, 2007 10:30 PM

Chris said:

Has anyone tried using a dropdownlist and adding the code to the createuser page?  I can't seem to hook into the event and get the code to fire...

# August 1, 2007 9:25 AM
New Comments to this post are disabled