• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 149
  • Last Modified:

Detect Users Group

Hi

Anyone know how to detect which group the user is in?  For example as a test, I would like the program to show a messagebox when it loads to show which group he or she is in.  So for me it should show "Power User", for my manager it should say Domain Admin, for a normal user is should say user etc etc.

Anyone know if this can be done?

Thanks
0
narmi2
Asked:
narmi2
  • 2
2 Solutions
 
sr101880Commented:
Are you looking check if a user is in a specific group or are you looking for a list of groups the user is in?
0
 
Bob LearnedCommented:
Here is a class to get current user roles:

Imports System.Reflection
Imports System.Security.Principal

Public Class SecurityRoles

  Public Shared Function GetRoles() As String()

    Dim id As WindowsIdentity = WindowsIdentity.GetCurrent()

    Dim idType As Type
    idType = GetType(WindowsIdentity)
    Dim result As String() = idType.InvokeMember("_GetRoles", _
     BindingFlags.Static Or BindingFlags.InvokeMethod Or BindingFlags.NonPublic, _
     Nothing, id, New Object() {id.Token}, Nothing)

    Return result

  End Function

End Class

Bob
0
 
sr101880Commented:
If your goal was to detect the group for the user and put it in a message box you can use the function above along with the following code to get the job done:

        Dim i As Integer
        Dim mystring As String

        i = 0

        Do While i <= (GetRoles.Length - 1)
            mystring += GetRoles.GetValue(i) & Chr(10)

            i += 1

        Loop

        MsgBox(mystring)



However, I wanted to know and suspect that you would like to check if the user belongs to a specific group.  This can be accomplished by using the following:


Imports System.Security.Principal
Imports System.Security.Permissions


Imports System.Threading

   ' <Description("Please use 1 for the optional parameter to specify a builtin role")> _
        Public Function InRole(ByVal mRole As String, Optional ByVal mBuiltIn As Integer = 0) As Boolean  'Set to

            GetIdentity()

            If Not (mBuiltIn = 1) Then
                Try
                    Dim p1 As PrincipalPermission = New PrincipalPermission(Thread.CurrentThread.CurrentPrincipal.Identity.Name, mstrDomain & "\" & mRole)  '<--- mstrDomain needs to be set to your computer name or Domain name before you call this function.
                    p1.Demand()


                    Return True

                Catch ex As Exception

                    Return False

                End Try

            Else

                Try
                    Dim p1 As PrincipalPermission = New PrincipalPermission(Thread.CurrentThread.CurrentPrincipal.Identity.Name, "BUILTIN\" & mRole)
                    p1.Demand()


                    Return True

                Catch ex As Exception

                    Return False

                End Try

            End If


        End Function

All you need to do is call the function like so to verify if the user is in the proper role:



 If Not ((InRole("BANKER")) Or _
            InRole("Administrators", 1)) Then

            MsgBox("You don't have permission to take Money!", MsgBoxStyle.Critical, "Security Restriction!")

            ' Add code here to disable or enable secure part of program


        End If

Please let me know if you have any questiions.
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now