Role Based User Access in Vb.net

Hakan
Hakan used Ask the Experts™
on
I'd like to know my users when they are open my application. I'm trying to manage Users and Roles and don't know how to do so i created a Access Database for users like below.

User Informations
and also i'm defining access options as UserRoles  according to user like below.

User Roles
When user opens the application, i get UserName, UserDomain and UserMachineName information and compare it with my Access db information if user doesn't exists application exit. If user in database it looks it's UserRole options. If user access checked, related panel is enabled if it's not checked it returns false and make panel invisible.

I'm calling below code on  form's "Load" event with EVENT__USER.DefineUser().

It's working but the main problem is it's  not efficient because it tooks a bit to open tool, it's about 30 seconds to load application only because of this. Could anyone suggest me logic way? I need Role Based User Rights but probably this isn't way to connect and check or am i doing something wrong?


Option Explicit On
Option Strict On
Imports System.IO
Public Class EVENT__USER
    Public Shared Sub DefineUser()

        Dim dbDir As String = Path.Combine(Environment.CurrentDirectory, My.Settings.str_accessdb__data_dir, My.Settings.str_accessdb__data_db)
        Dim dtUsers As DataTable
        Dim dtRoles As DataTable

        dtUsers = AccessUtility.ReadTable(dbDir, "Select * from Users")
        Dim UserName As String = Environment.UserName
        Dim UserDomainName As String = Environment.UserDomainName
        Dim UserMachineName As String = Environment.MachineName

        Dim drs As DataRow() = dtUsers.Select("[User Name]='" + UserName + "'")

        If drs.Length > 0 Then
            dtRoles = AccessUtility.ReadTable(dbDir, "Select * from UserRoles")
            Dim drRoles As DataRow() = dtRoles.Select($"Role='{drs(0)("Role")}'")

            Dim moduleTabs As Dictionary(Of Panel, Boolean) = New Dictionary(Of Panel, Boolean)
            moduleTabs.Add(FRM__MAIN.pnlModuleBuild, CBool(drRoles(0)("Build")))
            moduleTabs.Add(FRM__MAIN.pnlModuleCheck, CBool(drRoles(0)("Check")))
            moduleTabs.Add(FRM__MAIN.pnlModuleConfigure, CBool(drRoles(0)("Configure")))
            moduleTabs.Add(FRM__MAIN.pnlModuleTest, CBool(drRoles(0)("Test")))
	    moduleTabs.Add(FRM__MAIN.pnlModuleManagement, CBool(drRoles(0)("Management")))
	    moduleTabs.Add(FRM__MAIN.pnlModulePublish, CBool(drRoles(0)("Publish")))
	    moduleTabs.Add(FRM__MAIN.pnlModuleTempCheck, CBool(drRoles(0)("TempCheck")))

            For Each item In moduleTabs
                EnablePage(item.Key, item.Value)
            Next
        Else
            Application.Exit()
        End If
    End Sub

    Private Shared Sub EnablePage(ByVal page As Panel, ByVal enable As Boolean)
        If enable = True Then
        Else
            page.Visible = False
        End If
    End Sub

End Class

Open in new window


For reading from the access

Option Explicit On
Option Strict On

Imports System
Imports System.Collections.Generic
Imports System.Data
Imports System.Data.OleDb
Imports System.IO
Imports System.Linq
Imports System.Runtime.InteropServices
Imports System.Text
Imports System.Threading.Tasks

Namespace Utility
    Public Class AccessUtility
        Public Shared Sub ExecuteQuery(ByVal pathFile As String, ByVal Sql As String)
            Dim constring As String = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=" + pathFile
            Using myconnection As New OleDbConnection(constring)
                myconnection.Open()
                Using cmd As New OleDbCommand(Sql, myconnection)
                    cmd.ExecuteNonQuery()
                End Using
            End Using
        End Sub

        Public Shared Function [b]ReadTable[/b](ByVal pathFile As String, ByVal Sql As String) As DataTable
            Dim constring As String = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=" + pathFile
            Dim dtb As New DataTable
            Using cnn As New OleDbConnection(constring)
                cnn.Open()
                Using dad As New OleDbDataAdapter(Sql, cnn)
                    dad.Fill(dtb)
                End Using
                cnn.Close()
            End Using
            Return dtb
        End Function
    End Class
End Namespace

Open in new window

Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Senior Developer
Commented:
Well, when doing it your self, then don't use Environment. This information can be spoofed. Use Win32 API to get the user name.

The actual speed depends on your implementation.
You need to load the relevant information form your user database once.

How do you apply the user role information in your application?

Author

Commented:
I'm loading the information with below code with ReadTable()

Option Explicit On
Option Strict On

Imports System
Imports System.Collections.Generic
Imports System.Data
Imports System.Data.OleDb
Imports System.IO
Imports System.Linq
Imports System.Runtime.InteropServices
Imports System.Text
Imports System.Threading.Tasks

Namespace Utility
    Public Class AccessUtility
        Public Shared Sub ExecuteQuery(ByVal pathFile As String, ByVal Sql As String)
            Dim constring As String = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=" + pathFile
            Using myconnection As New OleDbConnection(constring)
                myconnection.Open()
                Using cmd As New OleDbCommand(Sql, myconnection)
                    cmd.ExecuteNonQuery()
                End Using
            End Using
        End Sub

        Public Shared Function ReadTable(ByVal pathFile As String, ByVal Sql As String) As DataTable
            Dim constring As String = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=" + pathFile
            Dim dtb As New DataTable
            Using cnn As New OleDbConnection(constring)
                cnn.Open()
                Using dad As New OleDbDataAdapter(Sql, cnn)
                    dad.Fill(dtb)
                End Using
                cnn.Close()
            End Using
            Return dtb
        End Function
    End Class
End Namespace

Open in new window

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial