In this post we will discuss about various method of SqlRoleProvider class like Createrole(), deleterole(), AddUsersToRoles() Method etc.
Also you can check out my previous posts on:
The Createrole() Method:
The CreateRole() method in the SqlRoleProvider class allows developers to add any role to the system.
The only parameter required for this method is a string value that is the name of the role.
For this example, instead of letting developers create any role they want, this provider limits the role creation to only the Administrator and Manager roles.
Allowing only the administrator or Manager role in the Createrole() method
You are going to need to import the System.Configuration.Provider namespace for
this code to work.
public override void CreateRole(string roleName)
if (roleName == “Administrator” || roleName == “Manager”)
ProviderException(“Role creation limited to only Administrator and Manager”);
In this method, you can see that a check is first done to determine whether the role being created is either Administrator or Manager. If the role being created is not one of these defi ned roles, a ProviderException is thrown informing the developer of which roles he or she is allowed to create.
If Administrator or Manager is one of the roles, then the base class ( SqlRoleProvider ) CreateRole() method is invoked.
The deleterole() Method:
If you allow developers using this provider to create only specifi c roles, you might not want them to delete any role after it is created. If this is the case, you want to override the DeleteRole() method of the SqlRoleProvider class.
public override bool DeleteRole(string roleName, bool throwOnPopulatedRole)
Looking at the DeleteRole() method, you can see that deleting any role is completely disallowed. Instead of raising the base class’s DeleteRole() and returning the following:
Return MyBase.DeleteRole(roleName, throwOnPopulatedRole) a False value is returned and no action is taken.
The AddUsersToRoles() Method:
Only one single method allows you to add any number of users to any number of roles. Multiple methods in the Roles class actually map to this method.
All these actually map to the AddUsersToRoles() method that is available in the RoleProvider base class.
Disallowing users to be added to a particular role.
public override void AddUsersToRoles(string usernames, string roleNames)
foreach (string roleItem in roleNames)
if (roleItem == “Administrator”)
throw new ProviderException(“You are not authorized to add any users” +
” to the Administrator role”);
This overridden method iterates through all the provided roles, and if one of the roles contained in the string array is the role Administrator, then a ProviderException instance is thrown informing the developer that he or she is not allowed to add any users to this particular role. Although it is not shown here, you can also take the same approach with the RemoveUsersFromRoles() method exposed from the RoleProvider base class.