1

Closed

Checking for a role using [Authorize(Roles="Administrator")] in controller causes exception

description

If you create a new user no roles are assigned.
 
If you later check for roles using something like [Authorize(Roles="Administrator")] then an exception will be thrown at CodeFirstRoleProvider.GetRolesForUser(ln 173 in .cs source)
 
Instead wouldn't it make more sense to return null (or empty string array, whatever framework expects) - as user clearly isn't in the role if there are no role assignments.
Closed Jan 12, 2012 at 4:50 PM by Se3ker
Resolved

comments