Skip to main content
BuyLog In
XAF: Cross-Platform .NET App UI & Web API
Search in…
Docs > Application Security and Data Safety > Security (Access Control & Authentication) > ORM Object Model, Policy Configuration and Storage > Implement Custom User, Role and Permission Objects > Assign an Image to a User
All docs
V25.2
    • XAF: Cross-Platform .NET App UI & Web API
    Migration to .NET from .NET Framework in v25.2+
    Getting Started
    Installation, Upgrade, Version History
    Backend Web API Service
    UI Shell and Base Infrastructure
    Storage, ORM, and Business Model Design
    Data Manipulation and Business Logic
    User Interface and Behavior Customization
    Data Filtering
    Application Security and Data Safety
    Security (Access Control & Authentication)
    Security Tiers
    User Logon and Authentication
    ORM Object Model, Policy Configuration and Storage
    Type, Object and Member Permissions
    Create Predefined Users, Roles and Permissions in the Database
    Change the Current User Role in Code
    Roles and Permission Policy
    Implement Custom User, Role and Permission Objects
    Implement a Custom Security System User Based on an Existing Business Class
    Implement a Security System User (ApplicationUser) Based on XAF Business Classes
    Implement Custom Security Objects (Users, Roles, Operation Permissions)
    Add a Security Operation that Can be Permitted or Denied for a Specific Type
    Assign an Image to a User
    Authorization and Data Protection
    Non-XAF UI Scenarios
    Security Considerations
    Audit Trail (History of Data Changes)
    Multi-Tenancy (Data per Tenant)
    Validation (Prevent Data Errors)
    Conditional Appearance (Manage State of UI Elements)
    Reporting (Shape, Export & Print Data)
    Analytics (Extract Data Insights)
    Document Management
    Business Process Management
    Event Planning
    Localization
    Accessibility Support
    Debugging, Testing and Error Handling
    Deployment
    Support, QA & Troubleshooting
    API Reference
    Download CHM

    Assign an Image to a User

    • 3 minutes to read

    This topic describes how to assign an avatar or icon to an application user. ASP.NET Core Blazor applications display this image in the top right corner of an application page.

    XAF ASP.NET Core Blazor, Current User Image, DevExpress

    Apply the CurrentUserDisplayImage Attribute

    You can pass the name of a property that stores a user image to the CurrentUserDisplayImage attribute to display this image in the application toolbar.

    Follow the steps below to extend a user class with a property that stores a user image:

    1. In a user business class, declare a property of the MediaDataObject (XPO/EF Core), Image, or byte[] type.

    2. Apply CurrentUserDisplayImageAttribute to the user class and pass the new property name as its parameter.

      XPO

      using DevExpress.Persistent.Base;
using DevExpress.Persistent.BaseImpl;
// ...
[CurrentUserDisplayImage(nameof(Photo))]
public class MyAppUser : PermissionPolicyUser, IObjectSpaceLink, ISecurityUserWithLoginInfo {
    // ...
    private MediaDataObject photo;
    public MediaDataObject Photo {
        get { return photo; }
        set { SetPropertyValue(nameof(Photo), ref photo, value); }
    }
}

      EF Core

      using DevExpress.Persistent.Base;
using DevExpress.Persistent.BaseImpl;
// ...
[CurrentUserDisplayImage(nameof(Photo))]
public class MyAppUser : PermissionPolicyUser, IObjectSpaceLink, ISecurityUserWithLoginInfo {
    // ...
    private MediaDataObject photo;
    public virtual MediaDataObject Photo {
        get { return photo; }
        set { SetReferencePropertyValue(ref photo, value); }
    }
}

    Add the XafClaimTypes.UserImageUrl Claim

    In ASP.NET Core Blazor applications with OAuth authentication, you can add a claim of the XafClaimTypes.UserImageUrl type to read a user image on sign in. The following example configures the Google authentication provider and creates the XafClaimTypes.UserImageUrl claim from the picture key in Google user data:

    File: MySolution.Blazor.Server\Startup.cs.

    using DevExpress.ExpressApp.Security;
using Microsoft.AspNetCore.Authentication.OAuth;
using Microsoft.AspNetCore.Authentication;
using Microsoft.Extensions.DependencyInjection;
// ...
public class Startup {
    // ...
    public void ConfigureServices(IServiceCollection services) {
        // ...
        services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
        .AddCookie(options => options.LoginPath = "/LoginPage")
        .AddGoogle(options => {
            // ...
            options.ClaimActions.MapJsonKey(XafClaimTypes.UserImageUrl, "picture");
        });
    }
}

    Register an IUserProfileInfoProviderAsync Service

    You can register a service that implements the IUserProfileInfoProviderAsync interface to specify a custom user image and name. Follow the steps below to implement this technique in your application:

    1. In the ASP.NET Core Blazor application project, create a new class that implements the IUserProfileInfoProviderAsync interface:

      File: MySolution.Blazor.Server\Services\MyUserProfileInfoProviderAsync.cs.

      using DevExpress.ExpressApp.Blazor.Services;
using DevExpress.ExpressApp.Security;
using System;
using System.Threading.Tasks;
// ...
public class MyUserProfileInfoProviderAsync : IUserProfileInfoProviderAsync {
    private readonly IPrincipalProvider principalProvider;
    private readonly ISecurityStrategyBase securitySystem;
    public MyUserProfileInfoProviderAsync(IPrincipalProvider principalProvider, ISecurityStrategyBase securitySystem) {
        this.principalProvider = principalProvider;
        this.securitySystem = securitySystem;
    }

    public Task<string> GetUserImageUrlAsync(Func<Task<string>> defaultUrlAccessor) {
        //or: securitySystem.UserName == "Admin"
        if(principalProvider.User.Identity.Name == "Admin") {
            return Task.FromResult(@"https://github.com/DevExpress.png");
        }
        return defaultUrlAccessor();
    }

    public Task<string> GetUserNameAsync(Func<Task<string>> defaultNameAccessor) {
        //or: principalProvider.User.Identity.Name == "Admin"
        if(securitySystem.UserName == "Admin") {
            return Task.FromResult(@"Custom Admin Name");
        }
        return defaultNameAccessor();
    }
}

    2. Add this scoped service to your ASP.NET Core Blazor application service collection:

      File: MySolution.Blazor.Server\Startup.cs.

      public class Startup {
    // ...
    public void ConfigureServices(IServiceCollection services) {
        // ...
        services.AddScoped<IUserProfileInfoProviderAsync, MyUserProfileInfoProviderAsync>();
    }
}