Skip to main content
BuyLog In
XAF: Cross-Platform .NET App UI & Web API
Search in…
Docs > Application Security and Data Safety > Security (Access Control & Authentication) > ORM Object Model, Policy Configuration and Storage > Implement Custom User, Role and Permission Objects > Assign an Image to a User
All docs
V23.2
.NET 6.0+
XAF: Cross-Platform .NET App UI & Web API
Getting Started
Installation, Upgrade, Version History
Backend Web API Service
UI Shell and Base Infrastructure
Storage, ORM, and Business Model Design
Data Manipulation and Business Logic
User Interface and Behavior Customization
Data Filtering
Application Security and Data Safety
Security (Access Control & Authentication)
Security Tiers
User Logon and Authentication
ORM Object Model, Policy Configuration and Storage
Type, Object and Member Permissions
Create Predefined Users, Roles and Permissions in the Database
Change the Current User Role in Code
Roles and Permission Policy
Implement Custom User, Role and Permission Objects
Implement a Custom Security System User Based on an Existing Business Class
Implement Custom Security Objects (Users, Roles, Operation Permissions)
Add a Security Operation that Can be Permitted or Denied for a Specific Type
Assign an Image to a User
Authorization and Data Protection
Non-XAF UI Scenarios
Security Considerations
Audit Trail (History of Data Changes)
Multi-Tenancy (Data per Tenant)
Validation (Prevent Data Errors)
Conditional Appearance (Manage State of UI Elements)
Reporting (Shape, Export & Print Data)
Analytics (Extract Data Insights)
Document Management
Business Process Management
Event Planning
Localization
Accessibility Support
Debugging, Testing and Error Handling
Deployment
Support, QA & Troubleshooting
API Reference
Download CHM

Assign an Image to a User

  • 3 minutes to read

This topic describes how to assign an avatar or icon to an application user. ASP.NET Core Blazor and ASP.NET Web Forms applications display this image in the top right corner of an application page.

ASP.NET Core Blazor

Current user image in a Blazor application

ASP.NET Web Forms

CurrentUserImage

Apply the CurrentUserDisplayImage Attribute

Platforms: ASP.NET Core Blazor and ASP.NET Web Forms with the New Web UI.

You can pass the name of a property that stores a user image to the CurrentUserDisplayImage attribute to display this image in the application toolbar.

Follow the steps below to extend a user class with a property that stores a user image:

  1. In a user business class, declare a property of the MediaDataObject (XPO/EF Core), Image, or byte[] type.

  2. Apply CurrentUserDisplayImageAttribute to the user class and pass the new property name as its parameter.

    XPO

    using DevExpress.Persistent.Base;
using DevExpress.Persistent.BaseImpl;
// ...
[CurrentUserDisplayImage(nameof(Photo))]
public class MyAppUser : PermissionPolicyUser, IObjectSpaceLink, ISecurityUserWithLoginInfo {
    // ...
    private MediaDataObject photo;
    public MediaDataObject Photo {
        get { return photo; }
        set { SetPropertyValue(nameof(Photo), ref photo, value); }
    }
}

    EF Core

    using DevExpress.Persistent.Base;
using DevExpress.Persistent.BaseImpl;
// ...
[CurrentUserDisplayImage(nameof(Photo))]
public class MyAppUser : PermissionPolicyUser, IObjectSpaceLink, ISecurityUserWithLoginInfo {
    // ...
    private MediaDataObject photo;
    public virtual MediaDataObject Photo {
        get { return photo; }
        set { SetReferencePropertyValue(ref photo, value); }
    }
}

  3. In ASP.NET Web Forms applications, invoke the Model Editor, navigate to the Application node, and set the CurrentUserDisplayMode property to CaptionAndImage or Image.

    The CurrentUserDisplayMode property in the Model Editor

Add the XafClaimTypes.UserImageUrl Claim

Platform: ASP.NET Core Blazor.

In ASP.NET Core Blazor applications with OAuth authentication, you can add a claim of the XafClaimTypes.UserImageUrl type to read a user image on sign in. The following example configures the Google authentication provider and creates the XafClaimTypes.UserImageUrl claim from the picture key in Google user data:

File: MySolution.Blazor.Server\Startup.cs.

using DevExpress.ExpressApp.Security;
using Microsoft.AspNetCore.Authentication.OAuth;
using Microsoft.AspNetCore.Authentication;
using Microsoft.Extensions.DependencyInjection;
// ...
public class Startup {
    // ...
    public void ConfigureServices(IServiceCollection services) {
        // ...
        services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
        .AddCookie(options => options.LoginPath = "/LoginPage")
        .AddGoogle(options => {
            // ...
            options.ClaimActions.MapJsonKey(XafClaimTypes.UserImageUrl, "picture");
        });
    }
}

Register an IUserProfileInfoProviderAsync Service

Platform: ASP.NET Core Blazor.

You can register a service that implements the IUserProfileInfoProviderAsync interface to specify a custom user image and name. Follow the steps below to implement this technique in your application:

  1. In the Blazor application project, create a new class that implements the IUserProfileInfoProviderAsync interface:

    File: MySolution.Blazor.Server\Services\MyUserProfileInfoProviderAsync.cs.

    using DevExpress.ExpressApp.Blazor.Services;
using DevExpress.ExpressApp.Security;
using System;
using System.Threading.Tasks;
// ...
public class MyUserProfileInfoProviderAsync : IUserProfileInfoProviderAsync {
    private readonly IPrincipalProvider principalProvider;
    private readonly ISecurityStrategyBase securitySystem;
    public MyUserProfileInfoProviderAsync(IPrincipalProvider principalProvider, ISecurityStrategyBase securitySystem) {
        this.principalProvider = principalProvider;
        this.securitySystem = securitySystem;
    }

    public Task<string> GetUserImageUrlAsync(Func<Task<string>> defaultUrlAccessor) {
        //or: securitySystem.UserName == "Admin"
        if(principalProvider.User.Identity.Name == "Admin") {
            return Task.FromResult(@"https://github.com/DevExpress.png");
        }
        return defaultUrlAccessor();
    }

    public Task<string> GetUserNameAsync(Func<Task<string>> defaultNameAccessor) {
        //or: principalProvider.User.Identity.Name == "Admin"
        if(securitySystem.UserName == "Admin") {
            return Task.FromResult(@"Custom Admin Name");
        }
        return defaultNameAccessor();
    }
}

  2. Add this scoped service to your Blazor application service collection:

    File: MySolution.Blazor.Server\Startup.cs.

    public class Startup {
    // ...
    public void ConfigureServices(IServiceCollection services) {
        // ...
        services.AddScoped<IUserProfileInfoProviderAsync, MyUserProfileInfoProviderAsync>();
    }
}