The MVC Music Store is a tutorial application


Overview

The MVC Music Store is a tutorial application that introduces and explains step-by-step how to use ASP.NET MVC and Visual Web Developer for web development. We’ll be starting slowly, so beginner level web development experience is okay.
The application we’ll be building is a simple music store. There are three main parts to the application: shopping, checkout, and administration.
Visitors can browse Albums by Genre:
They can view a single album and add it to their cart:
They can review their cart, removing any items they no longer want:
Proceeding to Checkout will prompt them to login or register for a user account.
After creating an account, they can complete the order by filling out shipping and payment information. To keep things simple, we’re running an amazing promotion: everything’s free if they enter promotion code “FREE”!
After ordering, they see a simple confirmation screen:
In addition to customer-faceing pages, we’ll also build an administrator section that shows a list of albums from which Administrators can Create, Edit, and Delete albums:

1. File -> New Project

Installing the software

This tutorial will begin by creating a new ASP.NET MVC 3 project using the free Visual Web Developer 2010 Express (which is free), and then we’ll incrementally add features to create a complete functioning application. Along the way, we’ll cover database access, form posting scenarios, data validation, using master pages for consistent page layout, using AJAX for page updates and validation, user login, and more.
You can follow along step by step, or you can download the completed application fromhttp://mvcmusicstore.codeplex.com.
You can use either Visual Studio 2010 SP1 or Visual Web Developer 2010 Express SP1 (a free version of Visual Studio 2010) to build the application. We’ll be using the SQL Server Compact (also free) to host the database. Before you start, make sure you've installed the prerequisites listed below. You can install all of them using the following Web Platform Installer link: http://www.microsoft.com/web/handlers/webpi.ashx?command=getinstallerredirect&appid=VWD2010SP1Pack
Note: You can find this link on the big green button at this (easier to remember) link: http://asp.net/mvc
The Web Platform Installer will check what you’ve got installed and just download what you need.
If you want to individually install the prerequisites using the following links instead of using the above link, use the following links (written out in case you’re using a printed version of this tutorial):
Note: If you're using Visual Studio 2010 instead of Visual Web Developer 2010, install the prerequisites with this link instead:
Visual Studio Web Developer Express SP1 prerequisites http://www.microsoft.com/web/handlers/webpi.ashx?command=getinstallerredirect&appsxml=&appid=VS2010SP1Pack
I highly recommend you use the first Web Platform Installer link, as it will make sure you’ve got everything set up correctly.

Creating a new ASP.NET MVC 3 project

We’ll start by selecting “New Project” from the File menu in Visual Web Developer. This brings up the New Project dialog.
We’ll select the Visual C# -> Web Templates group on the left, then choose the “ASP.NET MVC 3 Web Application” template in the center column. Name your project MvcMusicStore and press the OK button.
This will display a secondary dialog which allows us to make some MVC specific settings for our project. Select the following:
Project Template - select Empty
View Engine - select Razor
Use HTML5 semantic markup - checked
Verify that your settings are as shown below, then press the OK button.
This will create our project. Let’s take a look at the folders that have been added to our application in the Solution Explorer on the right side.
The Empty MVC 3 template isn’t completely empty – it adds a basic folder structure:
ASP.NET MVC makes use of some basic naming conventions for folder names:
Folder
Purpose
/Controllers
Controllers respond to input from the browser, decide what to do with it, and return response to the user.
/Views
Views hold our UI templates
/Models
Models hold and manipulate data
/Content
This folder holds our images, CSS, and any other static content
/Scripts
This folder holds our JavaScript files
These folders are included even in an Empty ASP.NET MVC application because the ASP.NET MVC framework by default uses a “convention over configuration” approach and makes some default assumptions based on folder naming conventions. For instance, controllers look for views in the Views folder by default without you having to explicitly specify this in your code. Sticking with the default conventions reduces the amount of code you need to write, and can also make it easier for other developers to understand your project. We’ll explain these conventions more as we build our application.
With traditional web frameworks, incoming URLs are typically mapped to files on disk. For example: a request for a URL like "/Products.aspx" or "/Products.php" might be processed by a "Products.aspx" or "Products.php" file.
Web-based MVC frameworks map URLs to server code in a slightly different way. Instead of mapping incoming URLs to files, they instead map URLs to methods on classes. These classes are called "Controllers" and they are responsible for processing incoming HTTP requests, handling user input, retrieving and saving data, and determining the response to send back to the client (display HTML, download a file, redirect to a different URL, etc.).

Adding a HomeController

We’ll begin our MVC Music Store application by adding a Controller class that will handle URLs to the Home page of our site. We’ll follow the default naming conventions of ASP.NET MVC and call it HomeController.
Right-click the “Controllers” folder within the Solution Explorer and select “Add”, and then the “Controller…” command:
This will bring up the “Add Controller” dialog. Name the controller “HomeController” and press the Add button.
This will create a new file, HomeController.cs, with the following code:
using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Web;
 using System.Web.Mvc;
 
namespace MvcMusicStore.Controllers
{
    public class HomeController : Controller
    {
        //
        // GET: /Home/
        public ActionResult Index()
        {
            return View();
        }
    }
}
To start as simply as possible, let’s replace the Index method with a simple method that just returns a string. We’ll make two changes:
  • Change the method to return a string instead of an ActionResult
  • Change the return statement to return “Hello from Home”
The method should now look like this:
public string Index()
{
    return "Hello from Home";
}

Running the Application

Now let’s run the site. We can start our web-server and try out the site using any of the following::
  • Choose the Debug ⇨ Start Debugging menu item
  • Click the Green arrow button in the toolbar
  • Use the keyboard shortcut, F5.
Using any of the above steps will compile our project, and then cause the ASP.NET Development Server that is built-into Visual Web Developer to start. A notification will appear in the bottom corner of the screen to indicate that the ASP.NET Development Server has started up, and will show the port number that it is running under.
Visual Web Developer will then automatically open a browser window whose URL points to our web-server. This will allow us to quickly try out our web application:
Okay, that was pretty quick – we created a new website, added a three line function, and we’ve got text in a browser. Not rocket science, but it’s a start.
Note: Visual Web Developer includes the ASP.NET Development Server, which will run your website on a random free “port” number. In the screenshot above, the site is running at http://localhost:26641/, so it’s using port 26641. Your port number will be different. When we talk about URL’s like /Store/Browse in this tutorial, that will go after the port number. Assuming a port number of 26641, browsing to /Store/Browse will mean browsing to http://localhost:26641/Store/Browse.

Adding a StoreController

We added a simple HomeController that implements the Home Page of our site. Let’s now add another controller that we’ll use to implement the browsing functionality of our music store. Our store controller will support three scenarios:
  • A listing page of the music genres in our music store
  • A browse page that lists all of the music albums in a particular genre
  • A details page that shows information about a specific music album
We’ll start by adding a new StoreController class.. If you haven’t already, stop running the application either by closing the browser or selecting the Debug ⇨ Stop Debugging menu item.
Now add a new StoreController. Just like we did with HomeController, we’ll do this by right-clicking on the “Controllers” folder within the Solution Explorer and choosing the Add->Controller menu item
Our new StoreController already has an “Index” method. We’ll use this “Index” method to implement our listing page that lists all genres in our music store. We’ll also add two additional methods to implement the two other scenarios we want our StoreController to handle: Browse and Details.
These methods (Index, Browse and Details) within our Controller are called “Controller Actions”, and as you’ve already seen with the HomeController.Index()action method, their job is to respond to URL requests and (generally speaking) determine what content should be sent back to the browser or user that invoked the URL.
We’ll start our StoreController implementation by changing theIndex() method to return the string “Hello from Store.Index()” and we’ll add similar methods for Browse() and Details():
using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Web;
 using System.Web.Mvc;
 
namespace MvcMusicStore.Controllers
{
    public class StoreController : Controller
    {
        //
        // GET: /Store/
        public string Index()
        {
            return "Hello from Store.Index()";
        }
        //
        // GET: /Store/Browse
        public string Browse()
        {
            return "Hello from Store.Browse()";
        }
        //
        // GET: /Store/Details
        public string Details()
        {
            return "Hello from Store.Details()";
        }
    }
}
Run the project again and browse the following URLs:
  • /Store
  • /Store/Browse
  • /Store/Details
Accessing these URLs will invoke the action methods within our Controller and return string responses:
That’s great, but these are just constant strings. Let’s make them dynamic, so they take information from the URL and display it in the page output.
First we’ll change the Browse action method to retrieve a querystring value from the URL. We can do this by adding a “genre” parameter to our action method. When we do this ASP.NET MVC will automatically pass any querystring or form post parameters named “genre” to our action method when it is invoked.
//
// GET: /Store/Browse?genre=Disco
public string Browse(string genre)
 {
    string message = HttpUtility.HtmlEncode("Store.Browse, Genre = "
+ genre);
 
    return message;
 }
Note: We’re using the HttpUtility.HtmlEncode utility method to sanitize the user input. This prevents users from injecting Javascript into our View with a link like /Store/Browse?Genre=.
Now let’s browse to /Store/Browse?Genre=Disco
Let’s next change the Details action to read and display an input parameter named ID. Unlike our previous method, we won’t be embedding the ID value as a querystring parameter. Instead we’ll embed it directly within the URL itself. For example: /Store/Details/5.
ASP.NET MVC lets us easily do this without having to configure anything. ASP.NET MVC’s default routing convention is to treat the segment of a URL after the action method name as a parameter named “ID”. If your action method has a parameter named ID then ASP.NET MVC will automatically pass the URL segment to you as a parameter.
//
// GET: /Store/Details/5
public string Details(int id)
 {
    string message = "Store.Details, ID = " + id;
 
    return message;
 }
Run the application and browse to /Store/Details/5:
Let’s recap what we’ve done so far:
  • We’ve created a new ASP.NET MVC project in Visual Web Developer
  • We’ve discussed the basic folder structure of an ASP.NET MVC application
  • We’ve learned how to run our website using the ASP.NET Development Server
  • We’ve created two Controller classes: a HomeController and a StoreController
  • We’ve added Action Methods to our controllers which respond to URL requests and return text to the browser
So far we’ve just been returning strings from controller actions. That’s a nice way to get an idea of how controllers work, but it’s not how you’d want to build a real web application. We are going to want a better way to generate HTML back to browsers visiting our site – one where we can use template files to more easily customize the HTML content send back. That’s exactly what Views do.

Adding a View template

To use a view-template, we’ll change the HomeController Index method to return an ActionResult, and have it return View(), like below:
public class HomeController : Controller
{
    //
    // GET: /Home/
    public ActionResult Index()
    {
        return View();
    }
}
The above change indicates that instead of returned a string, we instead want to use a “View” to generate a result back.
We’ll now add an appropriate View template to our project. To do this we’ll position the text cursor within the Index action method, then right-click and select “Add View”. This will bring up the Add View dialog:
 
The “Add View” dialog allows us to quickly and easily generate View template files. By default the “Add View” dialog pre-populates the name of the View template to create so that it matches the action method that will use it. Because we used the “Add View” context menu within the Index() action method of our HomeController, the “Add View” dialog above has “Index” as the view name pre-populated by default. We don’t need to change any of the options on this dialog, so click the Add button.
When we click the Add button, Visual Web Developer will create a new Index.cshtml view template for us in the \Views\Home directory, creating the folder if doesn’t already exist.
The name and folder location of the “Index.cshtml” file is important, and follows the default ASP.NET MVC naming conventions. The directory name, \Views\Home, matches the controller - which is named HomeController. The view template name, Index, matches the controller action method which will be displaying the view.
ASP.NET MVC allows us to avoid having to explicitly specify the name or location of a view template when we use this naming convention to return a view. It will by default render the \Views\Home\Index.cshtml view template when we write code like below within our HomeController:
public class HomeController : Controller
{
    //
    // GET: /Home/
    public ActionResult Index()
    {
        return View();
    }
}
Visual Web Developer created and opened the “Index.cshtml” view template after we clicked the “Add” button within the “Add View” dialog. The contents of Index.cshtml are shown below.
@{
    ViewBag.Title = "Index";
}

Index</h2>
This view is using the Razor syntax, which is more concise than the Web Forms view engine used in ASP.NET Web Forms and previous versions of ASP.NET MVC. The Web Forms view engine is still available in ASP.NET MVC 3, but many developers find that the Razor view engine fits ASP.NET MVC development really well.
The first three lines set the page title using ViewBag.Title. We’ll look at how this works in more detail soon, but first let’s update the text heading text and view the page. Update the

tag to say “This is the Home Page” as shown below.

@{
    ViewBag.Title = "Index";
}

This is the Home Page</h2>
Running the application shows that our new text is visible on the home page.

Using a Layout for common site elements

Most websites have content which is shared between many pages: navigation, footers, logo images, stylesheet references, etc. The Razor view engine makes this easy to manage using a page called _Layout.cshtml which has automatically been created for us inside the /Views/Shared folder.
Double-click on this folder to view the contents, which are shown below.



     charset="utf-8" />
    </span><span class="pln" style="margin: 0px; padding: 0px; border: 0px; outline: 0px; vertical-align: baseline; background-color: transparent; color: rgb(0, 0, 0);">@ViewBag.Title</span><span class="tag" style="margin: 0px; padding: 0px; border: 0px; outline: 0px; vertical-align: baseline; background-color: transparent; color: rgb(163, 21, 21);">
     href="@Url.Content("~/Content/Site.css")"
rel="stylesheet" type="text/css" />
     
    
@RenderBody()
The content from our individual views will be displayed by the @RenderBody() command, and any common content that we want to appear outside of that can be added to the _Layout.cshtml markup. We’ll want our MVC Music Store to have a common header with links to our Home page and Store area on all pages in the site, so we’ll add that to the template directly above that @RenderBody() statement.



    </span><span class="pln" style="margin: 0px; padding: 0px; border: 0px; outline: 0px; vertical-align: baseline; background-color: transparent; color: rgb(0, 0, 0);">@ViewBag.Title</span><span class="tag" style="margin: 0px; padding: 0px; border: 0px; outline: 0px; vertical-align: baseline; background-color: transparent; color: rgb(163, 21, 21);">
     href="@Url.Content("~/Content/Site.css")"
rel="stylesheet" type="text/css" />
    

id="header">

ASP.NET MVC MUSIC STORE
@RenderBody()

Updating the StyleSheet

The empty project template includes a very streamlined CSS file which just includes styles used to display validation messages. Our designer has provided some additional CSS and images to define the look and feel for our site, so we’ll add those in now.
The updated CSS file and Images are included in the Content directory of MvcMusicStore-Assets.zip which is available at http://mvcmusicstore.codeplex.com. We’ll select both of them in Windows Explorer and drop them into our Solution’s Content folder in Visual Web Developer, as shown below:
You’ll be asked to confirm if you want to overwrite the existing Site.css file. Click Yes.
The Content folder of your application will now appear as follows:
Now let's run the application and see how our changes look on the Home page.
  • Let’s review what’s changed: The HomeController’s Index action method found and displayed the \Views\Home\Index.cshtmlView template, even though our code called “return View()”, because our View template followed the standard naming convention.
  • The Home Page is displaying a simple welcome message that is defined within the \Views\Home\Index.cshtml view template.
  • The Home Page is using our _Layout.cshtml template, and so the welcome message is contained within the standard site HTML layout.

Using a Model to pass information to our View

A View template that just displays hardcoded HTML isn’t going to make a very interesting web site. To create a dynamic web site, we’ll instead want to pass information from our controller actions to our view templates.
In the Model-View-Controller pattern, the term Model refers to objects which represent the data in the application. Often, model objects correspond to tables in your database, but they don’t have to.
Controller action methods which return an ActionResult can pass a model object to the view. This allows a Controller to cleanly package up all the information needed to generate a response, and then pass this information off to a View template to use to generate the appropriate HTML response. This is easiest to understand by seeing it in action, so let’s get started.
First we’ll create some Model classes to represent Genres and Albums within our store. Let’s start by creating a Genre class. Right-click the “Models” folder within your project, choose the “Add Class” option, and name the file “Genre.cs”.
Then add a public string Name property to the class that was created:
public class Genre
{
    public string Name { get; set; }
}
Note: In case you're wondering, the { get; set; } notation is making use of C#'s auto-implemented properties feature. This gives us the benefits of a property without requiring us to declare a backing field.
Next, follow the same steps to create an Album class (named Album.cs) that has a Title and a Genre property:
public class Album
{
    public string Title { get; set; }
    public Genre Genre { get; set; }
}
Now we can modify the StoreController to use Views which display dynamic information from our Model. If - for demonstration purposes right now - we named our Albums based on the request ID, we could display that information as in the view below.
We’ll start by changing the Store Details action so it shows the information for a single album. Add a “using” statement to the top of the StoreControllers class to include the MvcMusicStore.Models namespace, so we don’t need to type MvcMusicStore.Models.Album every time we want to use the album class. The “usings” section of that class should now appear as below.
using System;
 using System.Collections.Generic;
 using System.Linq;
 using System.Web;
 using System.Web.Mvc;
 using MvcMusicStore.Models;
 
Next, we’ll update the Details controller action so that it returns an ActionResult rather than a string, as we did with the HomeController’s Index method.
public ActionResult Details(int id)
Now we can modify the logic to return an Album object to the view. Later in this tutorial we will be retrieving the data from a database – but for right now we will use "dummy data" to get started.
public ActionResult Details(int id)
 {
    var album = new Album { Title = "Album " + id };
    return View(album);
 }
Note: If you’re unfamiliar with C#, you may assume that using var means that our album variable is late-bound. That’s not correct – the C# compiler is using type-inference based on what we’re assigning to the variable to determine that album is of type Album and compiling the local album variable as an Album type, so we get compile-time checking and Visual Studio code-editor support.
Let’s now create a View template that uses our Album to generate an HTML response. Before we do that we need to build the project so that the Add View dialog knows about our newly created Album class. You can build the project by selecting the Debug⇨Build MvcMusicStore menu item (for extra credit, you can use the Ctrl-Shift-B shortcut to build the project).
Now that we've set up our supporting classes, we're ready to build our View template. Right-click within the Details method and select “Add View…” from the context menu.
We are going to create a new View template like we did before with the HomeController. Because we are creating it from the StoreController it will by default be generated in a \Views\Store\Index.cshtml file.
Unlike before, we are going to check the “Create a strongly-typed” view checkbox. We are then going to select our “Album” class within the “View data-class” drop-downlist. This will cause the “Add View” dialog to create a View template that expects that an Album object will be passed to it to use.
When we click the “Add” button our \Views\Store\Details.cshtml View template will be created, containing the following code.
@model MvcMusicStore.Models.Album
@{
    ViewBag.Title = "Details";
}

Details</h2>
Notice the first line, which indicates that this view is strongly-typed to our Album class. The Razor view engine understands that it has been passed an Album object, so we can easily access model properties and even have the benefit of IntelliSense in the Visual Web Developer editor.
Update the

tag so it displays the Album’s Title property by modifying that line to appear as follows.

Album: @Model.Title
Notice that IntelliSense is triggered when you enter the period after the @Model keyword, showing the properties and methods that the Album class supports.

Let's now re-run our project and visit the /Store/Details/5 URL. We'll see details of an Album like below.
Now we’ll make a similar update for the Store Browse action method. Update the method so it returns an ActionResult, and modify the method logic so it creates a new Genre object and returns it to the View.
public ActionResult Browse(string genre)
 {
    var genreModel = new Genre { Name = genre };
    return View(genreModel);
 }
Right-click in the Browse method and select “Add View…” from the context menu, then add a View that is strongly-typed add a strongly typed to the Genre class.
Update the

element in the view code (in /Views/Store/Browse.cshtml) to display the Genre information.

@model MvcMusicStore.Models.Genre
@{
    ViewBag.Title = "Browse";
}

Browsing Genre: @Model.Name</h2>
Now let’s re-run our project and browse to the /Store/Browse?Genre=Disco URL. We’ll see the Browse page displayed like below.
Finally, let’s make a slightly more complex update to the Store Index action method and view to display a list of all the Genres in our store. We’ll do that by using a List of Genres as our model object, rather than just a single Genre.
public ActionResult Index()
{
    var genres = new List<Genre>
    {
        new Genre { Name = "Disco"},
        new Genre { Name = "Jazz"},
        new Genre { Name = "Rock"}
    };
    return View(genres);
 }
Right-click in the Store Index action method and select Add View as before, select Genre as the Model class, and press the Add button.
First we’ll change the @model declaration to indicate that the view will be expecting several Genre objects rather than just one. Change the first line of /Store/Index.cshtml to read as follows:
@model IEnumerable<MvcMusicStore.Models.Genre>
This tells the Razor view engine that it will be working with a model object that can hold several Genre objects. We’re using an IEnumerable rather than a List since it’s more generic, allowing us to change our model type later to any object type that supports the IEnumerable interface.
Next, we’ll loop through the Genre objects in the model as shown in the completed view code below.
@model IEnumerable<MvcMusicStore.Models.Genre>
@{
    ViewBag.Title = "Store";
}

Browse Genres</h3> Select from @Model.Count() genres:</p>
    @foreach (var genre in Model) {
  • @genre.Name</li> } </ul>
    Notice that we have full IntelliSense support as we enter this code, so that when we type “@Model.” we see all methods and properties supported by an IEnumerable of type Genre.
    Within our “foreach” loop, Visual Web Developer knows that each item is of type Genre, so we see IntelliSence for each the Genre type.
    Next, the scaffolding feature examined the Genre object and determined that each will have a Name property, so it loops through and writes them out. It also generates Edit, Details, and Delete links to each individual item. We’ll take advantage of that later in our store manager, but for now we’d like to have a simple list instead.
    When we run the application and browse to /Store, we see that both the count and list of Genres is displayed.

    Adding Links between pages

    Our /Store URL that lists Genres currently lists the Genre names simply as plain text. Let’s change this so that instead of plain text we instead have the Genre names link to the appropriate /Store/Browse URL, so that clicking on a music genre like “Disco” will navigate to the /Store/Browse?genre=Disco URL. We could update our \Views\Store\Index.cshtml View template to output these links using code like below (don’t type this in - we’re going to improve on it):
      @foreach (var genre in Model) {
    • href="/Store/Browse?genre=@genre.Name">@genre.Name
    • }
      That works, but it could lead to trouble later since it relies on a hardcoded string. For instance, if we wanted to rename the Controller, we’d need to search through our code looking for links that need to be updated.
      An alternative approach we can use is to take advantage of an HTML Helper method. ASP.NET MVC includes HTML Helper methods which are available from our View template code to perform a variety of common tasks just like this. The Html.ActionLink() helper method is a particularly useful one, and makes it easy to build HTML links and takes care of annoying details like making sure URL paths are properly URL encoded.
      Html.ActionLink() has several different overloads to allow specifying as much information as you need for your links. In the simplest case, you’ll supply just the link text and the Action method to go to when the hyperlink is clicked on the client. For example, we can link to “/Store/” Index() method on the Store Details page with the link text “Go to the Store Index” using the following call:
      @Html.ActionLink("Go
      to the Store Index", "Index")
      Note: In this case, we didn’t need to specify the controller name because we’re just linking to another action within the same controller that’s rendering the current view.
      Our links to the Browse page will need to pass a parameter, though, so we’ll use another overload of the Html.ActionLink method that takes three parameters:
      • 1. Link text, which will display the Genre name
      • 2. Controller action name (Browse)
      • 3. Route parameter values, specifying both the name (Genre) and the value (Genre name)
      Putting that all together, here’s how we’ll write those links to the Store Index view:
        @foreach (var genre in Model) {
      • @Html.ActionLink(genre.Name, "Browse", new { genre = genre.Name })
        }
        Now when we run our project again and access the /Store/ URL we will see a list of genres. Each genre is a hyperlink – when clicked it will take us to our /Store/Browse?genre=[genre] URL.
        The HTML for the genre list looks like this:
        • href="/Store/Browse?genre=Disco">Disco

        • href="/Store/Browse?genre=Jazz">Jazz
        • href="/Store/Browse?genre=Rock">Rock


        • So far, we’ve just been passing “dummy data” from our Controllers to our View templates. Now we’re ready to hook up a real database. In this tutorial we’ll be covering how to use SQL Server Compact Edition (often called SQL CE) as our database engine. SQL CE is a free, embedded, file based database that doesn’t require any installation or configuration, which makes it really convenient for local development.

          Database access with Entity Framework Code-First

          We’ll use the Entity Framework (EF) support that is included in ASP.NET MVC 3 projects to query and update the database. EF is a flexible object relational mapping (ORM) data API that enables developers to query and update data stored in a database in an object-oriented way.
          Entity Framework version 4 supports a development paradigm called code-first. Code-first allows you to create model object by writing simple classes (also known as POCO from "plain-old" CLR objects), and can even create the database on the fly from your classes.

          Changes to our Model Classes

          We will be leveraging the database creation feature in Entity Framework in this tutorial. Before we do that, though, let’s make a few minor changes to our model classes to add in some things we’ll be using later on.

          Adding the Artist Model Classes

          Our Albums will be associated with Artists, so we’ll add a simple model class to describe an Artist. Add a new class to the Models folder named Artist.cs using the code shown below.
          namespace MvcMusicStore.Models
          {
              public class Artist
              {
                  public int ArtistId { get; set; }
                  public string Name { get; set; }
              }
          }

          Updating our Model Classes

          Update the Album class as shown below.
          namespace MvcMusicStore.Models
          {
              public class Album
              {
                  public int      AlbumId     { get; set;
          }
                  public int      GenreId     { get; set; }
                  public int      ArtistId    { get; set; }
                  public string   Title       { get; set; }
                  public decimal  Price       { get; set; }
                  public string   AlbumArtUrl { get; set; }
                  public Genre    Genre       { get; set; }
                  public Artist   Artist      { get; set; }
              }
          }
          Next, make the following updates to the Genre class.
          using System.Collections.Generic;
           
          namespace MvcMusicStore.Models
          {
              public partial class Genre
              {
                  public int      GenreId     { get; set; }
                  public string   Name        { get; set; }
                  public string   Description { get; set; }
                  public List<Album> Albums   { get; set; }
              }
          }

          Adding the App_Data folder

          We’ll add an App_Data directory to our project to hold our SQL Server Express database files. App_Data is a special directory in ASP.NET which already has the correct security access permissions for database access. From the Project menu, select Add ASP.NET Folder, then App_Data.

          Creating a Connection String in the web.config file

          We will add a few lines to the website’s configuration file so that Entity Framework knows how to connect to our database. Double-click on the Web.config file located in the root of the project.
          Scroll to the bottom of this file and add a section directly above the last line, as shown below.
            
               name="MusicStoreEntities"
               connectionString="Data Source=|DataDirectory|MvcMusicStore.sdf"
               providerName="System.Data.SqlServerCe.4.0"/>
            

          Adding a Context Class

          Right-click the Models folder and add a new class named MusicStoreEntities.cs.
          This class will represent the Entity Framework database context, and will handle our create, read, update, and delete operations for us. The code for this class is shown below.
          using System.Data.Entity;
           
          namespace MvcMusicStore.Models
          {
              public class MusicStoreEntities : DbContext
              {
                  public DbSet<Album> Albums { get; set; }
                  public DbSet<Genre> Genres { get; set; }
              }
          }
          That’s it - there’s no other configuration, special interfaces, etc. By extending the DbContext base class, our MusicStoreEntities class is able to handle our database operations for us. Now that we’ve got that hooked up, let’s add a few more properties to our model classes to take advantage of some of the additional information in our database.

          Adding our store catalog data

          We will take advantage of a feature in Entity Framework which adds “seed” data to a newly created database. This will pre-populate our store catalog with a list of Genres, Artists, and Albums. The MvcMusicStore-Assets.zip download - which included our site design files used earlier in this tutorial - has a class file with this seed data, located in a folder named Code.
          Within the Code / Models folder, locate the SampleData.cs file and drop it into the Models folder in our project, as shown below.
          Now we need to add one line of code to tell Entity Framework about that SampleData class. Double-click on the Global.asax file in the root of the project to open it and add the following line to the top the Application_Start method.
          protected void Application_Start()
          {
              System.Data.Entity.Database.SetInitializer(
          		new MvcMusicStore.Models.SampleData());
              AreaRegistration.RegisterAllAreas();
              RegisterGlobalFilters(GlobalFilters.Filters);
              RegisterRoutes(RouteTable.Routes);
           }
          At this point, we’ve completed the work necessary to configure Entity Framework for our project.

          Querying the Database

          Now let’s update our StoreController so that instead of using “dummy data” it instead calls into our database to query all of its information. We’ll start by declaring a field on the StoreController to hold an instance of the MusicStoreEntities class, named storeDB:
          public class StoreController : Controller
          {
              MusicStoreEntities storeDB = new MusicStoreEntities();

          Updating the Store Index to query the database

          The MusicStoreEntities class is maintained by the Entity Framework and exposes a collection property for each table in our database. Let’s update our StoreController’s Index action to retrieve all Genres in our database. Previously we did this by hard-coding string data. Now we can instead just use the Entity Framework context Generes collection:
          public ActionResult Index()
          {
              var genres = storeDB.Genres.ToList();
              return View(genres);
           }
          No changes need to happen to our View template since we’re still returning the same StoreIndexViewModel we returned before - we’re just returning live data from our database now.
          When we run the project again and visit the “/Store” URL, we’ll now see a list of all Genres in our database:

          Updating Store Browse and Details to use live data

          With the /Store/Browse?genre=[some-genre] action method, we’re searching for a Genre by name. We only expect one result, since we shouldn’t ever have two entries for the same Genre name, and so we can use the .Single() extension in LINQ to query for the appropriate Genre object like this (don’t type this yet):
          var example = storeDB.Genres.Single(g => g.Name == Disco”);
          The Single method takes a Lambda expression as a parameter, which specifies that we want a single Genre object such that its name matches the value we’ve defined. In the case above, we are loading a single Genre object with a Name value matching Disco.
          We’ll take advantage of an Entity Framework feature that allows us to indicate other related entities we want loaded as well when the Genre object is retrieved. This feature is called Query Result Shaping, and enables us to reduce the number of times we need to access the database to retrieve all of the information we need. We want to pre-fetch the Albums for Genre we retrieve, so we’ll update our query to include from Genres.Include(“Albums”) to indicate that we want related albums as well. This is more efficient, since it will retrieve both our Genre and Album data in a single database request.
          With the explanations out of the way, here’s how our updated Browse controller action looks:
          public ActionResult Browse(string genre)
           {
              // Retrieve Genre and its Associated Albums from database
              var genreModel = storeDB.Genres.Include("Albums")
                  .Single(g => g.Name == genre);
           
              return View(genreModel);
           }
          We can now update the Store Browse View to display the albums which are available in each Genre. Open the view template (found in /Views/Store/Browse.cshtml) and add a bulleted list of Albums as shown below.
          @model MvcMusicStore.Models.Genre
          @{
              ViewBag.Title = "Browse";
          }
          

          Browsing Genre: @Model.Name</h2>
            @foreach (var album in Model.Albums) {
          • @album.Title </li> } </ul>
            Running our application and browsing to /Store/Browse?genre=Jazz shows that our results are now being pulled from the database, displaying all albums in our selected Genre.
            We’ll make the same change to our /Store/Details/[id] URL, and replace our dummy data with a database query which loads an Album whose ID matches the parameter value.
            public ActionResult Details(int id)
             {
                var album = storeDB.Albums.Find(id);
             
                return View(album);
             }
            Running our application and browsing to /Store/Details/1 shows that our results are now being pulled from the database.
            Now that our Store Details page is set up to display an album by the Album ID, let’s update the Browse view to link to the Details view. We will use Html.ActionLink, exactly as we did to link from Store Index to Store Browse at the end of the previous section. The complete source for the Browse view appears below.
            @model MvcMusicStore.Models.Genre
            @{
                ViewBag.Title = "Browse";
            }
            

            Browsing Genre: @Model.Name</h2>
              @foreach (var album in Model.Albums) {
            • @Html.ActionLink(album.Title, "Details", new { id = album.AlbumId }) </li> } </ul>
              We’re now able to browse from our Store page to a Genre page, which lists the available albums, and by clicking on an album we can view details for that album.
              In the past chapter, we were loading data from our database and displaying it. In this chapter, we’ll also enable editing the data.

              Creating the StoreManagerController

              We’ll begin by creating a new controller called StoreManagerController. For this controller, we will be taking advantage of the Scaffolding features available in the ASP.NET MVC 3 Tools Update. Set the options for the Add Controller dialog as shown below.
              When you click the Add button, you’ll see that the ASP.NET MVC 3 scaffolding mechanism does a good amount of work for you:
              • It creates the new StoreManagerController with a local Entity Framework variable
              • It adds a StoreManager folder to the project’s Views folder
              • It adds Create.cshtml, Delete.cshtml, Details.cshtml, Edit.cshtml, and Index.cshtml view, strongly typed to the Album class
              The new StoreManager controller class includes CRUD (create, read, update, delete) controller actions which know how to work with the Album model class and use our Entity Framework context for database access.

              Modifying a Scaffolded View

              It’s important to remember that, while this code was generated for us, it’s standard ASP.NET MVC code, just like we’ve been writing throughout this tutorial. It’s intended to save you the time you’d spend on writing boilerplate controller code and creating the strongly typed views manually, but this isn’t the kind of generated code you may have seen prefaced with dire warnings in comments about how you mustn’t change the code. This is your code, and you’re expected to change it.
              So, let’s start with a quick edit to the StoreManager Index view (/Views/StoreManager/Index.cshtml). This view will display a table which lists the Albums in our store with Edit / Details / Delete links, and includes the Album’s public properties. We’ll remove the AlbumArtUrl field, as it’s not very useful in this display. In
              section of the view code, remove the
              and elements surrounding AlbumArtUrl references, as indicated by the highlighted lines below:
              Genre
              Artist Title Price AlbumArtUrl @foreach (var item in Model) { @Html.DisplayFor(modelItem => item.Genre.Name) @Html.DisplayFor(modelItem => item.Artist.Name) @Html.DisplayFor(modelItem => item.Title) @Html.DisplayFor(modelItem => item.Price) @Html.DisplayFor(modelItem => item.AlbumArtUrl) @Html.ActionLink("Edit", "Edit", new { id=item.AlbumId }) | @Html.ActionLink("Details", "Details", new { id=item.AlbumId }) | @Html.ActionLink("Delete", "Delete", new { id=item.AlbumId }) }
              The modified view code will appear as follows:
              @model IEnumerable<MvcMusicStore.Models.Album>
              @{
                  ViewBag.Title = "Index";
              }
              

              Index</h2> @Html.ActionLink("Create New", "Create") </p>
              Genre </th> Artist </th> Title </th> Price </th> </th> </tr> @foreach (var item in Model) { @Html.DisplayFor(modelItem => item.Genre.Name) </td> @Html.DisplayFor(modelItem => item.Artist.Name) </td> @Html.DisplayFor(modelItem => item.Title) </td> @Html.DisplayFor(modelItem => item.Price) </td> @Html.ActionLink("Edit", "Edit", new { id=item.AlbumId }) | @Html.ActionLink("Details", "Details", new { id=item.AlbumId }) | @Html.ActionLink("Delete", "Delete", new { id=item.AlbumId }) </td> </tr> } </table>

              A first look at the Store Manager

              Now run the application and browse to /StoreManager/. This displays the Store Manager Index we just modified, showing a list of the albums in the store with links to Edit, Details, and Delete.
              Clicking the Edit link displays an edit form with fields for the Album, including dropdowns for Genre and Artist.
              Click the “Back to List” link at the bottom, then click on the Details link for an Album. This displays the detail information for an individual Album.
              Again, click the Back to List link, then click on a Delete link. This displays a confirmation dialog, showing the album details and asking if we’re sure we want to delete it.
              Clicking the Delete button at the bottom will delete the album and return you to the Index page, which shows the album deleted.
              We’re not done with the Store Manager, but we have working controller and view code for the CRUD operations to start from.

              Looking at the Store Manager Controller code

              The Store Manager Controller contains a good amount of code. Let’s go through this from top to bottom. The controller includes some standard namespaces for an MVC controller, as well as a reference to our Models namespace. The controller has a private instance of MusicStoreEntities, used by each of the controller actions for data access.
              using System;
               using System.Collections.Generic;
               using System.Data;
               using System.Data.Entity;
               using System.Linq;
               using System.Web;
               using System.Web.Mvc;
               using MvcMusicStore.Models;
               
              namespace MvcMusicStore.Controllers
              { 
                  public class StoreManagerController : Controller
                  {
                      private MusicStoreEntities db = new MusicStoreEntities();

              Store Manager Index and Details actions

              The index view retrieves a list of Albums, including each album’s referenced Genre and Artist information, as we previously saw when working on the Store Browse method. The Index view is following the references to the linked objects so that it can display each album’s Genre name and Artist name, so the controller is being efficient and querying for this information in the original request.
              //
              // GET: /StoreManager/
              public ViewResult Index()
              {
                var albums = db.Albums.Include(a => a.Genre).Include(a => a.Artist);
                return View(albums.ToList());
              }
              The StoreManager Controller’s Details controller action works exactly the same as the Store Controller Details action we wrote previously - it queries for the Album by ID using the Find() method, then returns it to the view.
                //
                // GET: /StoreManager/Details/5
                public ViewResult Details(int id)
                {
                  Album album = db.Albums.Find(id);
                  return View(album);
                }

              The Create Action Methods

              The Create action methods are a little different from ones we’ve seen so far, because they handle form input. When a user first visits /StoreManager/Create/ they will be shown an empty form. This HTML page will contain a
              element that contains dropdown and textbox input elements where they can enter the album’s details.
              After the user fills in the Album form values, they can press the “Save” button to submit these changes back to our application to save within the database. When the user presses the “save” button the
              will perform an HTTP-POST back to the /StoreManager/Create/ URL and submit the
              values as part of the HTTP-POST.
              ASP.NET MVC allows us to easily split up the logic of these two URL invocation scenarios by enabling us to implement two separate “Create” action methods within our StoreManagerController class – one to handle the initial HTTP-GET browse to the /StoreManager/Create/ URL, and the other to handle the HTTP-POST of the submitted changes.

              Passing information to a View using ViewBag

              We’ve used the ViewBag earlier in this tutorial, but haven’t talked much about it. The ViewBag allows us to pass information to the view without using a strongly typed model object. In this case, our Edit HTTP-GET controller action needs to pass both a list of Genres and Artists to the form to populate the dropdowns, and the simplest way to do that is to return them as ViewBag items.
              The ViewBag is a dynamic object, meaning that you can type ViewBag.Foo or ViewBag.YourNameHere without writing code to define those properties. In this case, the controller code uses ViewBag.GenreId and ViewBag.ArtistId so that the dropdown values submitted with the form will be GenreId and ArtistId, which are the Album properties they will be setting.
              These dropdown values are returned to the form using the SelectList object, which is built just for that purpose. This is done using code like this:
              ViewBag.GenreId = new SelectList(db.Genres, "GenreId",
              "Name");
              As you can see from the action method code, three parameters are being used to create this object:
              • The list of items the dropdown will be displaying. Note that this isn’t just a string - we’re passing a list of Genres.
              • The next parameter being passed to the SelectList is the Selected Value. This how the SelectList knows how to pre-select an item in the list. This will be easier to understand when we look at the Edit form, which is pretty similar.
              • The final parameter is the property to be displayed. In this case, this is indicating that the Genre.Name property is what will be shown to the user.
              With that in mind, then, the HTTP-GET Create action is pretty simple - two SelectLists are added to the ViewBag, and no model object is passed to the form (since it hasn’t been created yet).
              //
              // GET: /StoreManager/Create
              public ActionResult Create()
              {
                  ViewBag.GenreId = new SelectList(db.Genres, "GenreId",
              "Name");
                  ViewBag.ArtistId = new SelectList(db.Artists, "ArtistId",
              "Name");
                  return View();
              } 

              HTML Helpers to display the Drop Downs in the Create View

              Since we’ve talked about how the drop down values are passed to the view, let’s take a quick look at the view to see how those values are displayed. In the view code (/Views/StoreManager/Create.cshtml), you’ll see the following call is made to display the Genre drop down.
              @Html.DropDownList("GenreId",
              String.Empty) 
              This is known as an HTML Helper - a utility method which performs a common view task. HTML Helpers are very useful in keeping our view code concise and readable. The Html.DropDownList helper is provided by ASP.NET MVC, but as we’ll see later it’s possible to create our own helpers for view code we’ll reuse in our application.
              The Html.DropDownList call just needs to be told two things - where to get the list to display, and what value (if any) should be pre-selected. The first parameter, GenreId, tells the DropDownList to look for a value named GenreId in either the model or ViewBag. The second parameter is used to indicate the value to show as initially selected in the drop down list. Since this form is a Create form, there’s no value to be preselected and String.Empty is passed.

              Handling the Posted Form values

              As we discussed before, there are two action methods associated with each form. The first handles the HTTP-GET request and displays the form. The second handles the HTTP-POST request, which contains the submitted form values. Notice that controller action has an [HttpPost] attribute, which tells ASP.NET MVC that it should only respond to HTTP-POST requests.
              //
              // POST: /StoreManager/Create
              [HttpPost]
               public ActionResult Create(Album album)
               {
                  if (ModelState.IsValid)
                  {
                      db.Albums.Add(album);
                      db.SaveChanges();
                      return RedirectToAction("Index");  
                  }
                  ViewBag.GenreId = new SelectList(db.Genres, "GenreId",
              "Name", album.GenreId);
                  ViewBag.ArtistId = new SelectList(db.Artists, "ArtistId",
              "Name", album.ArtistId);
                  return View(album);
               }
              This action has four responsibilities:
              • 1. Read the form values
              • 2. Check if the form values pass any validation rules
              • 3. If the form submission is valid, save the data and display the updated list
              • 4. If the form submission is not valid, redisplay the form with validation errors

              Reading Form Values with Model Binding

              The controller action is processing a form submission that includes values for GenreId and ArtistId (from the drop down list) and textbox values for Title, Price, and AlbumArtUrl. While it’s possible to directly access form values, a better approach is to use the Model Binding capabilities built into ASP.NET MVC. When a controller action takes a model type as a parameter, ASP.NET MVC will attempt to populate an object of that type using form inputs (as well as route and querystring values). It does this by looking for values whose names match properties of the model object, e.g. when setting the new Album object’s GenreId value, it looks for an input with the name GenreId. When you create views using the standard methods in ASP.NET MVC, the forms will always be rendered using property names as input field names, so this the field names will just match up.

              Validating the Model

              The model is validated with a simple call to ModelState.IsValid. We haven’t added any validation rules to our Album class yet - we’ll do that in a bit - so right now this check doesn’t have much to do. What’s important is that this ModelStat.IsValid check will adapt to the validation rules we put on our model, so future changes to validation rules won’t require any updates to the controller action code.

              Saving the submitted values

              If the form submission passes validation, it’s time to save the values to the database. With Entity Framework, that just requires adding the model to the Albums collection and calling SaveChanges.
              db.Albums.Add(album);
               db.SaveChanges();
              Entity Framework generates the appropriate SQL commands to persist the value. After saving the data, we redirect back to the list of Albums so we can see our update. This is done by returning RedirectToAction with the name of the controller action we want displayed. In this case, that’s the Index method.

              Displaying invalid form submissions with Validation Errors

              In the case of invalid form input, the dropdown values are added to the ViewBag (as in the HTTP-GET case) and the bound model values are passed back to the view for display. Validation errors are automatically displayed using the @Html.ValidationMessageFor HTML Helper.

              Testing the Create Form

              To test this out, run the application and browse to /StoreManager/Create/ - this will show you the blank form which was returned by the StoreController Create HTTP-GET method.
              Fill in some values and click the Create button to submit the form.

              Handling Edits

              The Edit action pair (HTTP-GET and HTTP-POST) are very similar to the Create action methods we just looked at. Since the edit scenario involves working with an existing album, the Edit HTTP-GET method loads the Album based on the “id” parameter, passed in via the route. This code for retrieving an album by AlbumId is the same as we’ve previously looked at in the Details controller action. As with the Create / HTTP-GET method, the drop down values are returned via the ViewBag. This allows us to return an Album as our model object to the view (which is strongly typed to the Album class) while passing additional data (e.g. a list of Genres) via the ViewBag.
              //
              // GET: /StoreManager/Edit/5
              public ActionResult Edit(int id)
               {
                  Album album = db.Albums.Find(id);
                  ViewBag.GenreId = new SelectList(db.Genres, "GenreId",
              "Name", album.GenreId);
                  ViewBag.ArtistId = new SelectList(db.Artists, "ArtistId",
              "Name", album.ArtistId);
                  return View(album);
               }
              The Edit HTTP-POST action is very similar to the Create HTTP-POST action. The only difference is that instead of adding a new album to the db.Albums collection, we’re finding the current instance of the Album using db.Entry(album) and setting its state to Modified. This tells Entity Framework that we are modifying an existing album as opposed to creating a new one.
              //
              // POST: /StoreManager/Edit/5
              [HttpPost]
               public ActionResult Edit(Album album)
               {
                  if (ModelState.IsValid)
                  {
                      db.Entry(album).State = EntityState.Modified;
                      db.SaveChanges();
                      return RedirectToAction("Index");
                  }
                  ViewBag.GenreId = new SelectList(db.Genres, "GenreId",
              "Name", album.GenreId);
                  ViewBag.ArtistId = new SelectList(db.Artists, "ArtistId",
              "Name", album.ArtistId);
                  return View(album);
               }
              We can test this out by running the application and browsing to /StoreManger/, then clicking the Edit link for an album.
              This displays the Edit form shown by the Edit HTTP-GET method. Fill in some values and click the Save button.
              This posts the form, saves the values, and returns us to the Album list, showing that the values were updated.

              Handling Deletion

              Deletion follows the same pattern as Edit and Create, using one controller action to display the confirmation form, and another controller action to handle the form submission.
              The HTTP-GET Delete controller action is exactly the same as our previous Store Manager Details controller action.
              //
              // GET: /StoreManager/Delete/5
               
              public ActionResult Delete(int id)
               {
                  Album album = db.Albums.Find(id);
                  return View(album);
               }
              We display a form that’s strongly typed to an Album type, using the Delete view content template.
              The Delete template shows all the fields for the model, but we can simplify that down quite a bit. Change the view code in /Views/StoreManager/Delete.cshtml to the following.
              @model MvcMusicStore.Models.Album
              @{
                  ViewBag.Title = "Delete";
              }
              

              Delete Confirmation</h2> Are you sure you want to delete the album titled @Model.Title</strong>? </p> @using (Html.BeginForm()) { <input type="submit" value="Delete" /> </p> @Html.ActionLink("Back to List", "Index") </p> }
              This displays a simplified Delete confirmation.
              Clicking the Delete button causes the form to be posted back to the server, which executes the DeleteConfirmed action.
              //
              // POST: /StoreManager/Delete/5
              [HttpPost, ActionName("Delete")]
              public ActionResult DeleteConfirmed(int id)
               {            
                  Album album = db.Albums.Find(id);
                  db.Albums.Remove(album);
                  db.SaveChanges();
                  return RedirectToAction("Index");
              }
              Our HTTP-POST Delete Controller Action takes the following actions:
              • 1. Loads the Album by ID
              • 2. Deletes it the album and save changes
              • 3. Redirects to the Index, showing that the Album was removed from the list
              To test this, run the application and browse to /StoreManager. Select an album from the list and click the Delete link.
              This displays our Delete confirmation screen.
              Clicking the Delete button removes the album and returns us to the Store Manager Index page, which shows that the album has been deleted.

              Using a custom HTML Helper to truncate text

              We’ve got one potential issue with our Store Manager Index page. Our Album Title and Artist Name properties can both be long enough that they could throw off our table formatting. We’ll create a custom HTML Helper to allow us to easily truncate these and other properties in our Views.
              Razor’s @helper syntax has made it pretty easy to create your own helper functions for use in your views. Open the /Views/StoreManager/Index.cshtml view and add the following code directly after the @model line.
              @helper Truncate(string
              input, int length)
               {
                  if (input.Length <= length) {
                      @input
                  } else {
                      @input.Substring(0, length)<text>...</text>
                  }
              } 
              This helper method takes a string and a maximum length to allow. If the text supplied is shorter than the length specified, the helper outputs it as-is. If it is longer, then it truncates the text and renders “…” for the remainder.
              Now we can use our Truncate helper to ensure that both the Album Title and Artist Name properties are less than 25 characters. The complete view code using our new Truncate helper appears below.
              @model IEnumerable<MvcMusicStore.Models.Album>
              @helper Truncate(string input, int length)
               {
                  if (input.Length <= length) {
                      @input
                  } else {
                      @input.Substring(0, length)<text>...</text>
                  }
              }
              @{
                  ViewBag.Title = "Index";
              }
              

              Index</h2> @Html.ActionLink("Create New", "Create") </p>
              Genre </th> Artist </th> Title </th> Price </th> </th> </tr> @foreach (var item in Model) { @Html.DisplayFor(modelItem => item.Genre.Name) </td> @Truncate(item.Artist.Name, 25) </td> @Truncate(item.Title, 25) </td> @Html.DisplayFor(modelItem => item.Price) </td> @Html.ActionLink("Edit", "Edit", new { id=item.AlbumId }) | @Html.ActionLink("Details", "Details", new { id=item.AlbumId }) | @Html.ActionLink("Delete", "Delete", new { id=item.AlbumId }) </td> </tr> } </table>
              Now when we browse the /StoreManager/ URL, the albums and titles are kept below our maximum lengths.
              Our Store Manager controller is currently accessible to anyone visiting our site. Let's change this to restrict permission to site administrators.

              Adding the AccountController and Views

              One difference between the full ASP.NET MVC 3 Web Application template and the ASP.NET MVC 3 Empty Web Application template is that the empty template doesn't include an Account Controller. We'll add an Account Controller by copying a few files from a new ASP.NET MVC application created from the full ASP.NET MVC 3 Web Application template.
              Create a new ASP.NET MVC application using the full ASP.NET MVC 3 Web Application template and copy the following files into the same directories in our project:
              1. Copy AccountController.cs in the Controllers directory
              2. Copy AccountModels in the Models directory
              3. Create an Account directory inside the Views directory and copy all four views in
              Change the namespace for the Controller and Model classes so they begin with MvcMusicStore. The AccountController class should use the MvcMusicStore.Controllers namespace, and the AccountModels class should use the MvcMusicStore.Models namespace.
              Note: These files are also available in the MvcMusicStore-Assets.zip download from which we copied our site design files at the beginning of the tutorial. The Membership files are located in the Code directory.
              The updated solution should look like the following:

              Adding an Administrative User with the ASP.NET Configuration site

              Before we require Authorization in our website, we'll need to create a user with access. The easiest way to create a user is to use the built-in ASP.NET Configuration website.
              Launch the ASP.NET Configuration website by clicking following the icon in the Solution Explorer.
              This launches a configuration website. Click on the Security tab on the home screen, then click the "Enable roles" link in the center of the screen.
              Click the "Create or Manage roles" link.
              Enter "Administrator" as the role name and press the Add Role button.
              Click the Back button, then click on the Create user link on the left side.
              Fill in the user information fields on the left using the following information:
              Field
              Value
              User Name
              Administrator
              Password
              password123!
              Confirm Password
              password123!
              E-mail
              (any e-mail address will work)
              Security Question
              (whatever you like)
              Security Answer
              (whatever you like)
              Note: You can of course use any password you'd like. The above password is shown as an example, and is assumed in the support forums on CodePlex. The default password security settings require a password that is 7 characters long and contains one non-alphanumeric character.
              Select the Administrator role for this user, and click the Create User button.
              At this point, you should see a message indicating that the user was created successfully.
              You can now close the browser window.

              Role-based Authorization

              Now we can restrict access to the StoreManagerController using the [Authorize] attribute, specifying that the user must be in the Administrator role to access any controller action in the class.
              [Authorize(Roles = "Administrator")]
              public class StoreManagerController : Controller
              {
                  // Controller code here
              }
              Note: The [Authorize] attribute can be placed on specific action methods as well as at the Controller class level.
              Now browsing to /StoreManager brings up a Log On dialog:
              After logging on with our new Administrator account, we're able to go to the Album Edit screen as before.




              Comments

              Popular

              Create a well designed OOP project in Java(Using Netbeans)

              Object Oriented PHP for Beginners

              Class & Object in PHP