Articles in this Series
- Introduction - A DynamicData Attribute Based Permission Solution using User Roles.
- Part 1 - Permissions Attribute (Metadata) Classes.
- Part 2 - Sample Metadata for project.
- Part 3 - The Helper Extension Methods.
- Part 4 - Limit Tables shown on Default page and List, Edit & Details etc.
- Part 5 - Generate Columns/Rows (using IAutoFieldGenerator)
- Part 6 - Miscellaneous bits
- Part 7 - Updating the ListDetails Page
- DynamicData - Limit the Filter Fields
- DynamicData - Automatic Column Update
Limit Tables Shown on Start Page
See sample metadata in Listing 1
[TablePermissions(TablePermissionsAttribute.Permissions.DenyRead, "Sales")] public partial class Order_Detail {} [TablePermissions(TablePermissionsAttribute.Permissions.DenyRead, "Sales")] public partial class Employee {} [TablePermissions(TablePermissionsAttribute.Permissions.DenyRead, "Sales")] public partial class Shipper {}
Listing 1
Now on the Default.aspx.cs a generic piece of code can be added that will remove any table with a DenyRead attribute for one of the current users roles.
System.Collections.IList visibleTables = MetaModel.Default.VisibleTables; // remove tables from the list if DenyRead String[] roles = Roles.GetRolesForUser(); foreach (var table in MetaModel.Default.Tables) { var permissions = ((MetaTable)table).GetTablePermissions(roles); if (permissions.Contains(TablePermissionsAttribute.Permissions.DenyRead)) visibleTables.Remove(table); }
The code in Listing 2 simply checks the permissions on each table for the current users Roles and if a DenyRead is encountered then the table is removed form the visibleTables collection.
Some Error Handling for Pages Reached with Tables that are DenyRead
In Listing 3 a list of permission for the current users roles are acquired from the GetTablePermissions helper extension method and if it contains a DenyRead then the page is redirected to the Default.aspx page with an error message in the URL.
// get user permissions var tablePermissions = table.GetTablePermissions(Roles.GetRolesForUser()); // if table is denied read throw error if (tablePermissions.Contains(TablePermissionsAttribute.Permissions.DenyRead)) { Response.Redirect("~/Default.aspx?error=No access to " + table.Name); }
Listing 3
3 comments:
In VS2008 SP1, .NET 3.5SP1:
var permissions = ((MetaTable)table).GetTablePermissions(roles);
if (permissions.Contains(TablePermissionsAttribute.Permissions.DenyRead))
(table).GetTablePermissions does not exist, and permissions.Contains does not exist
Am I missing something?
If you look at an earlier post you will see these extensionm methods defined:
Part 3 - The Helper Extension Methods.
Hope this helps [:D]
Steve
AWSOME!!!!
Post a Comment