Monday, 26 May 2008

DynamicData - Limit Tables shown on Default page and List, Edit & Details etc - Part 4

Articles in this Series

 

Limit Tables Shown on Start Page

See sample metadata in Listing 1

[TablePermissions(TablePermissionsAttribute.Permissions.DenyRead, "Sales")]
public partial class Order_Detail {}

[TablePermissions(TablePermissionsAttribute.Permissions.DenyRead, "Sales")]
public partial class Employee {}

[TablePermissions(TablePermissionsAttribute.Permissions.DenyRead, "Sales")]
public partial class Shipper {}

Listing 1

Now on the Default.aspx.cs a generic piece of code can be added that will remove any table with a DenyRead attribute for one of the current users roles.

System.Collections.IList visibleTables = MetaModel.Default.VisibleTables;



// remove tables from the list if DenyRead
String[] roles = Roles.GetRolesForUser();
foreach (var table in MetaModel.Default.Tables)
{
    var permissions = ((MetaTable)table).GetTablePermissions(roles);
    if (permissions.Contains(TablePermissionsAttribute.Permissions.DenyRead))
        visibleTables.Remove(table);
}

Listing 2

The code in Listing 2 simply checks the permissions on each table for the current users Roles and if a DenyRead is encountered then the table is removed form the visibleTables collection.

Some Error Handling for Pages Reached with Tables that are DenyRead

In Listing 3 a list of permission for the current users roles are acquired from the GetTablePermissions helper extension method and if it contains a DenyRead then the page is redirected to the Default.aspx page with an error message in the URL.

// get user permissions
var tablePermissions = table.GetTablePermissions(Roles.GetRolesForUser());

// if table is denied read throw error
if (tablePermissions.Contains(TablePermissionsAttribute.Permissions.DenyRead))
{
    Response.Redirect("~/Default.aspx?error=No access to " + table.Name);
}

Listing 3

3 comments:

Anonymous said...

In VS2008 SP1, .NET 3.5SP1:

var permissions = ((MetaTable)table).GetTablePermissions(roles);
if (permissions.Contains(TablePermissionsAttribute.Permissions.DenyRead))


(table).GetTablePermissions does not exist, and permissions.Contains does not exist

Am I missing something?

Stephen J. Naughton said...

If you look at an earlier post you will see these extensionm methods defined:
Part 3 - The Helper Extension Methods.

Hope this helps [:D]
Steve

Anonymous said...

AWSOME!!!!