Friday, 30 May 2008

DynamicData - Updating the ListDetails Page - Part 7

Articles in this Series

Updating the ListDetails Page

Similarly to the List page Listing 1 show the class variables.

protected Boolean denyEdit = false;
protected Boolean denyDelete = false;
protected Boolean denyDetails = false;
protected Boolean denyInsert = false;

Listing 1

Next is the setting of the class variables based on the permissions set returned.

// Get permissions for current table
var tablePermissions = table.GetTablePermissions(Roles.GetRolesForUser());

// get status of links for column 0 from table permissions
if (tablePermissions.Contains(TablePermissionsAttribute.Permissions.DenyEdit))
    denyEdit = true;
if (tablePermissions.Contains(TablePermissionsAttribute.Permissions.DenyDelete))
    denyDelete = true;
if (tablePermissions.Contains(TablePermissionsAttribute.Permissions.DenyDetails))
    denyDetails = true;
if (tablePermissions.Contains(TablePermissionsAttribute.Permissions.DenyInserts))
    denyInsert = true;

Listing 2

This is the error if user got to this by invalid URL for them (e.g. old link or a hack)

// if table is denied read throw error
if (tablePermissions.Contains(TablePermissionsAttribute.Permissions.DenyRead))
{
    Response.Redirect("~/Default.aspx?error=No access to " + table.Name);
}

Listing 3

Here the links and DetailsPanel are set to display or hide, also if the DetailsPanel is hidden the don't bother to turn off the buttons.

// set visibility of Details
DetailsPanel.Visible = !denyDetails;
GridView1.AutoGenerateSelectButton = !denyDetails;
GridView1.AutoGenerateEditButton = !denyEdit;
GridView1.AutoGenerateDeleteButton = !denyDelete;

if (!denyDetails)
{
    DetailsView1.AutoGenerateInsertButton = !denyInsert;
    DetailsView1.AutoGenerateEditButton = !denyEdit;
    DetailsView1.AutoGenerateDeleteButton = !denyDelete;
}

Listing 4

I think that about wraps it up for this...

But may be not I think next I may override some of the controls then there will be less code to add per page.

NOTE: you will need to change the routing to see ListDetails pages instead of List, Details, Edit, Insert.

4 comments:

steve said...

thanks

--rj said...

Steve,

Do you plan to provide a downloadable example implementation from CodePlex or MSDN Code Gallery?

Also, what license will apply to your code?

I need to know this for a forthcoming Visual Studio Magazine article.

Thanks in advance,

Roger_Jennings[at]compuserve[dot]com
http://oakleafblog.blogspot.com

mlho said...

I can not update from the memory when metaattributes make a change to the database in the model attributes, for example, have the table "Users" which has write permissions only, and in the global.asax are loaded Attributes permissions in memory, but when you make a change to the table to say that the write-only attribute to read only happens now, does not update the changes, I have to close the asp.net development server and then re-start the program to reload the global.asax and recently there had made the changes mentioned above ...

greetings in advance

Steve said...

Hi Mlho, I'm not sure I follow you you may be better served by looking at my new Security sample which uses some new methods of filtering access, I will be augmenting this soon by doing a DD v1 version that does everything by routing.