I've just finished a series of post on  "A DynamicData Attribute Based Permission Solution using User Roles" see this thread for the inspiration.

Link to my post on A DynamicData Attribute Based Permission Solution using User Roles 

There is a download of the website at the end of the series all ready to go.

Thanks Steve, this is great!  I just wrote a short post pointing to it.

David

Thanks David, I've just got a few loose ends to tie up, they are there in the download but I just need to post them.

 There seems to be a problem with the download. It should be here, right? But the link is nort working.

Sorry about that I don't know what happend there but I've fixed it, it's here. Also there is the database based permissions DynamicData: Database Based Permissions - Part 5 which has all the downloads and links to the other articles in the series.

 Thks for that, I'll be implementing some kind of role based security in my project soon and I wanted to look at your example with more detail to decide how to do it.

One thing I noticed is the use of IAutoFieldGenerator to display/hide fields depending on the Permissions. Well, in my case I had to set the autoGenerateRows/Columns to false and manually add <asp:DynamicDataField> because I wanted to change the order in which fields appear and also don't show some of them in Insert or Edit mode (auto-filled values, for example).

The question is if there's some way I can do this whole "security using roles" thing in the way I have it set up (with rows/columns not generated automatically) and without doing it all manually, like: 

protected void GridView1_RowDataBound(object sender, GridViewRowEventArgs e)
        {
            if (e.Row.RowType == DataControlRowType.DataRow)
            {
                if (!Roles.IsUserInRole("Administrator"))
                {
                    LinkButton deleteLink = e.Row.FindControl("DeleteLinkButton") as LinkButton;
                    deleteLink.Visible = false;
                }
            }

        }

And how can I hide a DynamicDataField programatically based on roles?

Thks in advance.

Have you looked at the Dynamic Data Futures project. It has examples of how to declare column ordering (by using a custom field tempalte generator) as well as how to hide columns for insert scenarios.

marcind:

Have you looked at the Dynamic Data Futures project. It has examples of how to declare column ordering (by using a custom field tempalte generator) as well as how to hide columns for insert scenarios.

I did now, thanks for pointing me to it.

In short: using the AdvancedFieldGenerator and the ColumnOrderAttribute.

But what if I need different orderings for different types of pages? eheheheh (kidding)

Anyway, I'm now wondering if the advantage of having the columns autogenerated is significant enough to do it all over again (I already edited the custom pages and now I would have to delete that and add the ColumnOrderAttribute to all the columns...). And maybe the logic for disabling certain controls and hiding certain fields based on the role will make it all very confusing...