Last post Apr 10, 2013 12:12 PM by davidebb
Apr 04, 2013 12:33 AM|mr41971|LINK
I have implemented role based security in my DD Domain Service project using data annotations [RequiresAuthentication] and [RequiresRole("RoleName")] in the domain service files which works nicely.
I have a lookup table which I do not want listed in the list of tables when a user who is in the role Student is logged in. However I want to display the lookup value in a referencing view. How do I accomplish this?
For example: I have the role "Student" I have a table called StudentGrades(SG), which has a foreign key attribute SubjectID which gets its value from a lookup table called Subjects. I want to be able to display the name of the subject in the StudentGrades
table without listing the lookup table subjects in the list of tables when a user who is in the role Student is logged in. At present when I deny access the the Subjects table the name of the subject is not shown in the StudentGrades view.
I hope I was clear. Please help.
Apr 09, 2013 01:59 PM|davidebb|LINK
Try adding a '[ScaffoldTable(false)]' attribute on the entity of the class you don't want displayed. I think that will do that.
Apr 09, 2013 03:51 PM|mr41971|LINK
Hi David I tried that and the foreign key is not displayed.
Thank you for your suggestion.
Apr 09, 2013 07:11 PM|davidebb|LINK
I see. An alternative is to remove the GridView from Default.aspx, and instead explicitly list the tables you care about. e.g.
<asp:DynamicHyperLink runat="server" ContextTypeName="MyApp.Models.MyContext" TableName="Products">Products</asp:DynamicHyperLink>
<asp:DynamicHyperLink runat="server" ContextTypeName="MyApp.Models.MyContext" TableName="Categories">Categories</asp:DynamicHyperLink>
This way you have full control over what tables are listed, and also gain increased control over ordering, formatting, etc...
Apr 09, 2013 09:42 PM|mr41971|LINK
Thank you David. However there is one role responsible for entering new records how do I display the table for this role alone. I thank you again for all the help you are giving me. I pray that God blesses you an those you love.
Apr 10, 2013 12:12 PM|davidebb|LINK
You should be able to conditionally hide some of the links by setting the Visible property to false in code behind logic. To test if a user is in a role, you can just call Context.User.IsInRole("somerole").