Security :: Controlling CRUD Of Data Per User , User_group?
Sep 3, 2010
If I want limit certain users or user_groups to - create a packing list (which consist of number of items and quantity)and then the creator of the packing list can select users / user_groiups to have right to- read a packing list- update a packing list - delete packing listsCan this be done by a custom made RoleProvider ? How best to implement the authorization ?
I have an asp.net 3.5 web application for which the client has requested that the security model allows (a licensing model) restricting the number of simultaneous users logged onto the website. I am not sure how this is achievable - I'm currently controlling membership via the AspNetSqlMembershipProvider.
In my website project, i have not used any controls like login, createuser, forget pass etc. However, i can login, create user, recover password, change security question etc, using only code-behind programming. mean without using any inbuilt security controls as discussed above, i am fully secured but on some points i need little help.I have stored all users credentials in columns named username, password, securityques, security ans, libraryadmin (this is checkbox field), contentadmin (this is checkbox field) etc.I am wishing, when I check in database in fields libraryadmin or contentadmin for any user, he can access to that zone too. Still I am using this feature as given below:
Look at the codes above, in "libraryadmin" directory/zone only username "abhimanyu" is authorized and the same in "contentadmin" directory/zone only "abhimanyu" is authorized.But I am wishing to control such authorization from database where I have stored the credentials. I mean by checking in checkbox field named libraryadmin (this is boolean field) in database that user automatically be authorized, no need to type always in configuration file. you have any idea about, or tell me some articles on it. I know how to manage it from asp.net default authorization and authentication. I just need it manually as I have considered above
I only need one textbox inside gridview and other operational buttons like add , edit , delete in gridview. I just need that these buttons can save the data in datatable like we do :
DataTable dt = new Datatable();
I don't want to save it in database at this stage. CRUD Operations using datatable inside gridview is my aim.
the best practice for a designing a simple CRUD application with some screens updating various tables (like admin pages to maintain static data for an application). the simplest way would be to drag a data grid/gridview, bind it to a dataset and use a data adapter for CRUD operations. but if this application needs to be scalable, lets say to add any extra UI/business logic in future, then is there any design pattern that can with this? should I be using an object data source control and bind it to business objects instead? or are there any better ways of doing it? should I build a complete layered application or will that be overengineering for this requirement?
I have seen a sample from the Author of this Blog URL....this works fine but how to apply CRUDE operations & Is it possible to set CommandName/ Command Argument using JQuery in asp.net using C#?
I need a bit of help with a scenario. I am working on a web application that requires huge amounts of data to be Added, Deleted, and Updated. The data entry forms are divided into logical groups through Multiviews. All the information is saved when the mighty Finish button is pressed. The current setup (previous developer) does not allow me to use transactions. Therefore, if I am to save a new Courier to the database, I need to add his/her Distance and Rate info. In addition, I need to add his/her Banned Areas info (Area Name, Post Code).This is where it gets interesting. Obviously, the DistamceAndRate table and the BannedArea table in my SQL Server will have the CourierID as a foreign key. Since I'm going to save the Courier as well as the Rates and Areas info in one go, I cannot have the newly created CourierID before. Therefore, I cannot bind my Grids for Distance + Rates and Banned Areas directly to database.What I am doing is creating two DataTables and managing them in Viewstate through properties as follow:
[Code]....
So, on page load, the DataTables are initialized with a blank schema. Here are the attempted CRUD implementations (Distance and Rate only):
[Code]....
I am having issues when I am canceling a new entry and when I am editing a new entry. In addition, for Distance and Rates, Rate is acting as unique (cannot be repeated) and attempting to control that is also giving me a headache. I end up creating blank rows.And here's the ASPX cut-out:
[Code]....
Hope to get an answer soon.Also, off-topic, I'm using LINQ here. In order to save a Courier and his/her extra details, I first save his/her address to DB. Then I take the ID of the address and save the courier. now the courier ID is avaliable and i start filling extra tables related with the courier table. If something goes wrong, I have to manually delete created rows. LINQ uses transaction internally but only until a SubmitChanges() call. I'm forced to save each entity so I keep calling SubmitChanges().I tried manual transaction but after saving the address inside a transaction, the Address.OID (Address table's mapped prime-key) had a 0. attempting to use this newly added address while saving Courier in the same transaction threw an exception. If there is a way to get the primary key for entities created in a transaction that is yet to be commited, please mention that'll as well.
I'm trying to figure out how can I control my linkbutton which nests inside my DataItem in the ItemTemplate.What I wish to do is to check something in the server side and according to that, decide whether I wish to alter its visibility to "true" or to keep it hidden. I think that the method which is going to solve it is the ItemCreated, although, I don't happen to know how to control that specific item of mine.
I have a GridView bound to a SqlDataSource. If the text in a particular column is very long then the Grid view becomes very wide, well off the page. How do I constrain it, if necessary truncating the text displayed? I cannot find the relevant setting in the properties section.
i am working in asp.net and csharp, we have 10 user, but certain user only need to put dataentry. how to enable and disable based on the user to access certain form ,like add, modify view options.
To prevent it, i tried implementing following javascript code by user Sun Rays:
<script type="text/javascript"> window.onload = function () { var strCook = document.cookie; if (strCook.indexOf("!~") != 0) { var intS = strCook.indexOf("!~"); var intE = strCook.indexOf("~!"); var strPos = strCook.substring(intS + 2, intE); document.getElementById("divGvIncidentDetail").scrollTop = strPos; } } function SetDivPosition() { var intY = document.getElementById("divGvIncidentDetail").scrollTop; document.title = intY; document.cookie = "yPos=!~" + intY + "~!"; } </script>
I get the following error when i run the code: Microsoft JScript runtime error: 'document.getElementById(...)' is null or not an object Am i missing something? or is there any other better solution to maintain the scroll position
<%@ Page Title="" Language="VB" MasterPageFile="secureds_deals.master" %> <%@ Register Assembly="AjaxControlToolkit" Namespace="AjaxControlToolkit" TagPrefix="cc1" %> <script runat="server"> Protected DealId As Integer = 0 Protected DealName As String Protected StartDate As Date Protected ContractDate As Date Protected ClosingDate As Date Protected SubmitRole As String Protected Status As String.......
I have a simple add form on the page and below it is its gridview with edit and delete buttons. Everything works fine, but when i click on edit on a particular row/record, it changes to edit row but i want the record to be edited in the original add form (which is above the gridview).
I am able to edit a record on the gridview but i want it to be edited in the add form. Is there any particular way to do this? I came across formview concept but not sure if i am able to do that with it.
I want to build a reusable control which will enable e to perform add/edit/delete operations easily. All I want to do is give the control a datasource and it will handle the rest.
What controls should I use? I want it to be as user friendly as possible.
is there a way of specifying a template to be used when VS generates the HTML, when we:
1. Right click, Add New View
2. Select Create a Strong Type View & Select Model class.
2. Select Edit, Create, List, Details etc...
E.g.
When we create a Details view, each field and corresponding data from the Model is wrapped in <p> tags, I always have to manually edit this html after it has been generated.
It would be nice to specify a template or define the tags we want to wrap this data.
i have following entities as you see BudgetPost has a composite primary key which is a foreign keys to entities Category and Budget. My question is what is the best way to make CRUD? Is there any way to mapp the foreign keys? The simple insert should look like this:
i have a database with many tables. I want to implement add/update/delete functionality on each of them Is there any tool available which will build the webpages for each table with add/update/delete functionality.
I'm developing an asp.net web applcition that works with sql server. i'm using Entity model as DAL.I user repository pattern for my business layer, now, i'm going to design UI.this is my business layer code:
[Code]....
I have some questions: becase all of entites need to have CRUD operations, so i want to have a master page with Insert, Edit, Deleter Button and a place holder for entity form, so for each entity i create a form with this master and create textboxes and label in asp:content tag.for this to be done i konw master must have a Interface to do operations. so i wanted to define ISchoolSystemRepository<??> as a property in master page, but i must pass it T which will determined in runtime. so
I am looking for an accepted pattern for using MVC 2 and EF. Especially I am interested on how to implement updates. Where should the ObjectContext be created, where should the queries be, how to pass a model object from the controller and have it persisted with minimum robust code. I also want to be able to use transactions when updating multiple objects.
I used Linq in an asp.net application (code behind model). With EF I was hearing it was much more n-tier friendly, but I don't find it any different, rather than people talking about POCO which to me, all it means is satisfying the desire of those that want to have control of every piece of code being created.