I have an approve button.on clicking on this button it should show that an inactive value is present .Onclicking yes conformation it should save the data or else clicking on no conformation should return false; how i will do that?After alert it always submit the data.
string otherAffiliateName = txtRequestedAffiliate.Text; int inActiveAffiliates = new BLRating().InActiveAAffiliateChecking(otherAffiliateName); if (inActiveAffiliates > 0)
[code]...
This is the code i used.how i wiil stay back on Confirm 'no' click?
My ASP.NET app is using windows authentication. If I run the following code:
WindowsIdentity wi = (WindowsIdentity)User.Identity; foreach (IdentityReference r in wi.Groups) { ListBox1.Items.Add(r.Translate (typeof (NTAccount)).Value); } if (User.IsInRole ("Everyone")) Label1.Text = "Is in role";
The listbox will contain the name of every group the user belongs to. If I then call User.IsInRole, and pass in the name of any of those groups, I always get a false.
how can I find out if one of the user is the member of any role? For the logged user, I use User.IsInRole("Admin"), but how to find out if the nonlogged user is in the role?
My website has a "charts" menu item that lets you choose from about a dozen pages each with a different chart in them. Each one of these pages uses the same nested master page which has some drop-down lists and text boxes to let the visitor do some filtering of what data shows up in the charts (I do this by building SQL statement parts in the nested master page and triggering an event that the chart page reacts to).
Anyway, One of the DropDownList controls shows the names of everyone in the Company (I use MembershipProvider and RoleProvider). What I want to is have the DropDownList show a different collection depending on the role that the visitor is in; If the visitor is in the "Principal" role, I want them to see everyone. If they are not in that role, I want them to get only their own name.
I expect I'd have to do this in code-behind... But thought I'd check to see if anyone knows if it is possible to have an "IF" statement in the SQL DataSource for this control that can refer to the role that the current logged-in user belongs to
I am busy writing my own custom attribute for my action method called MyAuthorizeAttribute, I am still busy writing the code, here is my partial code:
[AttributeUsage(AttributeTargets.Method, AllowMultiple = false)] public class MyAuthorizeAttribute : AuthorizeAttribute { public new Role Roles; public override void OnAuthorization(AuthorizationContext filterContext) { base.OnAuthorization(filterContext); if (Roles != 0) // Did it this way to see what the value of Roles was return; // Here I am going to get a list of user roles // I'm doing my own database calls filterContext.Result = new HttpUnauthorizedResult(); } }
Here is my Role enum:
public enum Role { Administrator = 1, SuperAdministrator = 2 }
My action method:
[MyAuthorize(Roles = Role.Administrator|Role.SuperAdministrator)] public ActionResult Create() { return View(); }
The reason why I did not use Roles = "Administrator,SuperAdministrator" was because the roles are hard-coded. I don't want to have a 100 places to change if the role name changes.
Given my method, when it gets to if (Roles != 0) then Roles total value is 3, how would I check to see if these 2 roles is in the list of user roles for a specific user?
Am I doing it correct here? If not how would I otherwise implement this? It doesn't have to be the way that I did it in.
How to return count of true/ false in a column of a table. I have a table in sql containing 5 columns with bollean type. Now I have to return the number of trues and falses in each column and display on my frontend.
Am stuck with this sql stored procedure/asp.net vb.
I want to call the stored procedure and for it to return a true or false if successful ie username and password match.
My stored procedure works fine, and I can call it from my vb, however I stuck as to how I get it to return a result of true or false, 1 , 0. I just get a blank page.
I am trying to return true or false from popup window to the parent window. Actually the parent window has a button control, which on click popup another window. The popup window holds some emailing data and a button "send". This "send" button onclick send email. Now I want to return true if the email is successfully sent otherwise false, to the parent window. Depending on returning value a label present on parent window displays a text message. But I am not able to implement it. Because it might happen that the popup window is blocked by web-browsers popup blocker or popup window is accidentally closed by user. So how can I confirm to parent window whether or not the email is successfully sent?
What is the most straight forward way to use AuthorizeAttribute and JsonResult together so that when the user is not authorized the application returns a Json error rather than a log in page?The two things I am currently considering are extending AuthorizeAttribute or just making a new attribute that implements IAuthorizationFilter.
I have created a web services (WCF) and i have a webmethod that return a string that string is a HTTPCONTEXT.USER.IDENTITY.USER unfortunately it does not return any value.
I'm writing an MVC app that is a front-end for an existing system with it's own authentication process. I want to mimic the behavior of forms authentication with the [Authorize] attribute redirecting to a log-on page, but the logged in status is handled completely by API calls to the backend system. What do I need to do for ASP.NET MVC to recognize a user as "authenticated" if I'm not using the Forms authentication system?
I have a database where i want to log my user into and for this issue i want to customize the AuthorizeAttribute i am wrong ?? have some easier way to do it ??
public class CustomAuthorizeAttribute : AuthorizeAttribute { // the "new" must be used here because we are overriding // the Roles property on the underlying class public new Authorization.SiteRoles Roles; protected override bool AuthorizeCore(HttpContextBase httpContext) { if (httpContext == null) throw new ArgumentNullException("httpContext"); string[] users = Users.Split(','); if (!httpContext.User.Identity.IsAuthenticated) return false; int found = Convert.ToInt32(httpContext.Session["role"]); return Authorization.CheckRolesCompliance(Roles); } }
ERROR: 'CustomAuthorizeAttribute.AuthorizeCore(System.Web.HttpContextBase)': no suitable method found to override
I'm only a newcomer to ASP.NET MVC and am not sure how to achieve a certain task the "right way".
Essentially, I store the logged in userId in HttpContext.User.Identity and have written an EnhancedAuthorizeAttribute to perform some custom authorization.
In the overriden OnAuthorization method, my domain model hits the database to ensure the current user id can access the passed in routeValue "BatchCode". The prototype is:
It will return null if the user can't access the ReviewGroup and the OnAuthorization then denies access.
Now, I know the decorated action method will only get executed if OnAuthorization passes, but I don't want to hit the database a second time to get the ReviewGroup again.
I am thinking of storing the ReviewGroup in HttpContext.Items["reviewGroup"] and accessing this from the controller at the moment.
I'm using MVC 2 with futures, and I'm trying to hide/show content based on role. Is there a way with ActionFilterAttribute or AuthorizeAttribute if the authentication fails to not show a partial view on a controller all through attributes? Or is all I can do with those attributes is redirect or throw up an error message? I just need the child action to return nothing basically if it fails the authentication.
I found a way using ActionFilterAttribute, but it's kind of a hack because it still calls the ChildAction on the controller and then I'm setting the result to empty afterwards. I'm looking for it not to call the Action/ChildAction at all if the authentication fails. Is there a way to restrict that call?
public override void OnActionExecuted(ActionExecutedContext [code].....
It took me a little while to figure this out, but the AllowPaging="true" on the FormView seems to be the culprit. I don't have much experience paging from a FormView, but for this requirement the customers wants this kind of UI.I have a FormView with DefaultMode="Edit", which is bound to an EntityDataSource. One of the entity's properties, "ExternalID", determines whether some of the other properties in the entity are read-only. For example, if IsExternal==null, the FirstName, LastName, and Email fields should be rendered as TextBoxes. If IsExternal!=null, the 3 properties should be rendered in Label controls.
When I click the "delete" linkbutton, it can delete the all User info from my "UserDetail" table in my "JobPost.mdf", it also delete the corresponding "aspnet_Users" & "aspnet_Membership",but the "UserInRole" still contain that UserName. Even though I specified the Code:Membership.DeleteUser(UserName, true);
I thought true is for bool deleteallrelated data, but it doesn't really delete the userInRole. So next time the user registers with the same name, it automatically get the "admin" role right. This "deleteUser" page I keep it inside a protected "admin"folder. How to solve it? Why Membership.DeleteUser(UserName, true) doesn't delete UserInRole?
protected void GridView2_RowCommand(object sender, GridViewCommandEventArgs e) { if (e.CommandName == "Delete") { string UserName = e.CommandArgument.ToString(); Membership.DeleteUser(UserName, true); JobPostDataContext db = new JobPostDataContext(); var query = from u in db.UserDetails where u.UserName == UserName select u; foreach (var item in query) { db.UserDetails.DeleteOnSubmit(item); } db.SubmitChanges(); FormsAuthentication.SignOut(); } } My web.config inside the protected Admin folder: <configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0"> <system.web> <authorization> <allow roles="Administrators" /> <deny users="*" /> </authorization> </system.web> </configuration>
I have a page where, when the user has successfully logged in, I store some values in the session.
I then use these values to load an application list page. This page is automatically refreshed after 20.1 minutes, with the sessionstate timeout and forms timeout in web.config set to 20 minutes (with sliding expiration). This means, if the user does not use any page for more than 20 minutes, he is timed out.
My problem is that the User.Identity.IsAuthenticated sometimes returns true, when the session has expired.
I have a "UserDetail" table in my "JobPost.mdf". When I click the "delete" linkbutton, it can delete the all User info from my "UserDetail" table, it also delete the corresponding "aspnet_Users" & "aspnet_Membership",but the "UserInRole" still contain that UserName. Even though I specified the Code:Membership.DeleteUser(UserName, true);
I thought true is for bool deleteallrelated data, but it doesn't really delete the userInRole. So next time the user registers with the same name, it automatically get the "admin" role right. This "deleteUser" page I keep it inside a protected "admin"folder. How to solve it? Why Membership.DeleteUser(UserName, true) doesn't delete UserInRole?
protected void GridView2_RowCommand(object sender, GridViewCommandEventArgs e) { if (e.CommandName == "Delete") { string UserName = e.CommandArgument.ToString(); Membership.DeleteUser(UserName, true); JobPostDataContext db = new JobPostDataContext(); var query = from u in db.UserDetails where u.UserName == UserName select u; foreach (var item in query) { db.UserDetails.DeleteOnSubmit(item); } db.SubmitChanges(); FormsAuthentication.SignOut(); } } My web.config inside the protected Admin folder: <configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0"> <system.web> <authorization> <allow roles="Administrators" /> <deny users="*" /> </authorization> </system.web> </configuration>
I have a web form and I have a user control on it. This user control contains a panel with some user properties that are to be stored in a database. So far nothing fancy. The user control itself contains a panel and is working fine (all code to retrieve and store the values is working).
I used the default settings of creating a user control and one of them was AutoEventWireup=true. This works fine because I also have some dropdown boxes (and other fields) that need to be filled with values from the database and that happens in the Page_load event.
The panel specifies the 'DefaultButton' which calls a method when clicked to save the values after the user has changed them.
On this click the code of the method is called, I confirmed that, but I found out that the values of my controls on the user control (for example the Textbox control) are empty. As a non-ASP.NET developer I couldn't figure out why. So I changed some settings like AutoEventWireup to false.
Off course this resulted in my dropdown boxes no longer to be initially filled, but my surprise was big to find out my controls actually contained the values the user typed in.
Logically I need both the values and the dropdowns filled, but for now it seems one or the other.