C# - How To Set User Control Visibility, Upon User Role
Mar 11, 2011
I want to implement access control for usercontrols depending on user role(s), I want to do it on the control base class, in such way that on every user control I only need to set a string with allowed roles to see the user control
This is how an user control class may look like:
public partial class SimpleMenu : MyUsrControlBase
{
protected void Page_Load(object sender, EventArgs e)[code]...
How to set up user control visibility from the base class depending on the validation result?Also which event in the user control is the best to set the roles?
I have a Menu control in MasterPage based on web.sitemap file. My website has roles enabled (AspNetWindowsTokenRoleProvider) and uses Windows authentication mode. So, user has to be in a specific Windows Group to be able to access the site. I need to allow some users to see all menu nodes and some restricted set of nodes. How do I do that?
I would like to be able to create, say following Windows groups:
I want to display a menu (which will be strongly typed with it's own unique model) across all pages only if a user is logged in.What menu items are available depend on the user's role and also I'll need to hit the repository to get numbers like "x Messages", etc
Been scratching my head for a simple solution here. Don't want to create something that need changes all over the place.All my controllers derive from a BaseController, all my Models from BaseViewModel....probably where I'll be implementing functionality for this.
I am in the process of creating a user control that enables content areas of our web application to be editable. The control utilizes the asp.net membership/role providers and incorporates a LoginView that only displays the edit link if a user has logged in and is a member of the desired role. What I would like to be able to do is pass the "role" as a property of the control so it can be set dynamically and does not have to be hard coded into the control if I use elsewhere in another application.
I'm trying to allow logged user who are in department XYZ to perform some task for my third party App. I have two SQL tables named Users & UserList. The third party app (GoldMine) graps the USERNAME from the Users table and store it as UserID which I then referecnce SessionID. The UserList table has two columns (GM_UserName & Department) which I'm interested in. When a user login into the 3rd party app (GoldMine), i then compare the USERNAME (from Users table) to GM_UserName (from UserList table) and see whether GM_UserName is in = 'Dept XYZ'. Take a look at the SQL query below.
sqlDept = "SELECT USERNAME FROM Users LEFT JOIN UserList ON UserList.GM_UserName=Users.UserName WHERE UserList.Department ='Dept XYZ'"
I'm able to do this.
If Session("Userid") = "TestUser1" Or Session("UserID") = "TestUser2" Then Do this Else Do that End If BUT unable to do this... If user's Department = 'Department XYZ' Then Do This Else Do that End IF
I have LOGIN PANEL for student, and I want to disable it in different page. And only the admin can enable and disable it. I dont know the logic behind here.
I have several pages or views in my application which are essentially the same for both authenticated users and anonymous users. I'd like to limit the insert/update/delete actions in formviews and gridviews to authenticated users only, and allow read access for both authed and anon users.
I'm using the asp.net configuration system for handling authentication and roles. This system limits access based on path so I've been creating duplicate pages for authed and anon paths.The solution that comes to mind immediately is to check roles in the appropriate event handlers, limiting what possible actions are displayed (insert/update/delete buttons) and also limiting what actions are performed (for users that may know how to perform an action in the absence of a button.) However, this solution doesn't eliminate duplication - I'd be duplicating security code on a series of pages rather than duplicating pages and limiting access based on path; the latter would be significantly less complicated.I could always build some controls that offered role-based configuration, but I don't think I have time for that kind of commitment right now.Is there a relatively easy way to do this (do such controls exist?) or should I just stick to path-based access and duplicate pages?
Does it even make sense to use two methods of authorization? There are still some pages which are strictly for either role so I'll be making use of path-based authorization anyway.Finally, would using something other than path-based authorization be contrary to typical asp.net design practices, at least in the context of using the asp.net configuration system?
I don't think I understand fully how ASP.NET does inheritance of controls.I have a user control, ucBase, which has an asp.net label in the ascx file. Code behind references the label and it works fine during run time if the control is not a parent for another user parent.
If I have another user control, ucChild, inheriting from ucBase, the label in ucBase's code is always null. ucChild has no controls in its ascx fileThe server controls (like the label) needs to be declared in the ascx file and not created programmatically.What needs to be done for ucBase to see its own controls when it's a parent user control?
I've got a web site that has a master page and that master page (mpMaster that has a user control ucControl1) which has a sub user control (ucControl2), this user control has a property which accepts a value. Now, I have a page that uses the master page and on this page I have another user control (ucPageControl), I need to find a way of setting the value in ucControl2 from ucPageControl. Is this possible at all?
I am trying to assign user control from another user control ..first time its binding control successfully but when we refresh the data its giving error
saying "Object reference is not set an instance".
how to refresh data from another user control ...
My senerio below :
1 Aspx page
2. User control
calling usercontrol databinding method from aspx page but once it get refreshed ,not allowed to bind it again..
Is there any way that I can find the exact name of the role a User is in? There is a property for UserName ( User.Identity.Name) but what about the role?
trying to get a login script working, its working fine, but now i have a new problem, i have a field im my DB thats called "urole" in that i have 3 roles, Admin, Co-Admin, User.
How can i use something like this on a page.
Code:
If Roles.IsUserInRole("Admin") Then Label1.Text = User.Identity.Name + " is an Admin" Else Label1.Text = User.Identity.Name + " is NOT in an Admin" End If
and then i have this on my default page, thats shows the info from an user, now i just want to show the role (urole) and then use an "If Roles.IsUserInRole" event so i can show some diffrent thing if admin, co-admin or User
Code: Imports System.IO Imports System.Web.Security Partial Class _Default Inherits System.Web.UI.Page
[code]....
(The aboved is working fine, but its not showing the urole/Role of an user)
I have a web user control that represents a simple message box. It is used to display simple messages like "Item has been deleted", or "The item was saved successfully".
On the other hand, I have another web user control that represents the item in the form of an editable form (I made this a user control because this is used in two different pages). I want to embed an instance of the message box user control inside the editable form. I am writing this right after the @Control directive:
[Code]....
Instead of using @Register directives, I register the user controls in web.config and so far this has worked just fine.
With the above markup, the project compiles, but whenever I try to navigate to a page that contains this construct, I get an HttpParseException exception. Furthermore, Visual Studio states that the tack w7rc9:MessageBox doesn't represent a known control.
I have a page setup to manage and create users.. in order to help the process of creation, i woudl like to add the new users to our default "users" role when they click the create button. Below is what is in place for the creation page and the button event tied to the button. I used this from a tutorial i found else where, but dont have the link at the moment if anyone needed it.. but the code below works great when creating a new user
I wish to know the way to add ASP.NET ("Machine_Name"IIS_IUSRS) to user role in COM+ component programmatically using C#. So whenever my COM+ component is being installed, ASP.NET user is created under Role.
is there a way i can get the role in a string variable using the below commands....
System.Security.Principal.WindowsIdentity wi = System.Security.Principal.WindowsIdentity.GetCurrent(); System.Security.Principal.WindowsPrincipal wp = new System.Security.Principal.WindowsPrincipal(wi);
i need this for
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, // version UserName.Text, // user name DateTime.Now, // creation DateTime.Now.AddMinutes(60),// Expiration false, // Persistent role); // User data
as string role= wp.IsInRole(); but this is not right
I roll my own SiteMapProvider inheriting System.Web.XmlSiteMapProvider.I want to override logic of checking user to be in a role specified in siteMapNode's property roles:
There used to a lot of tutorials on the asp.net site and I can't find any of them anymore. Anyway, I'm looking for a tutorial on how to send out an email to the newly registered user for verficiation. After the user checks his/her email and click the link in the email, it automatically unlock the user's account and allow him/her to login to the site. Below is what I have so far:
[Code]....
[Code]....
And verification page_load: [Code]....
The user does receive the verification email and when he/she click on the link it does come over to the verification.aspx page; however, the user still can't login. When I looked at the status of the user, it's still locked.
