Thursday, January 3, 2013

Restrict Access to Fields with “Roles” Properties

The Read Roles and Write Roles properties for a field allow specifying a list of roles. Users that do not have a role in the list will not be able to view or edit the field, respectively.

Let’s prevent non-administrators from editing the Phone field in Customers controller or viewing the Address fields.

Controlling Editing Rights for Phone Field

Start the Project Designer. In the Project Explorer, switch to the Controllers tab. Double-click on Customers / Fields / Phone node.

Field 'Phone' selected in Customers controller.

Change the Write Roles property:

Property New Value
Write Roles Administrators

Press OK to save.

Controlling Visibility for Address Fields

Double-click on Customers / Fields / Address (String(60)) node.

Address field of Customers controller.

Change the following:

Property New Value
Read Roles Administrators

Press OK to save. Make the same change to these fields as well: City, Region, PostalCode, Country.

Viewing the Results

On the toolbar, press Browse.

Log in with the standard user account (user / user123%) and navigate to the Customers page. Note that none of the address fields are displayed in the grid.

No address fields displayed in grid1 of Customers controller when logged in as 'user'.

Select a record and start editing. Note that the Phone field is read-only.

Phone field is not editable.

Log out, and log in again with the administrative account (admin / admin123%). Start editing a record – Phone and Address fields will be editable.

Alladdress fields displayed in grid1 and Phone is editable on Customers page when logged in as 'admin'.

No comments:

You can find more about Code OnTime Generator, Data Aquarium Framework, and other great products here.


© 2010 Code OnTime LLC. Intelligent code generation software for ASP.NET. Visit us at http://codeontime.com