Is there a way in sharepoint 2007 to make columns as readonly or editable depending on the user roles accessing it?
I found this link where you can get the user group of the person
http://morshemesh.blogspot.ru/2012/07/getting-all-groups-of-user-with.html
then you would just disable the other fields depending on the usergroup you want them to be disabled.
This would make use of SPServices and JQuery.
Related
I want to ask you a question about my project.
I have a DataGridView in my C# project which has two columns: One is DataGridViewTextBoxColumn, the other is DataGridViewComboBoxColumn.
I have usernames and authorities columns in my DB. Usernames are email addresses like abc#domain.com and authorities are either user or admin.
I want to bind via DataTable usernames to DataGridViewTextBoxColumn and authorities to DataGridViewComboBoxColumn but combo boxes must show usernames' authority by default and also have the option to change it between user and admin.
Thanks for any help.
you can do all you need in the designer ... you just have to put "user" and "admin" in the Items collection of your DataGridViewComboBoxColumn
Is there a way to retrieve all access rules from a specific Role?
As roles are just flagged at the top of an action or on top of the whole class I canĀ“t find a way to retrieve this information unless I read and parse the whole file and after that find a way to link this [authorization] tag to a group.
Thanks
No there is no builtin way. Its even impossible, because you might check for Roles in your code (actions/views) as well.
And how should the list of access rules be returned?
For example, how should an algorithm return / name this access rule in a view:
#if(User.IsInRole("SomeRole") {
<div>
Show some html only visible for users in SomeRole
</div>
}
You have to administer the list of your application defined access rules by yourself - i list will be very specific for your app.
Of cause, when you just use the Authorize attribute, you could generate a list of action methods accessible for a given role by reflecting over all controller classes.
I was looking for a data level Authorization filter in my ASP.Net MVC 4 Application.
We are using Entity Framework for Data access.
The application need to display all the data but should restrict the access to certain fields in a table based on the user roles.
eg: TASK table
{
int Id,
string TaskName,
DateTime StartDate,
DateTime EndDate
}
This whole data will be displayed to all the users and users have the options to edit the fields also. But should restrict the edit options like as follows
Role Admin can edit all the fields
Role Manager can Edit TaskName but cannot edit StartDate and EndDate
Role Users cannot Edit any of the fields
All these edit will be calling the Edit action in the TaskController.
How can I implement the functionality in my application.
You might try Postsharp. PostSharp allows you to design custom attributes for injecting boilerplate code at compile-time. It should be possible to use it for scenarios such as your example. I've used it for exception handling, logging, caching, & security. It can be applied to any layer or framework.
See, "Securing Fields and Properties" in the following illustrated example:
http://www.sharpcrafters.com/solutions/authorization
Hope it helps.
This is not EF, another ORM, but might help to see how it can be done - full source code is here.
Autorization subsystem is explained here.
It does what you need - row-level, up-to-column granularity, role-based authorization.
Sounds like what you are after is a true 'business' object that is smart and contains authorization at the property level not just at the method level. I would suggest using CSLA.NET and create your business object model with smart objects. This gives you that feature as well as a bunch of others.
This whole data will be displayed to all the users and users have the options to edit the fields also. But should restrict the edit options
Instead of a single Edit action in Task controller
create a specific action for each unique field set allowed to be edited
Edit(TaskName, StartDate, EndDate) for Admin
Edit(TaskName) for Manager
no Edit action for User, since ther are not allowed to change any fields
use authorization per action
I'm implementing a registration form in Grails with a bit of Ajax. My goal is to display a radio group of three options and based on the selection, the relevant domain fields will appear below.
I have three domain objects: an User, Donor and Teacher. A User can be a Donor, Teacher or both, thus the reason for a wrapping object.
All the examples I've seen with multiple selections from a list or radio group deal with different instances of the same domain class. Is it possible to do this with multiple domain objects?
Create 3 templates for each domain class and based on the value of your select or radio button render the correspondent template.
Check this out: AJAX Driven SELECTs in GSP
Maybe can solve your issue
I have a typical HABTM relationship between members (actual members of our organization, not all have online accounts) and users (online accounts). I have an edit users page for site administrators where multiple members can be assigned to users.
There are too many members to reasonably use checkboxes or a multi-select dropdown. I have decided to use dropdowns that are added by clicking an "Add Member" button that uses an AJAX function to add a dropdown.
Here's what I have working:
I can add dropdowns and pick any member. On save, the relationships are established.
I can edit that user and add more members, remove members, and change members in the dropdown.
The final piece I am struggling with is having my remove link (next to each member drop down) remove a drop down for a new user. The reason being that the action behind the remove link relies on the id of the div that contains the dropdown. When editing a user, this id is generated based on the selected member. For a new user, I do not know the selected member in the dropdown, so I can't assign it an id that I can know about when the remove link is clicked.
Are dropdowns the way to go? Are there any good tutorials or examples of what I am describing out there? Should I perhaps update the div ID in an onchange event in the dropdown?
I have found that the best way to do this is to use the object_id of member to create a unique div id. My Javascript function is then able to use this to remove the div.