Emad Mokhtar
Top achievements
Rank 1
Rank 1
Emad Mokhtar
asked on 15 Jul 2013, 08:25 AM
Dear
I'm applying security by disable all controls with certain CssClass based on permission, for example I'm adding Insert CssClass to controls I want to disable or enable base on user role.
Now this is working great with RadGrid but unfortunately when using Detail/Hierarchy Grid within RadGrid I can't apply this logic, I don't know why, can you help me please?
ASPX:
CS (Logic):
I'm applying security by disable all controls with certain CssClass based on permission, for example I'm adding Insert CssClass to controls I want to disable or enable base on user role.
Now this is working great with RadGrid but unfortunately when using Detail/Hierarchy Grid within RadGrid I can't apply this logic, I don't know why, can you help me please?
ASPX:
<telerik:RadAjaxPanel ID="RadAjaxPanel" runat="server" LoadingPanelID="RadAjaxLoadingPanel" HorizontalAlign="NotSet"> <telerik:RadGrid ID="grdTransactions" runat="server" AllowPaging="True" CellSpacing="0" GridLines="None" AutoGenerateColumns="False" DataSourceID="odsEmployeeTrans" AllowFilteringByColumn="True" AllowSorting="True" ShowGroupPanel="True" EnableTheming="True"> <ClientSettings AllowDragToGroup="True"> <Scrolling AllowScroll="False" UseStaticHeaders="True" /> </ClientSettings> <ExportSettings> <Pdf PageTitle="Transactions" Author="WebTimeTel" Creator="WebTimeTel" PaperSize="A4"></Pdf> </ExportSettings> <MasterTableView AllowMultiColumnSorting="True" DataKeyNames="TransID" DataSourceID="odsEmployeeTrans" PageSize="50"> <DetailTables> <telerik:GridTableView runat="server" CommandItemDisplay="TopAndBottom" DataKeyNames="TaskID" AllowAutomaticDeletes="True" AllowAutomaticInserts="True" AllowAutomaticUpdates="True" DataSourceID="odsTasks" AllowFilteringByColumn="False" AllowSorting="False"> <ParentTableRelation> <telerik:GridRelationFields DetailKeyField="TransID" MasterKeyField="TransID"></telerik:GridRelationFields> </ParentTableRelation> <CommandItemSettings ExportToPdfText="Export to PDF" AddNewRecordText="Add New Task" /> <RowIndicatorColumn FilterControlAltText="Filter RowIndicator column" Visible="True"> <HeaderStyle Width="20px" /> </RowIndicatorColumn> <ExpandCollapseColumn FilterControlAltText="Filter ExpandColumn column" Visible="True"> <HeaderStyle Width="20px" /> </ExpandCollapseColumn> <CommandItemTemplate> <asp:LinkButton ID="lbtnAdd" runat="server" CssClass="Insert" CommandName="InitInsert" Visible='<%# !grdTransactions.MasterTableView.DetailTables[0].IsItemInserted %>'>Add new</asp:LinkButton> <asp:LinkButton ID="lbtnAddThis" runat="server" CssClass="Insert" CommandName="PerformInsert" Visible='<%# grdTransactions.MasterTableView.DetailTables[0].IsItemInserted %>'> Add this</asp:LinkButton> </CommandItemTemplate> <Columns> <telerik:GridButtonColumn ButtonType="ImageButton" CommandName="Edit" FilterControlAltText="Filter column column" ButtonCssClass="Update" UniqueName="Edit" HeaderStyle-Width="3%"> <HeaderStyle Width="3%" /> </telerik:GridButtonColumn> <telerik:GridTemplateColumn DataField="TaskType" FilterControlAltText="Filter TaskType column" HeaderText="Task Type" UniqueName="TaskType"> <EditItemTemplate> <telerik:RadComboBox ID="ddlTaskType" DataSourceID="odsTaskTypes" DataTextField="TaskTypeEn" DataValueField="TaskTypeId" SelectedValue='<%# Bind("TaskTypeId") %>' runat="server"></telerik:RadComboBox> </EditItemTemplate> <ItemTemplate> <asp:Label ID="TaskTypeLabel" runat="server" Text='<%# Eval("TaskType.TaskTypeEn") %>'></asp:Label> </ItemTemplate> </telerik:GridTemplateColumn> <telerik:GridDateTimeColumn FilterControlAltText="Filter TimeFom column" HeaderText="Time From" UniqueName="TimeFrom" DataField="TimeFrom" PickerType="TimePicker" DataType="System.DateTime" DataFormatString="{0:hh:mm tt}"> </telerik:GridDateTimeColumn> <telerik:GridDateTimeColumn FilterControlAltText="Filter TimeTo column" HeaderText="Time To" UniqueName="TimeTo" DataField="TimeTo" PickerType="TimePicker" DataType="System.DateTime" DataFormatString="{0:hh:mm tt}"> </telerik:GridDateTimeColumn> <telerik:GridButtonColumn ButtonType="ImageButton" CommandName="Delete" ConfirmText="Are you sure?" FilterControlAltText="Filter column column" ImageUrl="~/images/delete.png" ButtonCssClass="Delete" UniqueName="Delete" HeaderStyle-Width="3%"> <HeaderStyle Width="3%" /> </telerik:GridButtonColumn> </Columns> <EditFormSettings> <EditColumn ButtonType="ImageButton" FilterControlAltText="Filter EditCommandColumn column"> </EditColumn> </EditFormSettings> <PagerStyle AlwaysVisible="True" /> </telerik:GridTableView> </DetailTables> <CommandItemSettings ExportToPdfText="Export to PDF" ShowExportToPdfButton="True" ShowAddNewRecordButton="False" ExportToCsvText="Export to CSV" ShowExportToCsvButton="True" /> <RowIndicatorColumn FilterControlAltText="Filter RowIndicator column" Visible="True"> <HeaderStyle Width="20px" /> </RowIndicatorColumn> <ExpandCollapseColumn FilterControlAltText="Filter ExpandColumn column" Visible="True"> <HeaderStyle Width="20px" /> </ExpandCollapseColumn> <Columns> <telerik:GridButtonColumn Text="Select" CommandName="Select" FilterControlAltText="Filter Images column" UniqueName="Select"> </telerik:GridButtonColumn> <telerik:GridBoundColumn DataField="TransID" FilterControlAltText="Filter TransID column" HeaderText="Trans#" UniqueName="TransID" AllowFiltering="False" Display="False"> </telerik:GridBoundColumn> <telerik:GridBoundColumn FilterControlAltText="Filter EmployeeNumber column" HeaderText="Employee#" DataField="EmployeeNumber" UniqueName="EmployeeNumber"> </telerik:GridBoundColumn> <telerik:GridBoundColumn FilterControlAltText="Filter EmployeeCode column" HeaderText="Employee Code" DataField="EmployeeCode" UniqueName="EmployeeCode"> </telerik:GridBoundColumn> <telerik:GridBoundColumn FilterControlAltText="Filter EmployeeName column" HeaderText="Name" DataField="EmployeeName" UniqueName="EmployeeName"> </telerik:GridBoundColumn> <telerik:GridBoundColumn FilterControlAltText="Filter DepartmentEn column" HeaderText="Department" DataField="EmployeeDepartmentEn" UniqueName="DepartmentEn"> </telerik:GridBoundColumn> <telerik:GridBoundColumn FilterControlAltText="Filter DepartmentAr column" HeaderText="القسم" DataField="EmployeeDepartmentAr" UniqueName="DepartmentAr"> </telerik:GridBoundColumn> <telerik:GridBoundColumn FilterControlAltText="Filter TransDate column" HeaderText="In Date" DataField="InDateTime" DataFormatString="{0:dd/MM/yyyy}" UniqueName="InDate" DataType="System.DateTime"> </telerik:GridBoundColumn> <telerik:GridBoundColumn FilterControlAltText="Filter TransDate column" HeaderText="In Time" DataField="InDateTime" DataFormatString="{0:hh:mm tt}" UniqueName="InTime" DataType="System.DateTime"> </telerik:GridBoundColumn> <telerik:GridBoundColumn FilterControlAltText="Filter TransTypeEn column" HeaderText="In Device" DataField="DeviceInName" UniqueName="InDeviceName"> </telerik:GridBoundColumn> <telerik:GridBoundColumn DataField="OutDateTime" FilterControlAltText="Filter Device column" HeaderText="Out Date" DataFormatString="{0:dd/MM/yyyy}" UniqueName="OutDate"> </telerik:GridBoundColumn> <telerik:GridBoundColumn DataField="OutDateTime" FilterControlAltText="Filter Device column" HeaderText="Out Time" DataFormatString="{0:hh:mm tt}" UniqueName="OutTime"> </telerik:GridBoundColumn> <telerik:GridBoundColumn DataField="DeviceOuName" FilterControlAltText="Filter OutDeviceName column" HeaderText="Out Device Name" UniqueName="OutDeviceName"> </telerik:GridBoundColumn> </Columns> <EditFormSettings> <EditColumn FilterControlAltText="Filter EditCommandColumn column"> </EditColumn> </EditFormSettings> <PagerStyle Position="Bottom" AlwaysVisible="True" Mode="NumericPages" /> </MasterTableView> <PagerStyle AlwaysVisible="True" Mode="NumericPages" /> <FilterMenu EnableImageSprites="False"> </FilterMenu> </telerik:RadGrid>protected override void OnLoad(EventArgs e){ base.OnLoad(e); if (Module != null) { StaticModule = Module; _staticUser = _user; if (!_groupRepository.IsUserAllowToView(Module, _user.UserID.Value)) throw new HttpException(401, "Unauthorized access"); var securedControls = Helpers.Methods.GetAllControls(this) .OfType<WebControl>() .Where(c => c.CssClass == "Insert" || c.CssClass == "Update"|| c.CssClass == "Delete"); if (!_groupRepository.IsUserAllowToInsert(Module, _user.UserID.Value)) { foreach (var control in securedControls.Where(c => c.CssClass == "Insert")) { control.Enabled = false; } } if (!_groupRepository.IsUserAllowToUpdate(Module, _user.UserID.Value)) { foreach (var control in securedControls.Where(c => c.CssClass == "Update")) { control.Enabled = false; } } if (!_groupRepository.IsUserAllowToDelete(Module, _user.UserID.Value)) { foreach (var control in securedControls.Where(c => c.CssClass == "Delete")) { control.Enabled = false; } } }}
6 Answers, 1 is accepted
0
Jayesh Goyani
Top achievements
Rank 2
Rank 2
answered on 15 Jul 2013, 09:49 AM
Hello,
Please check code snippet in project description section.
http://www.telerik.com/community/code-library/aspnet-ajax/grid/accessing-and-validating-controls-client-side-inside-a-hierarchical-radgrid.aspx
Note : For Security, i suggest that please use visible property in-place of Enable. Because by using developer tool (in browser) we can easily change the enable property value of any control.
Thanks,
Jayesh Goyani
Please check code snippet in project description section.
http://www.telerik.com/community/code-library/aspnet-ajax/grid/accessing-and-validating-controls-client-side-inside-a-hierarchical-radgrid.aspx
Note : For Security, i suggest that please use visible property in-place of Enable. Because by using developer tool (in browser) we can easily change the enable property value of any control.
Thanks,
Jayesh Goyani
0
Emad Mokhtar
Top achievements
Rank 1
Rank 1
answered on 16 Jul 2013, 07:45 AM
Dear Jayesh,
I don't want to access the child controls from Client-Side, I want them to access it from Server-Side as my security logic is performed on server.
Thanks for your tip.
I don't want to access the child controls from Client-Side, I want them to access it from Server-Side as my security logic is performed on server.
Thanks for your tip.
0
Jayesh Goyani
Top achievements
Rank 2
Rank 2
answered on 16 Jul 2013, 12:46 PM
Hello,
Please try with below code snippet.
Thanks,
Jayesh Goyani
Please try with below code snippet.
foreach (GridDataItem item in RadGrid1.MasterTableView.Items){ if (item.HasChildItems) { foreach (GridDataItem citem in item.ChildItem.NestedTableViews[0].Items) { ImageButton ibtn = citem["Edit"].Controls[0] as ImageButton; // Edit is column UniqueName
ibtn.Visible = false; } }}<Columns> <telerik:GridButtonColumn ButtonType="ImageButton" CommandName="Edit" FilterControlAltText="Filter column column" ButtonCssClass="Update" UniqueName="Edit" HeaderStyle-Width="3%"> <HeaderStyle Width="3%" /> </telerik:GridButtonColumn> </Columns>Thanks,
Jayesh Goyani
0
Emad Mokhtar
Top achievements
Rank 1
Rank 1
answered on 17 Jul 2013, 11:54 AM
Dear,
I want to know why my CS code isn't working with DetailTableView? I don't want to write code for security again in every page has DetailView Grid, I want to write code in one place and reflect in all the application, I want to apply DRY.
So please help me to fix my CS code or tell me where is the problem?
Thanks and best regards
I want to know why my CS code isn't working with DetailTableView? I don't want to write code for security again in every page has DetailView Grid, I want to write code in one place and reflect in all the application, I want to apply DRY.
So please help me to fix my CS code or tell me where is the problem?
Thanks and best regards
0
Accepted
Jayesh Goyani
Top achievements
Rank 2
Rank 2
answered on 17 Jul 2013, 12:49 PM
Hello,
1.
Please try to execute this code snippet in the page_Prerender event because Grid binding data (generate button) after the page_load event.
2. Please try with above solution if it is not worked then have to access controls using my last reply code snippet.
Because this is the functionality/limitation from .net framework.
There is not any issue of DetailTableView. - We can not access the controls directly which was inside the Data control (like : repeater, GridView...etc).
Let me know if any concern.
Thanks,
Jayesh Goyani
1.
Please try to execute this code snippet in the page_Prerender event because Grid binding data (generate button) after the page_load event.
var securedControls = Helpers.Methods.GetAllControls(this) .OfType<WebControl>() .Where(c => c.CssClass == "Insert" || c.CssClass == "Update"|| c.CssClass == "Delete");2. Please try with above solution if it is not worked then have to access controls using my last reply code snippet.
Because this is the functionality/limitation from .net framework.
There is not any issue of DetailTableView. - We can not access the controls directly which was inside the Data control (like : repeater, GridView...etc).
Let me know if any concern.
Thanks,
Jayesh Goyani
0
Emad Mokhtar
Top achievements
Rank 1
Rank 1
answered on 25 Jul 2013, 07:27 AM
Moving my security logic to PreRender event works,
Thanks
Thanks