AncientGrief
Top achievements
Rank 1
Rank 1
AncientGrief
asked on 08 Oct 2013, 05:15 PM
Hi,
I am thinking about buying Kendo UI Complete for ASP.NET MVC . But there's a absolute no-go:
When using KendoUI Grid (Inline Editing demo: http://demos.kendoui.com/web/grid/editing-inline.html) with an Entity that has a lot of properties, KendoUI is serializing ALL properties (even EntityKey and EntityState) into the HTML source (inside a <script>-Tag).
When providing the data via the constructor, - even worse! - ALL values are rendered into the HTML code.
I am about to display 10 out of 20 properties. The remaining 10 properties shouldn't be visible in ANY WAY to the user because
1. The User doesn't have to know the full database table structure
2. Some data depend on the user's rights, but being rendered into the html source, it would be possible for everyone to see everything.
Is there a way to tell Html.Kendo().Grid() just to touch the properties needed?!
Regards,
AncientGrief
Additional Info:
Kendo UI version => 2013.2.918
OS => Windows 7/8
exact browser version => Chrome latest
I am thinking about buying Kendo UI Complete for ASP.NET MVC . But there's a absolute no-go:
When using KendoUI Grid (Inline Editing demo: http://demos.kendoui.com/web/grid/editing-inline.html) with an Entity that has a lot of properties, KendoUI is serializing ALL properties (even EntityKey and EntityState) into the HTML source (inside a <script>-Tag).
When providing the data via the constructor, - even worse! - ALL values are rendered into the HTML code.
I am about to display 10 out of 20 properties. The remaining 10 properties shouldn't be visible in ANY WAY to the user because
1. The User doesn't have to know the full database table structure
2. Some data depend on the user's rights, but being rendered into the html source, it would be possible for everyone to see everything.
Is there a way to tell Html.Kendo().Grid() just to touch the properties needed?!
Regards,
AncientGrief
Additional Info:
Kendo UI version => 2013.2.918
OS => Windows 7/8
exact browser version => Chrome latest
4 Answers, 1 is accepted
0
Ignacio
Top achievements
Rank 1
Rank 1
answered on 08 Oct 2013, 07:10 PM
This is probably an issue that should be resolved from the server side.
That is, send only the data that the client can see. And nothing else.
The best way to do this is via ViewModels.
You would then need to map your Domain Models to your ViewModels.
This is considered good practice regardless of if you are using KendoUI or not.
So say you have:
You would then create:
And instead of doing :
You can do:
There are automation libraries that can make this is easy for you. Like AutoMapper.
Hope this helps.
That is, send only the data that the client can see. And nothing else.
The best way to do this is via ViewModels.
You would then need to map your Domain Models to your ViewModels.
This is considered good practice regardless of if you are using KendoUI or not.
So say you have:
public class Product { public int ID { get; set; } public string Name { get; set; } public string SecretProperty { get; set; }}public class ProductViewModel { public int ID { get; set; } public string Name { get; set; }}public ActionResult Index() { return View(db.Products.ToList()); }You can do:
public ActionResult Index() { var productsViewModel = from p in db.Products.ToList() select new ProductViewModel {ID=p.ID, Name=p.Name }; return View(productsViewModel); }Hope this helps.
0
AncientGrief
Top achievements
Rank 1
Rank 1
answered on 09 Oct 2013, 07:30 AM
Hi,
thanks for your answer. But what if I have a ViewModel with 30 Properties and I have 5-6 different kind of Grids showing just a part of all the properties to the user depending on his rights? This could lead to an enormous "code-overhead" to me if this situation is an issue on 30-40 Subpages (I am talking about a huge intranet project).
So after all I agree that ViewModels are the better approach but I would still like to know if it is possible to tell Grid() to hide specific properties?!
Regards,
AncientGrief
thanks for your answer. But what if I have a ViewModel with 30 Properties and I have 5-6 different kind of Grids showing just a part of all the properties to the user depending on his rights? This could lead to an enormous "code-overhead" to me if this situation is an issue on 30-40 Subpages (I am talking about a huge intranet project).
So after all I agree that ViewModels are the better approach but I would still like to know if it is possible to tell Grid() to hide specific properties?!
Regards,
AncientGrief
0
Hello Marcel,
Atanas Korchev
Telerik
The Kendo UI Grid serializes all public properties of the model and currently there isn't any way to control which properties are serialized.
We also recommend using view models. It is considered a best practice and libraries as AutoMapper simplify view model usage a lot.
Atanas Korchev
Telerik
Join us on our journey to create the world's most complete HTML 5 UI Framework - download Kendo UI now!
0
AncientGrief
Top achievements
Rank 1
Rank 1
answered on 09 Oct 2013, 09:09 AM
Hi,
ok good to know. So if I have to rely on ViewModels and create SubViewModel for one Entity that contains 50+ Properties, does anyone know of a good Class-Generation tool for this, where I can choose the properties that my ViewModels shall contain?
E.G.:
CustomerEntity ->
BadCustomerViewModel
GoodCustomerViewModel
RichCustomerViewModel
Each of the ViewModels contain some identical properties but cannot be placed in a base class because some may not.
Is there any good GUI-Generator for this case?!
(Btw.: This is a real world example of a bad database provided by our customer...I can't change it :/ )
(It gets even messier with ValidationProperties. If 5 out of 8 SubViewModels contain the property "Name" and I have to change the ValidationProperty because the maxlength changed in the DB x_X)
Regards and thanks for the answer :)
ok good to know. So if I have to rely on ViewModels and create SubViewModel for one Entity that contains 50+ Properties, does anyone know of a good Class-Generation tool for this, where I can choose the properties that my ViewModels shall contain?
E.G.:
CustomerEntity ->
BadCustomerViewModel
GoodCustomerViewModel
RichCustomerViewModel
Each of the ViewModels contain some identical properties but cannot be placed in a base class because some may not.
Is there any good GUI-Generator for this case?!
(Btw.: This is a real world example of a bad database provided by our customer...I can't change it :/ )
(It gets even messier with ValidationProperties. If 5 out of 8 SubViewModels contain the property "Name" and I have to change the ValidationProperty because the maxlength changed in the DB x_X)
Regards and thanks for the answer :)