This is a migrated thread and some comments may be shown as answers.

Preventing Unauthorized Edit

5 Answers 110 Views
Grid
This is a migrated thread and some comments may be shown as answers.
David
Top achievements
Rank 1
David asked on 27 Jan 2009, 10:05 PM
I'd like to build my pages so that users can view but only authorized users can edit, delete and Update the RadGrid.  I realize I could use forms authentication and build two different pages (one for admin and the other for users), but that seems like more work.  Is it possible to use the page load event to disable the visibility of delete and edit columns in the RadGrid?

As an example, I've got a "contacts" page with names and phone extensions.  Only Admin users should be allowed to edit or delete but everyone logged in should be able to view and filter.

Thanks,
David

5 Answers, 1 is accepted

Sort by
0
Princy
Top achievements
Rank 2
answered on 28 Jan 2009, 06:31 AM
Hello David,

You may want to restrict users from editing/deleting grid items depending on the security settings for the corresponding account. For this purpose you can check for the logged user and set the visibility of the Edit/Delete columns accordingly as shown below:
cs:
protected void Page_Load(object sender, EventArgs e) 
    { 
        if (condition to check if user != "Admin") 
        { 
            RadGrid1.MasterTableView.GetColumnSafe("EditColumn").Visible = false
            RadGrid1.MasterTableView.GetColumnSafe("DeleteColumn").Visible = false
        }               
    } 

Thanks
Princy.
0
David
Top achievements
Rank 1
answered on 28 Jan 2009, 11:38 AM
Princy, thank you for the advice!  How do I get the name of the AutoGenerated columns within RadGrid1?

Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load 
        ' Hide edit/delete from unauthorized users. 
        If User.IsInRole("Admin") <> True Then 
            RadGrid1.MasterTableView.GetColumnSafe("AutoGenerateDeleteColumn").Visible = False 
            RadGrid1.MasterTableView.GetColumnSafe("AutoGenerateEditColumn").Visible = False 
            'RadGrid1.Rebind() 
        End If 
    End Sub 

 Object reference not set to an instance of an object. 
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. 
 
Exception Details: System.NullReferenceException: Object reference not set to an instance of an object. 
 
Source Error: 
 
Line 7:          ' Hide edit/delete from unauthorized users. 
Line 8:          If User.IsInRole("Admin") <> True Then 
Line 9:              RadGrid1.MasterTableView.GetColumnSafe("AutoGenerateDeleteColumn").Visible = False 
Line 10:             RadGrid1.MasterTableView.GetColumnSafe("AutoGenerateEditColumn").Visible = False 
Line 11:             'RadGrid1.Rebind() 
 
 
Source File: C:\USERS\MILAND\Visual Studio 2005\WebSites\usi_intranet\Contacts\contacts.aspx.vb    Line: 9  


Thanks,
David
0
Shinu
Top achievements
Rank 2
answered on 28 Jan 2009, 12:25 PM
Hi David,

Try hiding the AutoGeneratedEdit and Delete column  as shown below.

VB:
 Protected Sub Page_Load(ByVal sender As ObjectByVal e As System.EventArgs) 
         ' Hide edit/delete from unauthorized users. 
         If User.IsInRole("Admin") <> True Then 
             RadGrid1.MasterTableView.GetColumnSafe("AutoGeneratedEditColumn").Visible = False 
             RadGrid1.MasterTableView.GetColumnSafe("AutoGeneratedDeleteColumn").Visible = False 
         End If 
         'RadGrid1.Rebind() 
     End Sub 
 
 


Thanks
Shinu
0
David
Top achievements
Rank 1
answered on 28 Jan 2009, 02:28 PM
Shinu, I'm getting an "Object reference not set to an instance of an object.".  I've got the IsInRole working but can't figure out reference the AutoGenerated columns.  Still failing on "RadGrid1.MasterTableView.GetColumnSafe("AutoGenerateEditColumn").Visible = False".

Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load 
        ' Hide edit/delete from unauthorized users.  
 
        If My.User.IsInRole("Admin") = True Then 
            RadGrid1.MasterTableView.GetColumnSafe("AutoGenerateEditColumn").Visible = False 
            RadGrid1.MasterTableView.GetColumnSafe("AutoGenerateDeleteColumn").Visible = False 
        End If 
        ' RadGrid1.Rebind() 
    End Sub 

Any other suggestions?

Thanks,
David
0
David
Top achievements
Rank 1
answered on 28 Jan 2009, 06:36 PM
Finally figured it out. 

Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load 
        ' Hide edit/delete from unauthorized users.  
        If My.User.IsInRole("Admin") <> True Then 
            RadGrid1.MasterTableView.EnableColumnsViewState = False 
            RadGrid1.AutoGenerateEditColumn = False 
            RadGrid1.AutoGenerateDeleteColumn = False 
        End If 
    End Sub 

Thanks to all for your help!
David
Tags
Grid
Asked by
David
Top achievements
Rank 1
Answers by
Princy
Top achievements
Rank 2
David
Top achievements
Rank 1
Shinu
Top achievements
Rank 2
Share this question
or