I Want Set Access level user For Buttons in the forms. example in the each form i have Add , Edit ,search and Delete button and I want user1 access to delete and update button in the form 1 and user 2 access to all buttons in each forms.
i create Table for Save Forms Name and Create other Table for Save User Profile and create table for save access User to forms and button. But I do not know how these settings in the form.
In any form is when you load the data read from the database?And to apply settings or Can I do this, write a general function,That automatically does this for every form????
thanks all
The following link was of great help when I encountered the same problem (it is for asp.net 2.0 but applies to the newer versions):
Recipe: Implementing Role-Based Security with ASP.NET 2.0 using Windows Authentication and SQL Server
SO in few words, you need to set up the Roles and then use them to enable access to users according to their roles. Enabling buttons and disabling buttons in a form can happen in the code behind utilizing the Roles.
For example you can use this piece of code if you have setup a role called Administrators:
If User.IsInRole("Administrators") Then
'Do something only admins are allowed to-do
End If
I hope that this is helpfull.
Related
Is it possible to add a role to a user dynamically ?
I understand that this is typically done at app publishing time but I'd like to have a page in the app that allows me to adds and assign roles.
Thanks.
I'm new to asp.net and trying to figure out how to go about displaying different capabilities to individual users based on what is allowed to them by checking the database.
A good example I think would be like a forum where the admin an turn on and off different capabilities the user can perform. ex. Editing old post, viewing old post, printing posts.
In my database I would have users matched with roles and capabilities.
What would be the best way to "generate" pages customized to each user, where they can see the option to "edit a post" if they had that capability, and not see it if they didn't.
You can use .NET Membership:
ASP.NET membership gives you a built-in way to validate and store user credentials. ASP.NET membership therefore helps you manage user authentication in your Web sites. You can use ASP.NET membership with ASP.NET forms authentication by using with the ASP.NET login controls to create a complete system for authenticating users.
http://msdn.microsoft.com/en-GB/library/yh26yfzy(v=vs.100).aspx
You can then show/hide buttons such as "edit a post" by checking if the current user is in the correct role:
http://msdn.microsoft.com/en-us/library/4z6b5d42.aspx
e.g.
ButtonEditPost.Visible = Roles.IsUserInRole("Admin");
I am working on asp.net for my website. Actually my site have two types of roles admin and user. I saw in asp.net development site at create new wizard user have a selection for roles like admin and user but if a crazy user may select admin role though he is a normal user so how could i control the user role selection.
For my optionion you should not rely on the wizard which ships with asp.net.
You should have your own control over creating users.
I would start to look at the Membership api to see how to access it from source code, how to add roles and how to authenticate... this is basically how the wizard magic works...
http://www.asp.net/web-forms/videos/authentication
http://www.4guysfromrolla.com/articles/120705-1.aspx
http://msdn.microsoft.com/en-us/library/ff648345.aspx
HTH
I am new to .NET framework and I want to create a profile page for each user to edit their own page. How do I make this edit page only available to the specific user? Is there a way to do this without me manually going into the code every time I have a new user sign up?
I'd take a look at ASP .NET Membership. Then you can lookup the user "profile" based on their Id to load the appropriate information.
You start by ensuring that the page is only visible to authenticated users. You do this by setting the appropriate settings in web.config for the corresponding folder or file.
Once you've done that, this page should simply load details for the current user. All users would see the same page, but it's content would be populated by your code only for this current user.
There would therefore be no way for one user to display the contents for another user. The ID of the user being viewed/edited should definitely not be a query argument or anything like that.
In asp.net Webforms apps, is there not any kind of maintenance UI page to edit and maintain the Profile properties of a User (I'm using VS2008 and the Web Application template), like in the WSAT Web Site Administratration Tool where you already can edit the basic Membership and Role properties for a User? I'm using the basic SQL Express data tables and the basic Membership and Role providers, and now I want to begin using the Profile provider to store and access additional properties for each User I create an account for. For instance, when I create a new User and assign them to a Role(s) on my web app, I use the WSAT tool, and now I also need to set certain Profile properties for them too. Is the only way to set these properties is programmatically? Surely there is an Admininstrative type of UI page for this so you can quickly view and edit Profile properties for a User.
Roles and Membership conform to a standard schema that you can easily create a static form for editing. Profile details are dynamic based on your configuration settings - and building dynamic forms can be a bit tricky.
On top of that, the default Profile provider stores all the profile information in one concatenated field, so you'd end up with a list of comma-separated values if they went for a really basic form.