I have an object with multiple collections that is retrieved from a WCF service and stored in the session.
The collections are bound to ListViews on the page, with a final submit button at the bottom.
I want to be able to make changes to this object in the session (add/edit items in the collections), without persisting the changes until the final submit button is clicked.
The problem I'm having is that the ids are created in the db, so all newly added items will have an id of 0. I don't see a way to uniquely identify the collection items unless I add something like a clientID field to the datacontract. I feel like I'm missing something really obvious here.
If these are auto-generated identity values, you can insert additionally guids for each entry.
Related
I was wondering if there is away to control a InfoPath Form Button enable it if you are in the Security Group and disable it if you are not in the SharePoint Security Group.
Client does not want to use the list method.
Well it isn't possible. However there is a workaround I sometimes use:
You create a list and add only one item. Give unique permissions on that particular item for only the Group.
Then in InfoPath create a Data Connection on that list and check with rules if the ID is present of the data result (or check on some value if you want). If user is in the group then it will get that one record. If not the user it will result in no records.
We're working on a new WPF app, using MVVM Light. We've got a customized ObservableCollection which starts as being bound to a datagrid. According to the project's specification we have to start on a form showing the datagrid and then when a user selects a row we show the user a detail view in another form. At this point we're getting the selected row and assigning that to an object which we assign to a MVVM Light message so that the detail view will be able to display the record's details.
Now that we're getting into this we've encountered a complication. The specs require that the detail view be able to navigate through the collection, even though at this point it doesn't have the collection. We had through we could accomplish this through an interface we defined that we called IRecordService, implementing it for each type of record we work with. However the problem is that the record has no idea if its the first record in the collection, the last one, etc. And that's necessary because of buttons on the detail form where people can navigate through the collection. We've been trying to do this with, for example CustomerRecordService, but so far that hasn't worked out. Perhaps it will if we keep at it.
But I've been wondering, what if instead of creating an object that has the selected record in it which gets passed into a message, we instead pass the whole collection and the key to the selected record into the message which then is caught by the detail viewmodel? My co-workers primary concern is how is the ObservableCollection passed, under these circumstances? Is a copy of the ObservableCollection passed or a reference to theObservableCollection that's in the listing viewmodel? I would think its a reference, but wanted to ask to make sure I'm right, or not.
It has to be just a reference. Otherwise messenger would have to know how to clone every single object. But you can easilly check it. After you get an object in your details viewmodel, change it. Add something, remove something and change some parameter of some objects in the collection. Then check if it has been changed in the main form with the grid.
I'm developing a web app using the entity framework. I load a list of objects and bind it to a repeater to show a summary of all the items. The user may click an edit icon or a delete icon for each item in the repeater.
Example:
Item 1 | Edit | Delete
Item 2 | Edit | Delete
...
Editing works fine when using a rowversion column for concurrency because the record is loaded and the values for the ID and rowversion column are persisted in hidden form fields. These "original" values are then available to use later when doing the update.
However, if the user clicks Delete for a record, I load the object from the database, call DeleteObject(), then call SaveChanges(). The problem with this is that when I load the record, it gets the latest rowversion value, so any concurrency checking is rendered useless.
How can I ensure that concurrency checking takes place when deleting a record?
Actually you do not have to load the object from the database, if you want to delete it.
Instead, create an ObjectContext, attach your ObjectToDelete to that context via Attach(), then DeleteObject() and SaveChanges().
Thus you would be able to receive an exception about concurrency.
After reading the answer to this question, I decided to use the following approach.
Use hidden form fields to store the ID and rowversion value.
When the user clicks the delete button, load the object from the database. This object contains a rowversion value that may be different than what is stored in the hidden field.
Assign the rowversion value from the hidden field to the appropriate property
on the object.
Call the object state manager's AcceptChanges() method for this object. This causes the rowversion value that I had stored to be accepted as the "current" value.
Delete the object and call SaveChanges() on the object context.
Therefore, the original rowversion value I stored is passed to SQL when attempting to delete the record and is compared to the current value in the row. If they do not match, an OptimisticConcurrencyException is raised.
A different approach than Andreas H specified would be to use stored procedures to do your deletes. That way you could do concurrency checking and deletion within the stored proc, raising an exception if there is a violation.
I'm making a security permission system for a Dynamic Data site based on the article Securing Dynamic Data Preview 4 Refresh. The system contains an additional permission kind: "deny an operation for a record/field if a record is not owned by an user".
If an user can read only own objects, we need to have an always enabled filter in List and check permissions in Details. If an user can write only own objects, we need to check permissions in Edit and Delete, remove "Edit/Delete" links from some rows in List, make "User" field readonly and provide its value in Insert. I didn't think about column-level permissions of this kind yet.
So, the main problem, as I see at this moment: too many places to place the same checks (I didn't even think of malicious user crafting POST data). Also I couldn't make make a field in Insert at the same readonly and having a value which is displayed and saved to DB (I don't want to place that in the model partial classes because I think that there are already too many places that need to be edited to implement this functionality).
Is there a single place to deny a read or write operation with an object depending on the object value?
How can I provide a default value to the field, so that it will be shown on the Insert page, inserted to the DB and couldn't be changed by the user before inserting?
The following assumes you're using LINQ to SQL.
Is there a single place to deny a read
or write operation with an object
depending on the object value?
Reads
I know of no simpler way to restrict reads than to add a filter to all the relevant LinqDataSource controls. If you are able to implement your filter generally, you can write one QueryCreated handler, then add a single line registering your custom handler to all the page templates.
Writes
In the Dynamic Data metadata, add an OnValidate partial method to all the relevant tables. If the current user is not allowed to ChangeAction the given record, throw an exception. You will still have to update all the page templates to hide UI elements that the user does not have access to, but at least you can rest assured that the worst that could happen in some unexpected case is that the user sees an error page.
How can I provide a default value to
the field, so that it will be shown on
the Insert page, inserted to the DB
and couldn't be changed by the user
before inserting?
Perhaps look at some combination of adding an OnCreated and OnValidate partial methods. See also: this answer.
Let's say I have a class Person, with a string[] nickNames, where Person can have 0 or more nicknames stored. I want to create an asp.net page where a user can go and add/edit/delete nicknames.
Question is- how to i persist the Person object between postbacks? I query the DB and create the object then display it on a form, but then the user has the option to edit/delete fields of that object.. once the page is displayed with the fields of Person, how do I update that object with the changes the user made, to store to db?
Thanks!
Well if your Person Object is serializable you could store it in ViewState and if not, you could stick it in Session, but it sounds like you might have a general lack of understanding about Data Persistance in general
Depending on your implementation, and whether you're coding this all by hand or using the built in DataSource/DataAdapter controls, theres a bunch of ways to do it.
You could have a look at some basic ASP.NET/ADO.NET Tutorials to point you in the right direction
http://aspnet101.com/aspnet101/tutorials.aspx?id=17
Query the object it again (you could store it in a session variable but that doesn't scale), gather and apply changes from user upon postback.