We help IT Professionals succeed at work.

ASP.NET gridview based on permissions?

melli111
melli111 asked
on
Medium Priority
1,047 Views
Last Modified: 2012-05-11
I have asn ASP.NET Gridview that displays a Delete button and a DetailsView that displays an Edit button.  I would like to make these two buttons ONLY display if a user has access to perform Edit or Delete operations, with the information of who has access being contained in a database table.  How would I go about doing this?
Comment
Watch Question

Carlos VillegasFull Stack .NET Developer

Commented:
Hi, I did this small example to give you an idea:
<%@ Import Namespace="System.Data" %>

<%@ Page Language="C#" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
    protected void Page_Load(object sender, EventArgs e)
    {
        if (!IsPostBack)
        {
            // Check user permissions.

            // You need to check the current user name by using: Page.User.Identity.Name
            // string userName = Page.User.Identity.Name;

            // For demo purposes I will use Alice.
            string userName = "Alice";

            if (UserInRole(userName, "IsAdmin"))
            {
                // Show the delete and edit button to users in the IsAdmin role.
                GridView1.AutoGenerateDeleteButton = true;
                DetailsView1.AutoGenerateEditButton = true;
            }

            // Simulate data.
            DataTable dtt = new DataTable();
            dtt.Columns.Add("Record", typeof(int));
            dtt.Columns.Add("Date", typeof(DateTime));
            dtt.Columns.Add("Value", typeof(decimal));
            dtt.Rows.Add(1, DateTime.Now, 123);
            dtt.Rows.Add(2, DateTime.Now, 1234);
            dtt.Rows.Add(3, DateTime.Now, 1235);
            dtt.Rows.Add(4, DateTime.Now, 1236);
            dtt.AcceptChanges();

            GridView1.DataSource = dtt;
            GridView1.DataBind();

            DetailsView1.DataSource = dtt;
            DetailsView1.DataBind();
        }
    }

    private bool UserInRole(string userName, string roleName)
    {
        // Simulate your DB permission data for that user name.
        DataTable dtt = new DataTable();
        dtt.Columns.Add("UserName", typeof(string));
        dtt.Columns.Add("RoleName", typeof(string));
        dtt.Rows.Add("Alice", "IsAdmin");
        dtt.Rows.Add("Bob", "IsUser");
        dtt.Rows.Add("Jason", "IsAdmin");
        dtt.AcceptChanges();
        dtt.PrimaryKey = new DataColumn[] { dtt.Columns[0], dtt.Columns[1] };

        // Return true if the user have the permission.
        return dtt.Rows.Find(new object[] { userName, roleName }) != null;
    }


    protected void GridView1_RowDeleting(object sender, GridViewDeleteEventArgs e)
    {
    
    }

    protected void DetailsView1_ModeChanging(object sender, DetailsViewModeEventArgs e)
    {

    }
</script>
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title></title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
        <asp:GridView ID="GridView1" runat="server" 
            onrowdeleting="GridView1_RowDeleting">
        </asp:GridView>
        <br />
        <asp:DetailsView ID="DetailsView1" runat="server" 
            onmodechanging="DetailsView1_ModeChanging">
        </asp:DetailsView>
    </div>
    </form>
</body>
</html>

Open in new window

You can download the aspx file here:
GridViewPermissions.aspx

The best way to check permissions is to use a role provider or implement your own authentication method to be able to use the Page.User.IsInRole("") method, but I did this example to give you a start.

I hope this help.
melli111SharePoint Administrator / Developer

Author

Commented:
Thank you,  my next question is, I would like for the Delete button on the GridView to be in the very last column to the right.  After the statement "GridView1.AutoGenerateDeleteButton = true;", is there a way to specify which row to place the Delete button in?  It defaults to the very first row and I do not want it there.
Full Stack .NET Developer
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
melli111SharePoint Administrator / Developer

Author

Commented:
This worked great, thank you.  The very last thing I need, is that I want the Edit button on the DetailsView to be aligned on the right side.  Is there any way to do that?
Carlos VillegasFull Stack .NET Developer

Commented:
Yes! this easy way ;)
<asp:DetailsView ID="DetailsView1" runat="server" OnModeChanging="DetailsView1_ModeChanging">
    <CommandRowStyle HorizontalAlign="Right" />
</asp:DetailsView>

Open in new window

I don't want to steal any of yv989c's credit here, as he's answered so well, but I just wanted to point out, in case you're using Visual Studio, that you can order the columns and set the alignment etc in the Edit Columns gui.
The styles can also be controlled using CSS files, examples below
.mGrid {    
    background-color: #fff;    
    margin: 5px 0 10px 0;    
    border: solid 1px #525252;    
    border-collapse:collapse;   
    vertical-align:top; 
}   
.mGrid td {    
    padding: 2px;    
    border: solid 1px #c1c1c1;    
    color: #717171;   
    vertical-align:top; 
}   
.mGrid th {    
    color: Black;    
    background: #424242 ;    
    font-size: 0.9em;
    text-align:center;    
}   
.mGrid .alt { background: #fcfcfc; }

Open in new window

Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.