[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2531
  • Last Modified:

VB.Net Windows Forms - User permission setup from login info

Hi Experts

I have a simple login form that when a successful login occurs the main form opens (FrmHome).

The login form uses details found in a "Users" Table, Fields [Name] [Password] and [Group]

So, on the home page I need to put a button that will only allow users from the group super
to open the relevant form

The code used to open the form on button click looks like this.
Private Sub BtnAddNewEmp_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles BtnAddNewEmp.Click
        Dim FrmAddEmployee_inst As New FrmAddEmployee 'replace Form2 with the class name of the form you're trying to open
        FrmAddEmployee_inst.Show()
End Sub

Open in new window


How do I get the App to assign the group to the person logged in and apply it to this button?
0
GrahamSA
Asked:
GrahamSA
  • 11
  • 10
  • 3
2 Solutions
 
CodeCruiserCommented:
You can get the group name in login page and assign it to a public variable declared in a module. Alternatively, you can declare this public variable on frmHome and login form can set it. Then its a matter of an if condition in above button click.
0
 
GrahamSAAuthor Commented:
Hi CodeCruiser

OK
Public Module Module1
Public Group As String
End Module

Then something like this. er kinda?
Private Sub BtnAddTeam_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles BtnAddTeam.Click
        If Group = "Super" Then
        Dim FrmAddTeam_inst As New FrmAddTeam 'replace Form2 with the class name of the form you're trying to open
        FrmAddTeam_inst.Show()
        Else
        MsgBox = "You do not have permission to view this resource>"
        End If
End Sub

Open in new window

0
 
GrahamSAAuthor Commented:
OK Fixed this

MsgBox("You do not have permission to view this resource")

But the message pops up even when a super logs in?
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
kristof1104Commented:
First of all,
If Group = "Super" Then

Open in new window


should be
If Group.equals("Super") Then

Open in new window


Also the use of public variables should be avoided, instead you should create a singleton that keeps track of the data of the logged in user.

Kind regards
Kristof
0
 
GrahamSAAuthor Commented:
Hi

This line gets a Null reference
If Group.equals("Super") Then

How do I go about doing as you suggest?
Also the use of public variables should be avoided, instead you should create a singleton that keeps track of the data of the logged in user.
0
 
CodeCruiserCommented:
You need to SET the value of that variable before you use it.
0
 
kristof1104Commented:
like CodeCruiser said, when the user logs in you need to set the group value.

I'll give you a quick overview of what a singleton is, a singleton is a class of which only one instance  can be created. This instance can be called in every class you want in your application.

you can set up a singleton like this:
create a class and use the following code:

Public Class LogedInUser
    Private Shared instance As LogedInUser

    Public Function LogedInUser() As LogedInUser
        If instance Is Nothing Then
            instance = New LogedInUser
        End If

        Return instance
    End Function

    Private Sub New()
    End Sub


    Private _username As String
    Public Property Username() As String
        Get
            Return _username
        End Get
        Set(ByVal value As String)
            _username = value
        End Set
    End Property


    Private _group As String
    Public Property Group() As String
        Get
            Return _group
        End Get
        Set(ByVal value As String)
            _group = value
        End Set
    End Property
End Class

Open in new window


now you can use the LogInUser.getInstance in every class you need it for example:
Dim logedInUser as LogedInUser = LogedInUser.getInstance() 

'Now you can set the group on login
logedInUser.Group = "Super"

'and in the condition. like this:
If logedInUser.Group.Equals("Super") Then
'...
End If

Open in new window


Regards Kristof
0
 
GrahamSAAuthor Commented:
Hi Kristof

Do I put the singleton code in the login form
And put the second code in the button

This is the error, not too sure how to resolve.

Error1
0
 
kristof1104Commented:
Hi Graham,

Anywhere you need to access the logedInUser  info you can use that piece of code to access it.

The reason why you are getting an error is because you have typed loginInUser.GetInstance with a small captial.

It should be
Dim logedInUser as LogedInUser = LogedInUser.Getinstance()

Open in new window


This is because it is a class function, meaning you need to call it from the class.
You could also give the logedInUser variable another name if you find it confusing
for example
Dim user as LogedInUser = LogedInUser.Getinstance()

Open in new window


Kind regards
Kristof
0
 
kristof1104Commented:
Btw the
this piece should go into the function that handles the login:
Dim logedInUser as LogedInUser = LogedInUser.getInstance() 
logedInUser.Group = "Super"
 

Open in new window


Then in the btnAddTeam Method you do the check
Dim logedInUser as LogedInUser = LogedInUser.getInstance() 
If logedInUser.Group.Equals("Super") Then
'do something
End if
'...

Open in new window

0
 
GrahamSAAuthor Commented:
Hi
I have tried and trued but to no avail.
Any chance you can spell it out for me a little?
0
 
kristof1104Commented:
attach your code files i'll take a look at it for you :)

Greetz
0
 
GrahamSAAuthor Commented:
Wow Thank You friend!!!
files.zip

The add team button will do nicely then I can add the rest myself :)
0
 
kristof1104Commented:
First of all change the singleton class to this:

Public Class LogedInUser
    Private Shared instance As LogedInUser

    Public Shared Function getInstance() As LogedInUser
        If instance Is Nothing Then
            instance = New LogedInUser
        End If

        Return instance
    End Function


    Private _username As String
    Public Property Username() As String
        Get
            Return _username
        End Get
        Set(ByVal value As String)
            _username = value
        End Set
    End Property

    Private _group As String
    Public Property Group() As String
        Get
            Return _group
        End Get
        Set(ByVal value As String)
            _group = value
        End Set
    End Property
End Class

Open in new window


Then when you login, you need to use a query to see if the user is a superuser,
if so add
 LogedInUser.getInstance().Group = 'the group you get from the DB

Open in new window


Also in the login function change
UserName = TbxUsername1.Text

Open in new window

to
 LogedInUser.getInstance().Username = TbxUsername1.Text

Open in new window


then in the frmHome you can use it  like this:

LogedInUser.getInstance().Username

Open in new window

for example:
        lblUserName.Text = "Welcome " + LogedInUser.getInstance().Username + ", to the Lesedi Information Management System"

Open in new window


Another note:
I think your login screen is open to SQL injection so fix that to!

Regards Kristof
0
 
GrahamSAAuthor Commented:
Cool
No errors, kinda understand what you did here er Kinda...

Should this not work then?
Private Sub BtnAddTeam_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles BtnAddTeam.Click

        If LogedInUser.getInstance().Group = "Super" Then
        Dim FrmAddTeam_inst As New FrmAddTeam
        FrmAddTeam_inst.Show()
        Else
        MsgBox("You do not have permission to view this resource")
        End If


End Sub

Open in new window

0
 
kristof1104Commented:
When comparing strings you need to use .equals

rivate Sub BtnAddTeam_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles BtnAddTeam.Click

        If LogedInUser.getInstance().Group.Equals("Super") Then
        Dim FrmAddTeam_inst As New FrmAddTeam
        FrmAddTeam_inst.Show()
        Else
        MsgBox("You do not have permission to view this resource")
        End If


End Sub

Open in new window


That piece of code will only work if you set the group when the user logs in, this needs to be done by a query(looking up which group the user belongs to for example the "Super" group and placing that into the LogedInUser group variable.
0
 
GrahamSAAuthor Commented:
Hi

Would this be the query?
LogedInUser.getInstance().Group = 'the group you get from the DB

Where would I put this if it is?
0
 
kristof1104Commented:
A sql query, The piece of code you have in mind just sets The value, you need a query to get The data from The dn first!
0
 
GrahamSAAuthor Commented:
Hi Bud

Please point me in the right direction, feeling very out of my league here :(
0
 
CodeCruiserCommented:
To be honest, I think you are wasting time on a technique which is overkill in this situation. You need to share a string variable and you had that solution long time ago.
0
 
kristof1104Commented:
à singleton isnt so far fetched, it's for extendability. I'm sure along the way he will want to access more and more of the users properties. And if his program grows and he needs to define a lot of  variables it'll become a mess. Unless he makes a logedinuser class and makes a global variable out of that. But then a singleton is better. Because then you are sure only one logedinuser instance exists, and you are not able to override it!. There are a few other ways but lets just leave the  choice to him. 

Anyway the problem he has has nothing to do with setting the variable, so singleton or public variable has nothing to do with it. His problem lies in not knowing how to get the user group from db.   

So a quick overview what you need to do:

At login: Get the user group from the database( using à query like you do the check if the user is in the db)
Set the user group by using the singleton or public variable
In the btnadd function: just compare if the user has the correct group. 

Regards Kristof 
0
 
GrahamSAAuthor Commented:
HI Guys

21 comments and I am still stuck, I am really new to this stuff and am trying my best to keep up, and learn at the same time. I am super greatful all help and patience.

But where to go from here?
If there is an easy quick way to do this, lets try that. On the brighter side, I will be attending my first course soon.

Maybe Ill pick things up a bit faster
0
 
kristof1104Commented:
Since the singleton is set up, all you need to do is:

Look in the database and see of there is a usergroup column in there, if not add one! And fill in Super for THE users that are super users and normal for THE normal users. 

Then in the login function do a sql statement like "select usergroup from users where username= (username LogedInUser)" and put the result in the singleton like This: LogedInUser.getInstance().Group = THE result of THE query. 

I'm sorry to say but it doesn't get easyer than This! You did harder Things than this already so you'll get it right This time! 

One other option is, if you have a super user, one account who always has the same loginname, and you want to resolve This quickly you can Check if the logedinuser is that super user in the login function and than set THE group to super! 
For example in THE login function after getting the username:

If Username.Equals("admin") Then
LogedInUser.getInstance().Group = "Super"
end if

I really can't say Anything more because i have already told you where to start so try that and if you have problems along the way let us know!

Regards Kristof 
( sorry for THE captions stupid iPhone autocorrect)
0
 
GrahamSAAuthor Commented:
Thanks for all the hard work
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

  • 11
  • 10
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now