Whats the best way of implementing authorization in a win forms
application.
I mean things like show/hide or enable/disable Save button ,creating
context menus etc.
13  7478 
If you get stuck, please let me know. This is part of
System.Componen tModel, an area that I know very well. Although I
understand them, I haven't personally *created* an extension property
before, but I imagine that it isn't too tricky *if* you understand how
the rest of that area works. Actually, I'd happily use it as an excuse
to do some more digging in that area... ;-p
Marc
On Apr 11, 4:25 am, Marc Gravell <marc.grav...@g mail.comwrote:
For info, here is a rough sketch of what the component would look
like... this allows both IDE and programmatic usage; note that for
roles-based security you'd also need to initialize the principal - at
the most primative this can be as simple as:
Thread.CurrentP rincipal = new GenericPrincipa l(
new GenericIdentity ("Marc"), // name of user
new string[] { "BASIC" } // array of roles that the
user has
);
Obviously if your security model is more complex, you may need to
change things ;-p
[ProvideProperty ("Role", typeof(Control) )]
[ToolboxItemFilt er("System.Wind ows.Forms")]
[Description("Pr ovides automatic role-checking")]
public class RoleDisabler : Component, IExtenderProvid er
{
private Dictionary<Cont rol, stringmap
= new Dictionary<Cont rol, string>();
[DefaultValue("" )]
public string GetRole(Control control)
{
if (control == null) return "";
string role;
map.TryGetValue (control, out role);
return role ?? "";
}
public void SetRole(Control control, string role)
{
if (control == null) return;
bool add = false, remove = false;
if (string.IsNullO rEmpty(role))
{
remove = map.Remove(cont rol);
}
else
{
add = !map.ContainsKe y(control);
map[control] = role;
}
if (!DesignMode)
{
SetEnabled(cont rol);
if (add)
{
control.ParentC hanged += control_ParentC hanged;
}
else if (remove)
{
control.ParentC hanged -= control_ParentC hanged;
}
}
}
private void SetEnabled(Cont rol control)
{
if (DesignMode || control == null) return;
string role;
if (map.TryGetValu e(control, out role))
{
IPrincipal principal = Thread.CurrentP rincipal;
control.Enabled = principal == null ? false :
principal.IsInR ole(role);
}
}
void control_ParentC hanged(object sender, EventArgs e)
{
SetEnabled(send er as Control);
}
bool IExtenderProvid er.CanExtend(ob ject obj)
{
return obj is Control;
}
}
Thanks..
How will i use the RoleDisabler ? would i drag it from the toolbar
like tooltip?
On Apr 11, 1:49 pm, parez <psaw...@gmail. comwrote:
On Apr 11, 4:25 am, Marc Gravell <marc.grav...@g mail.comwrote:
For info, here is a rough sketch of what the component would look
like... this allows both IDE and programmatic usage; note that for
roles-based security you'd also need to initialize the principal - at
the most primative this can be as simple as:
Thread.CurrentP rincipal = new GenericPrincipa l(
new GenericIdentity ("Marc"), // name of user
new string[] { "BASIC" } // array of roles that the
user has
);
Obviously if your security model is more complex, you may need to
change things ;-p
[ProvideProperty ("Role", typeof(Control) )]
[ToolboxItemFilt er("System.Wind ows.Forms")]
[Description("Pr ovides automatic role-checking")]
public class RoleDisabler : Component, IExtenderProvid er
{
private Dictionary<Cont rol, stringmap
= new Dictionary<Cont rol, string>();
[DefaultValue("" )]
public string GetRole(Control control)
{
if (control == null) return "";
string role;
map.TryGetValue (control, out role);
return role ?? "";
}
public void SetRole(Control control, string role)
{
if (control == null) return;
bool add = false, remove = false;
if (string.IsNullO rEmpty(role))
{
remove = map.Remove(cont rol);
}
else
{
add = !map.ContainsKe y(control);
map[control] = role;
}
if (!DesignMode)
{
SetEnabled(cont rol);
if (add)
{
control.ParentC hanged += control_ParentC hanged;
}
else if (remove)
{
control.ParentC hanged -= control_ParentC hanged;
}
}
}
private void SetEnabled(Cont rol control)
{
if (DesignMode || control == null) return;
string role;
if (map.TryGetValu e(control, out role))
{
IPrincipal principal = Thread.CurrentP rincipal;
control.Enabled = principal == null ? false :
principal.IsInR ole(role);
}
}
void control_ParentC hanged(object sender, EventArgs e)
{
SetEnabled(send er as Control);
}
bool IExtenderProvid er.CanExtend(ob ject obj)
{
return obj is Control;
}
}
Thanks..
How will i use the RoleDisabler ? would i drag it from the toolbar
like tooltip?
That was great.. thanks...
I have a question..
When will the SetEnabled function execute?
On Apr 11, 2:14 pm, parez <psaw...@gmail. comwrote:
On Apr 11, 1:49 pm, parez <psaw...@gmail. comwrote:
On Apr 11, 4:25 am, Marc Gravell <marc.grav...@g mail.comwrote:
For info, here is a rough sketch of what the component would look
like... this allows both IDE and programmatic usage; note that for
roles-based security you'd also need to initialize the principal - at
the most primative this can be as simple as:
Thread.CurrentP rincipal = new GenericPrincipa l(
new GenericIdentity ("Marc"), // name of user
new string[] { "BASIC" } // array of roles that the
user has
);
Obviously if your security model is more complex, you may need to
change things ;-p
[ProvideProperty ("Role", typeof(Control) )]
[ToolboxItemFilt er("System.Wind ows.Forms")]
[Description("Pr ovides automatic role-checking")]
public class RoleDisabler : Component, IExtenderProvid er
{
private Dictionary<Cont rol, stringmap
= new Dictionary<Cont rol, string>();
[DefaultValue("" )]
public string GetRole(Control control)
{
if (control == null) return "";
string role;
map.TryGetValue (control, out role);
return role ?? "";
}
public void SetRole(Control control, string role)
{
if (control == null) return;
bool add = false, remove = false;
if (string.IsNullO rEmpty(role))
{
remove = map.Remove(cont rol);
}
else
{
add = !map.ContainsKe y(control);
map[control] = role;
}
if (!DesignMode)
{
SetEnabled(cont rol);
if (add)
{
control.ParentC hanged += control_ParentC hanged;
}
else if (remove)
{
control.ParentC hanged -= control_ParentC hanged;
}
}
}
private void SetEnabled(Cont rol control)
{
if (DesignMode || control == null) return;
string role;
if (map.TryGetValu e(control, out role))
{
IPrincipal principal = Thread.CurrentP rincipal;
control.Enabled = principal == null ? false :
principal.IsInR ole(role);
}
}
void control_ParentC hanged(object sender, EventArgs e)
{
SetEnabled(send er as Control);
}
bool IExtenderProvid er.CanExtend(ob ject obj)
{
return obj is Control;
}
}
Thanks..
How will i use the RoleDisabler ? would i drag it from the toolbar
like tooltip?
That was great.. thanks...
I have a question..
When will the SetEnabled function execute?
I think i got it. thanks..once again..you were a life saver..
When will *the SetEnabled function execute?
When not in the designer (DesignMode), it executes when you either
change the role (SetRole), or when the control is added to a parent.
The reason for this second bit is this is always the last thing that
designer-generated code does - so it will take precendence over the
designer.
I think i got it. thanks..once again..you were a life saver..- Hide quotedtext -
No problem; I'm always up for an excuse to mess in the
System.Componen tModel ;-p
Marc
Basically I need function RoleLevel( role, department) which returns access
level.
The inbuilt roles-based security (IPrincipal) only covers single-
dimension roles. You can of course shim this by using roles like
SOMEDEPT_EDIT, SOMEDEPT_READ etc; whether that is sensible or not
depends on the scenario. Another option is NT ACLs, but then you need
to impersonate into that NT user - but it can be very flexible.
Marc
On Apr 11, 5:06 pm, Marc Gravell <marc.grav...@g mail.comwrote:
When will the SetEnabled function execute?
When not in the designer (DesignMode), it executes when you either
change the role (SetRole), or when the control is added to a parent.
The reason for this second bit is this is always the last thing that
designer-generated code does - so it will take precendence over the
designer.
I think i got it. thanks..once again..you were a life saver..- Hide quoted text -
No problem; I'm always up for an excuse to mess in the
System.Componen tModel ;-p
Marc
Hi,
I just one more issue... If a control has sub-control(compone nt) then
it does not show up for the sub components.
e.g MenuStrip control has ToolStripMenuIt em children. How do I make
it show up(in properties) for those controls.
TIA
I just one more issue... If a control has sub-control(compone nt) then
it does not show up for the sub components.
e.g MenuStrip control has ToolStripMenuIt em children. *How do I make
it show up(in properties) for those controls.
I suspect that is because ToolStripMenuIt em isn't a Control, and I
restricted it to Controls; Changed as below (I also removed the events
stuff - didn't seem necessary in hindsight):
[ProvideProperty ("Role", typeof(Control) )]
[ToolboxItemFilt er("System.Wind ows.Forms")]
[Description("Pr ovides automatic role-checking")]
public class RoleDisabler : Component, IExtenderProvid er
{
private Dictionary<obje ct, stringmap
= new Dictionary<obje ct, string>();
[DefaultValue("" )]
public string GetRole(object obj)
{
if (obj == null) return "";
string role;
map.TryGetValue (obj, out role);
return role ?? "";
}
public void SetRole(object obj, string role)
{
if (obj == null) return;
if (string.IsNullO rEmpty(role))
{
map.Remove(obj) ;
}
else
{
map[obj] = role;
}
if (!DesignMode)
{
SetEnabled(obj) ;
}
}
private void SetEnabled(obje ct obj)
{
if (DesignMode || obj == null) return;
string role;
if (map.TryGetValu e(obj, out role))
{
IPrincipal principal = Thread.CurrentP rincipal;
bool isInRole = principal == null ? false :
principal.IsInR ole(role);
if (obj is Control)
{
((Control)obj). Enabled = isInRole;
}
else if (obj is ToolStripItem)
{
((ToolStripItem )obj).Enabled = isInRole;
}
}
}
bool IExtenderProvid er.CanExtend(ob ject obj)
{
return obj is Control || obj is ToolStripItem;
}
}
On Apr 14, 4:01 pm, Marc Gravell <marc.grav...@g mail.comwrote:
I just one more issue... If a control has sub-control(compone nt) then
it does not show up for the sub components.
e.g MenuStrip control has ToolStripMenuIt em children. How do I make
it show up(in properties) for those controls.
I suspect that is because ToolStripMenuIt em isn't a Control, and I
restricted it to Controls; Changed as below (I also removed the events
stuff - didn't seem necessary in hindsight):
[ProvideProperty ("Role", typeof(Control) )]
[ToolboxItemFilt er("System.Wind ows.Forms")]
[Description("Pr ovides automatic role-checking")]
public class RoleDisabler : Component, IExtenderProvid er
{
private Dictionary<obje ct, stringmap
= new Dictionary<obje ct, string>();
[DefaultValue("" )]
public string GetRole(object obj)
{
if (obj == null) return "";
string role;
map.TryGetValue (obj, out role);
return role ?? "";
}
public void SetRole(object obj, string role)
{
if (obj == null) return;
if (string.IsNullO rEmpty(role))
{
map.Remove(obj) ;
}
else
{
map[obj] = role;
}
if (!DesignMode)
{
SetEnabled(obj) ;
}
}
private void SetEnabled(obje ct obj)
{
if (DesignMode || obj == null) return;
string role;
if (map.TryGetValu e(obj, out role))
{
IPrincipal principal = Thread.CurrentP rincipal;
bool isInRole = principal == null ? false :
principal.IsInR ole(role);
if (obj is Control)
{
((Control)obj). Enabled = isInRole;
}
else if (obj is ToolStripItem)
{
((ToolStripItem )obj).Enabled = isInRole;
}
}
}
bool IExtenderProvid er.CanExtend(ob ject obj)
{
return obj is Control || obj is ToolStripItem;
}
}
I tried that .. It did not work... it still doesnt show it.. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Ronald S. Cook |
last post by:
In my ASP.NET app, I have a few pages that I want to be public (i.e.
accessible by everyone) and the rest private (user has to be signed in). In
the examples I've seen, the public files have been in the root folder with
it's own Web.config file and the private ones in a subfolder with a separate
Web.config file.
Must I necessarily use a subfolder to separate private from public files?
Could I maybe have them all in the same root folder...
|
by: Mark Olbert |
last post by:
I am having a devil of a time trying to get Forms authentication to work in a very simple test
webapp (I've gotten it to work many, many times when developing on my WinXP client box, but I've
just switched to doing development/debug on a Win2K server with IIS5, and something is obviously
wrong).
Here's the site:
login.aspx
/ssl/members/members.aspx
|
by: nick |
last post by:
Hi, How should I write the web.config file to allow some of the aspx files
be executable to all users and others are required users to login? All the
aspx files are in the same folder.
|
by: Johnnie Norsworthy |
last post by:
ASP.NET 2.0
How do I configure my web site to require forms authorization only for a
subfolder off the root? I know how to set Web.config for forms
authentication for the whole site, but I need the root folder to allow all
read access, and a single subfolder to require authorization.
Thanks for any assistance.
-Johnnie
|
by: Water Cooler v2 |
last post by:
Is the authorization tag/class in web.config\<system.web> available
only for Windows authorization? Does it make sense for Forms based
authentication?
| | |
by: sonu |
last post by:
Mark is creating a website using ASP.NET. He is using Forms
authentication for authenticating and authorizing users. He has the
following
layout of files and directories in his website:
Root
....File
Manager/
....Files
Employee/
|
by: Anthony Small |
last post by:
Hello,
I have a login.aspx page that is associated with a theme. When I view the
page login.aspx with forms authentication/authorization set as below in the
web.config file the theme displays on the page as expected.
<authentication mode="Forms">
<forms loginUrl="~/Pages/Login.aspx" protection="All" timeout="40"
/>
</authentication>
<authorization>
<allow users="*"/>
|
by: yofnik |
last post by:
Hello,
Using policy (modifying web.config) and FormsAuthentication, is it
possible to return an error message (or redirect to error page) instead
of redirecting to the login page for specific users only?
Here's an example:
I have a section of my web app that is for admins only. The
authorization section of my web.config looks like.
|
by: xke |
last post by:
Using web.config authorization settings, is it possible to allow my
users to access default.aspx but not default.aspx?action=edit ??
<location path="default.aspx">
<system.web>
<authorization>
<allow users ="*" />
</authorization>
</system.web>
</location>
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
| | |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
