473,221 Members | 1,832 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,221 software developers and data experts.

Implement authorization in win forms

Whats the best way of implementing authorization in a win forms
application.
I mean things like show/hide or enable/disable Save button ,creating
context menus etc.
Apr 10 '08 #1
13 7415
If you get stuck, please let me know. This is part of
System.ComponentModel, an area that I know very well. Although I
understand them, I haven't personally *created* an extension property
before, but I imagine that it isn't too tricky *if* you understand how
the rest of that area works. Actually, I'd happily use it as an excuse
to do some more digging in that area... ;-p

Marc
Apr 10 '08 #2
On Apr 11, 4:25 am, Marc Gravell <marc.grav...@gmail.comwrote:
For info, here is a rough sketch of what the component would look
like... this allows both IDE and programmatic usage; note that for
roles-based security you'd also need to initialize the principal - at
the most primative this can be as simple as:

Thread.CurrentPrincipal = new GenericPrincipal(
new GenericIdentity("Marc"), // name of user
new string[] { "BASIC" } // array of roles that the
user has
);

Obviously if your security model is more complex, you may need to
change things ;-p

[ProvideProperty("Role", typeof(Control))]
[ToolboxItemFilter("System.Windows.Forms")]
[Description("Provides automatic role-checking")]
public class RoleDisabler : Component, IExtenderProvider
{
private Dictionary<Control, stringmap
= new Dictionary<Control, string>();
[DefaultValue("")]
public string GetRole(Control control)
{
if (control == null) return "";
string role;
map.TryGetValue(control, out role);
return role ?? "";
}
public void SetRole(Control control, string role)
{
if (control == null) return;
bool add = false, remove = false;
if (string.IsNullOrEmpty(role))
{
remove = map.Remove(control);
}
else
{
add = !map.ContainsKey(control);
map[control] = role;
}
if (!DesignMode)
{
SetEnabled(control);
if (add)
{
control.ParentChanged += control_ParentChanged;

}
else if (remove)
{
control.ParentChanged -= control_ParentChanged;
}
}
}
private void SetEnabled(Control control)
{
if (DesignMode || control == null) return;
string role;
if (map.TryGetValue(control, out role))
{
IPrincipal principal = Thread.CurrentPrincipal;
control.Enabled = principal == null ? false :
principal.IsInRole(role);
}
}
void control_ParentChanged(object sender, EventArgs e)
{
SetEnabled(sender as Control);
}
bool IExtenderProvider.CanExtend(object obj)
{
return obj is Control;
}
}
Thanks..

How will i use the RoleDisabler ? would i drag it from the toolbar
like tooltip?
Jun 27 '08 #3
On Apr 11, 1:49 pm, parez <psaw...@gmail.comwrote:
On Apr 11, 4:25 am, Marc Gravell <marc.grav...@gmail.comwrote:
For info, here is a rough sketch of what the component would look
like... this allows both IDE and programmatic usage; note that for
roles-based security you'd also need to initialize the principal - at
the most primative this can be as simple as:
Thread.CurrentPrincipal = new GenericPrincipal(
new GenericIdentity("Marc"), // name of user
new string[] { "BASIC" } // array of roles that the
user has
);
Obviously if your security model is more complex, you may need to
change things ;-p
[ProvideProperty("Role", typeof(Control))]
[ToolboxItemFilter("System.Windows.Forms")]
[Description("Provides automatic role-checking")]
public class RoleDisabler : Component, IExtenderProvider
{
private Dictionary<Control, stringmap
= new Dictionary<Control, string>();
[DefaultValue("")]
public string GetRole(Control control)
{
if (control == null) return "";
string role;
map.TryGetValue(control, out role);
return role ?? "";
}
public void SetRole(Control control, string role)
{
if (control == null) return;
bool add = false, remove = false;
if (string.IsNullOrEmpty(role))
{
remove = map.Remove(control);
}
else
{
add = !map.ContainsKey(control);
map[control] = role;
}
if (!DesignMode)
{
SetEnabled(control);
if (add)
{
control.ParentChanged += control_ParentChanged;
}
else if (remove)
{
control.ParentChanged -= control_ParentChanged;
}
}
}
private void SetEnabled(Control control)
{
if (DesignMode || control == null) return;
string role;
if (map.TryGetValue(control, out role))
{
IPrincipal principal = Thread.CurrentPrincipal;
control.Enabled = principal == null ? false :
principal.IsInRole(role);
}
}
void control_ParentChanged(object sender, EventArgs e)
{
SetEnabled(sender as Control);
}
bool IExtenderProvider.CanExtend(object obj)
{
return obj is Control;
}
}

Thanks..

How will i use the RoleDisabler ? would i drag it from the toolbar
like tooltip?
That was great.. thanks...
I have a question..
When will the SetEnabled function execute?
Jun 27 '08 #4
On Apr 11, 2:14 pm, parez <psaw...@gmail.comwrote:
On Apr 11, 1:49 pm, parez <psaw...@gmail.comwrote:
On Apr 11, 4:25 am, Marc Gravell <marc.grav...@gmail.comwrote:
For info, here is a rough sketch of what the component would look
like... this allows both IDE and programmatic usage; note that for
roles-based security you'd also need to initialize the principal - at
the most primative this can be as simple as:
Thread.CurrentPrincipal = new GenericPrincipal(
new GenericIdentity("Marc"), // name of user
new string[] { "BASIC" } // array of roles that the
user has
);
Obviously if your security model is more complex, you may need to
change things ;-p
[ProvideProperty("Role", typeof(Control))]
[ToolboxItemFilter("System.Windows.Forms")]
[Description("Provides automatic role-checking")]
public class RoleDisabler : Component, IExtenderProvider
{
private Dictionary<Control, stringmap
= new Dictionary<Control, string>();
[DefaultValue("")]
public string GetRole(Control control)
{
if (control == null) return "";
string role;
map.TryGetValue(control, out role);
return role ?? "";
}
public void SetRole(Control control, string role)
{
if (control == null) return;
bool add = false, remove = false;
if (string.IsNullOrEmpty(role))
{
remove = map.Remove(control);
}
else
{
add = !map.ContainsKey(control);
map[control] = role;
}
if (!DesignMode)
{
SetEnabled(control);
if (add)
{
control.ParentChanged += control_ParentChanged;
}
else if (remove)
{
control.ParentChanged -= control_ParentChanged;
}
}
}
private void SetEnabled(Control control)
{
if (DesignMode || control == null) return;
string role;
if (map.TryGetValue(control, out role))
{
IPrincipal principal = Thread.CurrentPrincipal;
control.Enabled = principal == null ? false :
principal.IsInRole(role);
}
}
void control_ParentChanged(object sender, EventArgs e)
{
SetEnabled(sender as Control);
}
bool IExtenderProvider.CanExtend(object obj)
{
return obj is Control;
}
}
Thanks..
How will i use the RoleDisabler ? would i drag it from the toolbar
like tooltip?

That was great.. thanks...
I have a question..
When will the SetEnabled function execute?
I think i got it. thanks..once again..you were a life saver..
Jun 27 '08 #5
When will *the SetEnabled function execute?

When not in the designer (DesignMode), it executes when you either
change the role (SetRole), or when the control is added to a parent.
The reason for this second bit is this is always the last thing that
designer-generated code does - so it will take precendence over the
designer.
I think i got it. thanks..once again..you were a life saver..- Hide quotedtext -
No problem; I'm always up for an excuse to mess in the
System.ComponentModel ;-p

Marc
Jun 27 '08 #6
Basically I need function RoleLevel( role, department) which returns access
level.
The inbuilt roles-based security (IPrincipal) only covers single-
dimension roles. You can of course shim this by using roles like
SOMEDEPT_EDIT, SOMEDEPT_READ etc; whether that is sensible or not
depends on the scenario. Another option is NT ACLs, but then you need
to impersonate into that NT user - but it can be very flexible.

Marc
Jun 27 '08 #7
On Apr 11, 5:06 pm, Marc Gravell <marc.grav...@gmail.comwrote:
When will the SetEnabled function execute?

When not in the designer (DesignMode), it executes when you either
change the role (SetRole), or when the control is added to a parent.
The reason for this second bit is this is always the last thing that
designer-generated code does - so it will take precendence over the
designer.
I think i got it. thanks..once again..you were a life saver..- Hide quoted text -

No problem; I'm always up for an excuse to mess in the
System.ComponentModel ;-p

Marc
Hi,

I just one more issue... If a control has sub-control(component) then
it does not show up for the sub components.
e.g MenuStrip control has ToolStripMenuItem children. How do I make
it show up(in properties) for those controls.

TIA
Jun 27 '08 #8
I just one more issue... If a control has sub-control(component) then
it does not show up for the sub components.
e.g MenuStrip control has ToolStripMenuItem children. *How do I make
it show up(in properties) for those controls.
I suspect that is because ToolStripMenuItem isn't a Control, and I
restricted it to Controls; Changed as below (I also removed the events
stuff - didn't seem necessary in hindsight):

[ProvideProperty("Role", typeof(Control))]
[ToolboxItemFilter("System.Windows.Forms")]
[Description("Provides automatic role-checking")]
public class RoleDisabler : Component, IExtenderProvider
{
private Dictionary<object, stringmap
= new Dictionary<object, string>();
[DefaultValue("")]
public string GetRole(object obj)
{
if (obj == null) return "";
string role;
map.TryGetValue(obj, out role);
return role ?? "";
}
public void SetRole(object obj, string role)
{
if (obj == null) return;
if (string.IsNullOrEmpty(role))
{
map.Remove(obj);
}
else
{
map[obj] = role;
}
if (!DesignMode)
{
SetEnabled(obj);
}
}
private void SetEnabled(object obj)
{
if (DesignMode || obj == null) return;
string role;
if (map.TryGetValue(obj, out role))
{
IPrincipal principal = Thread.CurrentPrincipal;
bool isInRole = principal == null ? false :
principal.IsInRole(role);
if (obj is Control)
{
((Control)obj).Enabled = isInRole;
}
else if (obj is ToolStripItem)
{
((ToolStripItem)obj).Enabled = isInRole;
}
}
}
bool IExtenderProvider.CanExtend(object obj)
{
return obj is Control || obj is ToolStripItem;
}
}
Jun 27 '08 #9
On Apr 14, 4:01 pm, Marc Gravell <marc.grav...@gmail.comwrote:
I just one more issue... If a control has sub-control(component) then
it does not show up for the sub components.
e.g MenuStrip control has ToolStripMenuItem children. How do I make
it show up(in properties) for those controls.

I suspect that is because ToolStripMenuItem isn't a Control, and I
restricted it to Controls; Changed as below (I also removed the events
stuff - didn't seem necessary in hindsight):

[ProvideProperty("Role", typeof(Control))]
[ToolboxItemFilter("System.Windows.Forms")]
[Description("Provides automatic role-checking")]
public class RoleDisabler : Component, IExtenderProvider
{
private Dictionary<object, stringmap
= new Dictionary<object, string>();
[DefaultValue("")]
public string GetRole(object obj)
{
if (obj == null) return "";
string role;
map.TryGetValue(obj, out role);
return role ?? "";
}
public void SetRole(object obj, string role)
{
if (obj == null) return;
if (string.IsNullOrEmpty(role))
{
map.Remove(obj);
}
else
{
map[obj] = role;
}
if (!DesignMode)
{
SetEnabled(obj);
}
}
private void SetEnabled(object obj)
{
if (DesignMode || obj == null) return;
string role;
if (map.TryGetValue(obj, out role))
{
IPrincipal principal = Thread.CurrentPrincipal;
bool isInRole = principal == null ? false :
principal.IsInRole(role);
if (obj is Control)
{
((Control)obj).Enabled = isInRole;
}
else if (obj is ToolStripItem)
{
((ToolStripItem)obj).Enabled = isInRole;
}
}
}
bool IExtenderProvider.CanExtend(object obj)
{
return obj is Control || obj is ToolStripItem;
}

}
I tried that .. It did not work... it still doesnt show it..
Jun 27 '08 #10
Curoious - even though it accepts multiple ProvidePropertyAttribute
declarations, only the first is used... never mind; change the
[ProvideProperty] line to:

[ProvideProperty("Role", typeof(Component))]

Marc
Jun 27 '08 #11
On Apr 10, 10:49*pm, parez <psaw...@gmail.comwrote:
Whats the best way of implementingauthorizationin a win forms
application.
I mean things like *show/hide or enable/disable Save button ,creating
context menus *etc.
Hi,

Visual Guard .Net is probably a good solution:

http://www.visual-guard.com/EN/.net-...ion-tool#admin
Jun 27 '08 #12
On Apr 14, 4:01 pm, Marc Gravell <marc.grav...@gmail.comwrote:
I just one more issue... If a control has sub-control(component) then
it does not show up for the sub components.
e.g MenuStrip control has ToolStripMenuItem children. How do I make
it show up(in properties) for those controls.

I suspect that is because ToolStripMenuItem isn't a Control, and I
restricted it to Controls; Changed as below (I also removed the events
stuff - didn't seem necessary in hindsight):

[ProvideProperty("Role", typeof(Control))]
[ToolboxItemFilter("System.Windows.Forms")]
[Description("Provides automatic role-checking")]
public class RoleDisabler : Component, IExtenderProvider
{
private Dictionary<object, stringmap
= new Dictionary<object, string>();
[DefaultValue("")]
public string GetRole(object obj)
{
if (obj == null) return "";
string role;
map.TryGetValue(obj, out role);
return role ?? "";
}
public void SetRole(object obj, string role)
{
if (obj == null) return;
if (string.IsNullOrEmpty(role))
{
map.Remove(obj);
}
else
{
map[obj] = role;
}
if (!DesignMode)
{
SetEnabled(obj);
}
}
private void SetEnabled(object obj)
{
if (DesignMode || obj == null) return;
string role;
if (map.TryGetValue(obj, out role))
{
IPrincipal principal = Thread.CurrentPrincipal;
bool isInRole = principal == null ? false :
principal.IsInRole(role);
if (obj is Control)
{
((Control)obj).Enabled = isInRole;
}
else if (obj is ToolStripItem)
{
((ToolStripItem)obj).Enabled = isInRole;
}
}
}
bool IExtenderProvider.CanExtend(object obj)
{
return obj is Control || obj is ToolStripItem;
}

}
Hi Marc,

I added the following to the RoleDisabler .. and now it also enables /
disables everytime my permission changes..
Thanks again..

private void HookUpEventhandlers()
{

UserAccessInfo.UserPermissionsUpdated += new
EventHandler<EventArgs>(UserAccessInfo_UserPermiss ionsUpdated);
}

void UserAccessInfo_UserPermissionsUpdated(object sender,
EventArgs e)
{
foreach (object obj in map.Keys)
{
try
{
SetEnabled(obj);
}
catch(Exception ex)
{

Trace.WriteLineIf(Logger.Instance.TraceSwitch.Trac eError,
ExceptionUtility.GetInnerMostException(ex).Message );
}
}
}
Jun 27 '08 #13
Hi Marc

Firstly thanks for posting your code - it's proving very useful for me (and many others I'm sure).

I've tested the code on my forms and it seems to deal very well with most things but "falls down" a little with things like datagridviews etc where more than one property would be bound - the code you've posted can happily enable/disable the entire control (i.e. all cols) but how would you go about hiding/making readonly some columns dependent on roles (i.e. "CanView"/"CanEdit" type properties?

Thanks in advance
Martin
Jul 16 '08 #14

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
by: Ronald S. Cook | last post by:
In my ASP.NET app, I have a few pages that I want to be public (i.e. accessible by everyone) and the rest private (user has to be signed in). In the examples I've seen, the public files have been...
4
by: Mark Olbert | last post by:
I am having a devil of a time trying to get Forms authentication to work in a very simple test webapp (I've gotten it to work many, many times when developing on my WinXP client box, but I've just...
3
by: nick | last post by:
Hi, How should I write the web.config file to allow some of the aspx files be executable to all users and others are required users to login? All the aspx files are in the same folder.
4
by: Johnnie Norsworthy | last post by:
ASP.NET 2.0 How do I configure my web site to require forms authorization only for a subfolder off the root? I know how to set Web.config for forms authentication for the whole site, but I need...
2
by: Water Cooler v2 | last post by:
Is the authorization tag/class in web.config\<system.web> available only for Windows authorization? Does it make sense for Forms based authentication?
1
by: sonu | last post by:
Mark is creating a website using ASP.NET. He is using Forms authentication for authenticating and authorizing users. He has the following layout of files and directories in his website: Root...
1
by: Anthony Small | last post by:
Hello, I have a login.aspx page that is associated with a theme. When I view the page login.aspx with forms authentication/authorization set as below in the web.config file the theme displays on...
0
by: yofnik | last post by:
Hello, Using policy (modifying web.config) and FormsAuthentication, is it possible to return an error message (or redirect to error page) instead of redirecting to the login page for specific...
4
by: xke | last post by:
Using web.config authorization settings, is it possible to allow my users to access default.aspx but not default.aspx?action=edit ?? <location path="default.aspx"> <system.web> <authorization>...
1
isladogs
by: isladogs | last post by:
The next online meeting of the Access Europe User Group will be on Wednesday 6 Dec 2023 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, Mike...
0
by: veera ravala | last post by:
ServiceNow is a powerful cloud-based platform that offers a wide range of services to help organizations manage their workflows, operations, and IT services more efficiently. At its core, ServiceNow...
3
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 3 Jan 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). For other local times, please check World Time Buddy In...
0
by: mar23 | last post by:
Here's the situation. I have a form called frmDiceInventory with subform called subfrmDice. The subform's control source is linked to a query called qryDiceInventory. I've been trying to pick up the...
0
by: abbasky | last post by:
### Vandf component communication method one: data sharing ​ Vandf components can achieve data exchange through data sharing, state sharing, events, and other methods. Vandf's data exchange method...
0
by: stefan129 | last post by:
Hey forum members, I'm exploring options for SSL certificates for multiple domains. Has anyone had experience with multi-domain SSL certificates? Any recommendations on reliable providers or specific...
0
Git
by: egorbl4 | last post by:
Скачал я git, хотел начать настройку, а там вылезло вот это Что это? Что мне с этим делать? ...
1
by: davi5007 | last post by:
Hi, Basically, I am trying to automate a field named TraceabilityNo into a web page from an access form. I've got the serial held in the variable strSearchString. How can I get this into the...
0
by: MeoLessi9 | last post by:
I have VirtualBox installed on Windows 11 and now I would like to install Kali on a virtual machine. However, on the official website, I see two options: "Installer images" and "Virtual machines"....

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.