Databases
StackOverflow2013
Postsdbo
PO
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    primarykey
    data
    text
    <p>You can implement like this.</p> <ol> <li>Enum for roles</li> <li>FilterAttribute</li> <li>Create Web.sitemap for menu</li> <li>Add Menu creator action</li> <li>Add Menu to _Layout.cshtml</li> <li>Add FilterAttribute to controller or action</li> </ol> <p>----1 Enum------</p> <pre><code>public enum Roles{ Common=1, Student = 2, Teacher=4 Administration=8 } </code></pre> <p>----2 RequirePermissionFilter----</p> <pre><code>public class RequirePermissionFilter : ActionFilterAttribute, IAuthorizationFilter { private readonly Roles[] _requiredRoles; public RequirePermissionFilter(Roles requiredRoles) { _requiredRoles = new Roles[] { requiredRoles }; } public RequirePermissionFilter(Roles[] requiredRoles) { _requiredRoles = requiredRoles; } public void OnAuthorization(AuthorizationContext filterContext) { var success = false; foreach (Roles role in _requiredRoles) { success |= _authManager.HasPermission(role); } if (success) { var cache = filterContext.HttpContext.Response.Cache; cache.SetProxyMaxAge(new TimeSpan(0)); cache.AddValidationCallback((HttpContext context, object data, ref HttpValidationStatus validationStatus) =&gt; { validationStatus = this.OnCacheAuthorization(new HttpContextWrapper(context)); }, null); } else { this.HandleUnauthorizedRequest(filterContext); } } private void HandleUnauthorizedRequest(AuthorizationContext filterContext) { // Ajax requests will return status code 500 because we don't want to return the result of the // redirect to the login page. if (filterContext.RequestContext.HttpContext.Request.IsAjaxRequest()) { filterContext.Result = new HttpStatusCodeResult(500); } else { filterContext.Result = new RedirectToRouteResult("Error - 401", null); } } public HttpValidationStatus OnCacheAuthorization(HttpContextBase httpContext) { var success = false; foreach (Roles role in _requiredRoles) { success |= _authManager.HasPermission(role); } if (success) { return HttpValidationStatus.Valid; } else { return HttpValidationStatus.IgnoreThisRequest; } } } </code></pre> <p>----3 Web.sitemap-----</p> <pre><code>&lt;?xml version="1.0" encoding="utf-8" ?&gt; &lt;siteMap xmlns="http://schemas.microsoft.com/AspNet/SiteMap-File-1.0" &gt; &lt;siteMapNode url="" roleName="" title="" menuVisible="True"&gt; &lt;siteMapNode url="~/Home/Index" roleName="-1" title="Home" menuVisible="True"/&gt; &lt;siteMapNode url="~/Student/Index" roleName="2 title="Student" menuVisible="True"&gt; &lt;siteMapNode url="~/MyLessons/Index" roleName="2 title="My Lessons" menuVisible="True"/&gt; &lt;/siteMapNode&gt; &lt;siteMapNode url="~/Teacher/Index" roleName="4 title="Teacher" menuVisible="True"/&gt; &lt;siteMapNode url="~/Administration/Index" roleName="8 title="Administration" menuVisible="True"/&gt; &lt;/siteMapNode&gt; &lt;/siteMap&gt; </code></pre> <p>----4 Menu Creator Action----</p> <pre><code>public class CommonController : Controller{ public ActionResult NavigationMenu() { return Content(SiteMapMenu()); } public string SiteMapMenu() { StringBuilder sb = new StringBuilder(); sb.Append("&lt;div class='menu'&gt;&lt;ul&gt;"); var topLevelNodes = SiteMap.RootNode.ChildNodes; foreach (SiteMapNode node in topLevelNodes) { if (HasPermission(node) &amp;&amp; IsVisible(node)) { if (SiteMap.CurrentNode == node) sb.Append("&lt;li class='selectedMenuItem'&gt;"); else sb.Append("&lt;li&gt;"); if (!string.IsNullOrEmpty(node.Url)) sb.AppendFormat("&lt;a href='{0}'&gt;{1}&lt;/a&gt;", Url.Content(node.Url), node.Title); else sb.AppendFormat("&lt;a href='javascript:void(0)'&gt;{0}&lt;/a&gt;", node.Title); if (node.HasChildNodes &amp;&amp; AnyOfChildIsVisible(node)) { foreach (SiteMapNode childNode in node.ChildNodes) { if (HasPermission(childNode) &amp;&amp; IsVisible(childNode)) { sb.Append("&lt;li&gt;"); sb.AppendFormat("&lt;a href='{0}'&gt;{1}&lt;/a&gt;", Url.Content(childNode.Url), childNode.Title); sb.Append("&lt;/li&gt;"); } } sb.Append("&lt;/ul&gt;&lt;/div&gt;"); } sb.AppendLine("&lt;/li&gt;"); } } sb.AppendLine("&lt;/ul&gt;&lt;/div&gt;"); return sb.ToString(); } private bool HasPermission(SiteMapNode node) { int roleName = int.Parse(node["roleName"].ToString()); if ((roleName == -1) || (_authManager.HasPermission((Roles)roleName))) return true; return false; } private bool IsVisible(SiteMapNode node) { return bool.Parse(node["menuVisible"]); } private bool AnyOfChildIsVisible(SiteMapNode node) { foreach (SiteMapNode item in node.ChildNodes) { if (IsVisible(item)) return true; } return false; } } </code></pre> <p>----5 Add helper to _Layout.cshtml</p> <pre><code> @Html.Action("NavigationMenu", "Common") </code></pre> <p>----6 Controller----</p> <pre><code>[RequirePermissionFilter(Roles.Student)] public class StudentController : Controller{ /* * * * * */ } </code></pre> <p>----AuthManager---</p> <pre><code>public interface IAuthManager { bool HasPermission(Roles requiredRole); } public class AuthManager : IAuthManager { private ISessionManager _sessionManager; private ISuggestionConfig _config; public bool HasPermission(Roles requiredRoles) { if (HttpContext.Current.Session["USER"] != null) return (requiredRoles &amp; ((User)HttpContext.Current.Session["USER"]).Roles) == requiredRoles; else return false; } } </code></pre>
    singulars
    1. This table or related slice is empty.
    1. POtiny custom role management for asp.net mvc 3
      singulars
      1. PTQuestion
    1. PTAnswer
    1. USYorgo
    1. USYorgo
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. POtiny custom role management for asp.net mvc 3
      singulars
      1. PTQuestion
    1. This table or related slice is empty.
    1. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    2. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTAcceptedByOriginator
    3. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    1. COwow that was fast, i think i like this way, but where the authentication happens? and where to pass the role to the filter also i use a helper to generate submenu for discipline from databse. the roles are from database too.will update the post to include how i generate the submenu thanks.
      singulars
      1. PO
      1. USblack sensei
    2. COauthentication happens in `RequirePermissionFilter` filter. You have to pass minimum require role like this; `[RequirePermissionFilter(Roles.Student)] `. You have to add the user role to session on authentication. And then check the session object if user have minimum required role.
      singulars
      1. PO
      1. USYorgo
    3. COWhat i mean is the scenario that happens after login from the database. Assuming i implemented everything how does it work in the bigger picture `1` i find a user corresponding to the passed username/password `2` i store that user object in a session `3` i instantiate the RequirePermission by passing the role it `4` the filter start checking roles for each annotated controller then am good to go ?
      singulars
      1. PO
      1. USblack sensei
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload