Details view and field edit authorization

P

pymabep

New Member
I am trying to utilize a details view and provide the edit feature for a few levels of user authorization. Basically level 1 users cannot update a predefined set of fields but level 2 users can update these fields. I had tried simply setting the field to "visible=false" when defining the edittemplate and then in the databind I would test for authorization and make it visable=true if the user had privileges to update the field (see code example below). Worked like a charm, except I noticed that when level 1 users update the fields they are allowed to update, the visible=false fields would be set to null (overwritten) in the database. So, been trying various options not to have to duplicate the views etc.code snippet:aspx.......\[code\]<asp:TemplateField HeaderText="<%$ Resources:Resource, Level %>" SortExpression="LevelId"> <EditItemTemplate> <asp:DropDownList ID="LevelList" runat="server" DataTextField="LevelDesc" DataValueField="LevelId"> </asp:DropDownList> </EditItemTemplate> <HeaderStyle HorizontalAlign="Right" /> </asp:TemplateField> <asp:TemplateField HeaderText="<%$ Resources:Resource, Level1 %>" SortExpression="Level1Date" Visible="false" > <EditItemTemplate> <asp:TextBox ID="Level1" runat="server" Text='<%# Bind("Level1Date", "{0:d}") %>' /> <asp:CompareValidator ID="CompareValidator1" runat="server" ErrorMessage="Please enter a valid date (m/d/y)" ControlToValidate="Level1" Operator="DataTypeCheck" Type="Date" Display="Dynamic"></asp:CompareValidator> </EditItemTemplate> <HeaderStyle HorizontalAlign="Right" /> </asp:TemplateField> <asp:TemplateField HeaderText="<%$ Resources:Resource, Level2 %>" SortExpression="Level2Date" Visible="false" > <EditItemTemplate> <asp:TextBox ID="Level2" runat="server" Text='<%# Bind("Level2Date", "{0:d}") %>' /> <asp:CompareValidator ID="CompareValidator2" runat="server" ErrorMessage="Please enter a valid date (m/d/y)" ControlToValidate="Level2" Operator="DataTypeCheck" Type="Date" Display="Dynamic"></asp:CompareValidator> </EditItemTemplate> <HeaderStyle HorizontalAlign="Right" /> </asp:TemplateField> <asp:TemplateField HeaderText="<%$ Resources:Resource, Level4 %>" SortExpression="Level4Date" Visible="false" > <EditItemTemplate> <asp:TextBox ID="Level4" runat="server" Text='<%# Bind("Level4Date", "{0:d}") %>' /></Fields>aspx.cs SNIPPET<name>_DataBound(object sender, EventArgs e) {...if (User.IsInRole("yyy") || User.IsInRole("xxx)){ OfficialProfileInfo.Fields[2].Visible = true; OfficialProfileInfo.Fields[3].Visible = true;}\[/code\]
 
You must log in or register to reply here.
Back
Top