DynamicData - Limit Tables shown on Default page and List, Edit & Details etc - Part 4 (original) (raw)

Articles in this Series

See sample metadata in Listing 1

[TablePermissions(TablePermissionsAttribute.Permissions.DenyRead, "Sales")] public partial class Order_Detail {}

[TablePermissions(TablePermissionsAttribute.Permissions.DenyRead, "Sales")] public partial class Employee {}

[TablePermissions(TablePermissionsAttribute.Permissions.DenyRead, "Sales")] public partial class Shipper {}

Listing 1

Now on the Default.aspx.cs a generic piece of code can be added that will remove any table with a DenyRead attribute for one of the current users roles.

System.Collections.IList visibleTables = MetaModel.Default.VisibleTables;

// remove tables from the list if DenyRead String[] roles = Roles.GetRolesForUser(); foreach (var table in MetaModel.Default.Tables) { var permissions = ((MetaTable)table).GetTablePermissions(roles); if (permissions.Contains(TablePermissionsAttribute.Permissions.DenyRead)) visibleTables.Remove(table); }

Listing 2

The code in Listing 2 simply checks the permissions on each table for the current users Roles and if a DenyRead is encountered then the table is removed form the visibleTables collection.

Some Error Handling for Pages Reached with Tables that are DenyRead

In Listing 3 a list of permission for the current users roles are acquired from the GetTablePermissions helper extension method and if it contains a DenyRead then the page is redirected to the Default.aspx page with an error message in the URL.

// get user permissions var tablePermissions = table.GetTablePermissions(Roles.GetRolesForUser());

// if table is denied read throw error if (tablePermissions.Contains(TablePermissionsAttribute.Permissions.DenyRead)) { Response.Redirect("~/Default.aspx?error=No access to " + table.Name); }

Listing 3