locked
How to limit rows by user role RRS feed

  • Question

  • User1929428035 posted

    I have a StudentGrades table which I want to give access to users in the Student's role. So when a student accesses the Student Grades they will only see their own grades.

    Thursday, April 11, 2013 5:27 PM

Answers

  • User-326746839 posted

    Hi,

    Why don't you simply show (via menu) the same GridView that you might be using to display the whole set of data but putting some kind of constraint in the "where" part of the DataSource ... there you will have only the records that belong to that kind of user profile .... ?

    Just pass as parameteres the info you get from the login user screen ... piece of cake, isn't it?

    Carlos N. Porras
    (El Salvador) 

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Saturday, April 13, 2013 11:12 AM

All replies

  • User1124521738 posted

    a good bit will depend on your security model - such as group management and identification of current user and the current user's ID

    pseudo code:

    string sSQL ="";

    if (Roles.IsUserInRole("student group" ) {

        sSQL = "select * from grades where studentid = " + userid;

    }

    if (Roles.IsUserInRole("teacher group") ) {

        sSQL = "select * from grades where teacherid = " + userid;

    }

    then run the SQL to get the restricted list

    or

    List<Grades> grades = new List<Grades>();

    if (Roles.IsUserInRole("student group" ) {

        grades = (from g in db.gradeTable

                       where g.studentid= userid

                        select g).ToList();

    }

    if (Roles.IsUserInRole("teacher group") ) {

        grades = (from g in db.gradeTable

                       where g.teacherid = userid

                        select g).ToList();

    }

    and then bind to grades.

    Thursday, April 11, 2013 5:32 PM
  • User-1137493631 posted

    are you going to display the studentGrageds data ?, you have keep the user role in role management methods...pleaes have a look in to this article, which will clearly explain how to implement it.

    http://msdn.microsoft.com/en-us/library/5k850zwb(v=vs.100).aspx

    Thursday, April 11, 2013 6:46 PM
  • User1929428035 posted

    Sorry I should have added in a dynamic data project.

    Friday, April 12, 2013 9:28 AM
  • User-326746839 posted

    Hi,

    Why don't you simply show (via menu) the same GridView that you might be using to display the whole set of data but putting some kind of constraint in the "where" part of the DataSource ... there you will have only the records that belong to that kind of user profile .... ?

    Just pass as parameteres the info you get from the login user screen ... piece of cake, isn't it?

    Carlos N. Porras
    (El Salvador) 

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Saturday, April 13, 2013 11:12 AM