locked
LightSwitch HTML, Active Directory Row Level Security issue RRS feed

  • Question

  • Hi All,

    I have a web app created in LightSwitch HTML (Visual Studio Pro 2013 Update 5). Just a simple app, pulling data from an External SQL Server with 1 field that the users can update. Two tables: A managers table with Manager Name and UserID; and an Employee table with employee info. Each Manager can have multiple employees, employee can only have 1 manager. We only want the Manager that is logged in to see the employees associated with their UserID. So I enabled Authentication, selected Windows Authentication, Allow any authenticated Windows user. I then wrote some code in the manager table's filter:

    namespace LightSwitchApplication
    {
        public partial class MyProjectDataService
        {
            partial void vwManagerLookups_Filter(ref Expression<Func<vwManagerLookup, bool>> filter)
            {
                // filter = e => e.IntegerProperty == 0;
                filter = e => e.UserID == this.Application.User.Name;
            }
        }
    }

    This works... BUT, I have to use a "Details Picker" on the screen before any data is populated on screen. When I click the + in the search box only the Manager that I am logged in as shows up, and when I select that manager the correct employee data appears. If I remove the Details picker the app open and never displays any data. I want the Manager to be auto-selected as soon as the app opens.

    I had previously created this as a Desktop app in LightSwitch and following the 'almost' exact same procedure it works great. the app opens and the Managers name is already selected and all of their employee's data is listed.

    Is there an extra step in HTML vs Desktop apps? Something I need to do in HTMLClient view instead or Server view?

    To clarify I am not using any roles or permissions. Just filtering the tables down to the user that is logged in under Active Directory.

    Thanks,

    Jeremy

    Friday, November 18, 2016 8:13 PM

Answers

All replies

  • Hi Jeremy, not sure to understand how your screen is designed.

    As Manager is a navigation property in Employees table why don't you filter there?

    Something like this in Employee entity server side code (I usually code in VB so please double check):

    filter = e => e.Manager.UserID == this.Application.User.Name;

    If you need Managers details picker on you screen maybe you could put some code in main group postRender, checking when load is finished and setting selected item in code:

        contentItem.screen.vwManagerLookups.addChangeListener("state", function () {
            if (contentItem.screen.vwManagerLookups.state == msls.VisualCollection.State.idle) {
                if (contentItem.screen.vwManagerLookups.data.length = 1) {
                    contentItem.screen.vwManagerLookups.selectedItem = contentItem.screen.vwManagerLookups.data[0];
                }
            };
        });


    Marco

    Monday, November 21, 2016 5:49 PM
  • Hi Marco,

    Thanks for the reply but unfortunately that did not work, the first part at least. I added the filter to the Employee's _filter code but had the same results. I tried it with having the filter on both tables and just on one or the other. If I remove the Details Picker the screen loads but no data gets loaded.

    I will try the code you posted about setting the selecteditem in the postrender. I'm just a little confused as to why it doesn't do that automatically like it does in the Desktop apps.

    Either way I'll post back with what happens.

    Jeremy

    Tuesday, November 22, 2016 3:31 PM
  • I think I found my problem, it may just be the type of screen template I used in the beginning. I used the "Add/Edit Details Screen" template.

    I created a new project and just used a very simple table as the data source:

    Name, UserID, Amount

    I then added a screen using the "Add/Edit Details Screen" template. Upon running the app the same issue came up, no data. I had to add a details picker to it to get anything to populate.

    Is this just the behavior of that screen template? Can I modify it so that it does not need a Details Picker to show data? Or should I be using a different screen Template. the only Templates I have are:

    Common Screen Set

    Browse Data Screen

    View Details Screen

    Add/Edit Details Screen

    I just need to display rows of data and have 1 of the fields editable.

    Thanks,

    Jeremy

    Tuesday, November 22, 2016 5:52 PM
  • Jeremy, I find quite difficult to understand your needs.

    As per your last question, if you have a solution with only one table then a simple option would be creating a Common screen set or a Browse + Add/edit screen (which entity was bound to your details picker??)

    I hope these links will help to clarify:

    https://msdn.microsoft.com/en-us/library/jj713590.aspx

    https://blogs.msdn.microsoft.com/lightswitch/2014/03/25/how-to-create-common-screens-quickly-kevin-mehlhaff/

    https://msdn.microsoft.com/en-us/library/jj674623.aspx

    About you first question, you talked about Managers and Employees.

    have you set a parent/child relation between the two?

    if yes, have you tried to stop the debugger inside Employees _filter code?

    If you used the "Add/Edit Details Screen" on Manager entity as your home screen the entity was null so was impossible to show any list of associated Employees.

    Anyway take a look at this blog post about master-details screens


    Marco

    Tuesday, November 22, 2016 6:58 PM
  • Marco,

    Thanks for being patient with me, I am completely new to any "web" development. My background is in SQL, SSIS, SSAS, just data stuff.

    Yes, I do indeed have an Add/Edit screen set as my home screen. I had no idea that in this case my 'entity' would be null until I used a Details Picker.

    My real project does have a Managers and an Employees table with the proper relationships set. I think my only issue was the whole null entity issue. Now that I know about that I will just use a browse screen and create my own custom save/refresh button.

    Unless there is a way to stop the entity from being null on an Add/Edit home screen :)

    Thanks,

    Jeremy

    Tuesday, November 22, 2016 8:32 PM
  • OK, no luck. No Matter what type of screen I use the Manager still has to click on something for any employee details to show up :(

    This is what I would like to happen, using LightSwitch HMTL:

    I have a list of Managers in a table. I also have a list of Employees in another table. These are linked by a ManagerID

    When a Manager opens the app his/her name is displayed at the top, something like "Welcome: Manager 1". Below that a list of their associated employees, showing some details about the employee and one of the fields to be updateable. All this on one screen, no popups or anything like that.

    But I don't want the manager to have to click on something to load the employee details. I am using Active Directory to filter the Manager table down to just the current Manager, so having to click on their own name once they open the app seems redundant.

    Thanks,

    Jeremy

    Tuesday, November 22, 2016 10:31 PM
  • Jeremy, I suggest you to first solve your filter issue, after that it will be very easy adding an automatically filtered browse home screen (based on Employees, not on Managers).

    In LS table designer you should ensure that Employee entity has a correct many to one relationship against Manager entity, or at least manager's UserId (not ManagerId I guess) to filter by.

    By the way, when you'll finally add Employees browse/home screen you'll have to change it's behavior to have save button and save logic added for you by simply editing this property in screen designer:

    Additionally I think you should read these two articles:

    https://blogs.msdn.microsoft.com/bethmassi/2013/11/04/beginning-lightswitch-in-vs-2013-part-3-screen-templates-which-one-do-i-choose/

    https://blogs.msdn.microsoft.com/bethmassi/2013/04/17/using-lightswitch-serverapplicationcontext-and-webapi-to-get-user-permissions/


    Marco

    • Marked as answer by Jeremy Crouch Wednesday, December 14, 2016 10:10 PM
    Wednesday, November 23, 2016 7:44 AM