locked
Programmatically show built in User and Roles screen? RRS feed

  • Question

  • How to show the built in User and Roles screen through code?

    robert

    Monday, December 10, 2012 5:30 PM

Answers

  • You'll need to create a RIA service that connects to the security data service, then you can base a screen on a table in that data source.


    Yann - LightSwitch Central - Click here for FREE Themes, Controls, Types and Commands
     
    Please click "Mark as Answer" if a reply answers your question. Please click "Vote as Helpful" , if you find a reply helpful.
     
    By doing this you'll help others to find answers faster.


    That's a potential approach, but from a security perspective not ideal. If you want to have access to the users/roles, you need to have security admin permission (when a user has no admin permission, she can only read her own user data). So, everyone needing access to the users/roles will need admin permission. It's very easy then, for a malicious user to connect over the odata security service and manipulate the user/role data (with write access).

    Here is the odata feed for the user registrations:

    http://***myapplication***/Microsoft.LightSwitch.SecurityData.svc/UserRegistrations

    Make a console app with a service reference to this service and write some code to delete all the users. This will convince you that you should grant only security admin rights to people who are genuine security admins.


    paul van bladel

    • Marked as answer by Angie Xu Thursday, December 20, 2012 12:44 AM
    Tuesday, December 11, 2012 7:10 PM
  • Hi Robert

    What I have proposed is completely based on RIA as per Yann said. Below is an example you can follow to understand more clearly.

    Filtering data based on assigned user in LightSwitch

    You may also go with Paul solution. This is more updated as per Visual Studio 2012.

    Regards


    Rashmi Ranjan Panigrahi
    www.lightswitchspecial.com

    If you found this post helpful, please “Vote as Helpful”. If it answered your question, please “Mark as Answer”.
    This will help other users to find their answer quickly.

    • Marked as answer by Angie Xu Thursday, December 20, 2012 12:44 AM
    Wednesday, December 12, 2012 4:42 AM

All replies

  • Hi Robert

    You can't show built in users and role screen programmatically. It is generated by lightswitch by default. If you want to play with lightswitch membership then you can create your own table and map all properties to lightswitch membership. Kindly go through the following thread where Matt explained more clearly.

    Using the SecurityData service in LightSwitch

    Regards


    Rashmi Ranjan Panigrahi
    www.lightswitchspecial.com

    If you found this post helpful, please “Vote as Helpful”. If it answered your question, please “Mark as Answer”.
    This will help other users to find their answer quickly.

    Monday, December 10, 2012 6:19 PM
  • Why would you want to do this, as opposed to exposing them in the already existing screen navigation mechanism?

    Yann - LightSwitch Central - Click here for FREE Themes, Controls, Types and Commands
     
    Please click "Mark as Answer" if a reply answers your question. Please click "Vote as Helpful" , if you find a reply helpful.
     
    By doing this you'll help others to find answers faster.

    Tuesday, December 11, 2012 12:32 AM
    Moderator
  • Hi Rashmi ,

    Do you have build such a solution (own screens for membership)?

    what to you mean with "map all properties to lightswitch membership"?

    robert

    Tuesday, December 11, 2012 7:41 AM
  • I want to show only Rolle screen for a specific use - all the best would be to have my own Memebership provider but there are some problems and it seems nobody can help me here (I have posted)

    another possibility might be to use my own lightswitch membership but I don't now how?

    the best woul be to have my own screens for managing the Users/Rolles because I also use special icons for saving/refreshing...

    robert

    Tuesday, December 11, 2012 7:44 AM
  • You'll need to create a RIA service that connects to the security data service, then you can base a screen on a table in that data source.

    Yann - LightSwitch Central - Click here for FREE Themes, Controls, Types and Commands
     
    Please click "Mark as Answer" if a reply answers your question. Please click "Vote as Helpful" , if you find a reply helpful.
     
    By doing this you'll help others to find answers faster.

    Tuesday, December 11, 2012 1:14 PM
    Moderator
  • Is it really necessary to create RIA Service?
    I also can add those tables as another Datasource?

    robert

    Tuesday, December 11, 2012 1:18 PM
  • You'll need to create a RIA service that connects to the security data service, then you can base a screen on a table in that data source.


    Yann - LightSwitch Central - Click here for FREE Themes, Controls, Types and Commands
     
    Please click "Mark as Answer" if a reply answers your question. Please click "Vote as Helpful" , if you find a reply helpful.
     
    By doing this you'll help others to find answers faster.


    That's a potential approach, but from a security perspective not ideal. If you want to have access to the users/roles, you need to have security admin permission (when a user has no admin permission, she can only read her own user data). So, everyone needing access to the users/roles will need admin permission. It's very easy then, for a malicious user to connect over the odata security service and manipulate the user/role data (with write access).

    Here is the odata feed for the user registrations:

    http://***myapplication***/Microsoft.LightSwitch.SecurityData.svc/UserRegistrations

    Make a console app with a service reference to this service and write some code to delete all the users. This will convince you that you should grant only security admin rights to people who are genuine security admins.


    paul van bladel

    • Marked as answer by Angie Xu Thursday, December 20, 2012 12:44 AM
    Tuesday, December 11, 2012 7:10 PM
  • Ok - in my special case I would only give 3 people the security admin rights and that people can manipulate the users/roles throuht that self made screens...

    or do I not understand something here?

    robert

    Tuesday, December 11, 2012 7:47 PM
  • Sure, no problem. 

    If the intention is that they can manipulate users/roles, it doesn't matter via which way they do this (the normal security admin screens, your self made screens, or the odata feed).

    I have seen situations, where everyone was given security admin rights (but removed the security admin menu links) for the only reason they wanted to fill a read-only dropdown with the users. From UI perspective nothing wrong, but everyone has full security data access on odata service level.


    paul van bladel

    Tuesday, December 11, 2012 7:59 PM
  • for situations on showing user in dropdown boxes I use a View in the Database which select's the user information directly from the user tables (asp_xxx)

    robert

    Tuesday, December 11, 2012 8:02 PM
  • Hi Robert

    What I have proposed is completely based on RIA as per Yann said. Below is an example you can follow to understand more clearly.

    Filtering data based on assigned user in LightSwitch

    You may also go with Paul solution. This is more updated as per Visual Studio 2012.

    Regards


    Rashmi Ranjan Panigrahi
    www.lightswitchspecial.com

    If you found this post helpful, please “Vote as Helpful”. If it answered your question, please “Mark as Answer”.
    This will help other users to find their answer quickly.

    • Marked as answer by Angie Xu Thursday, December 20, 2012 12:44 AM
    Wednesday, December 12, 2012 4:42 AM
  • Hi robert

    I will mark the reply as answer, if the marked answer is not helpful to solve your problem, please unmark and give quick response.

    With regards


    Angie xu
    MSDN Community Support | Feedback to us
    Develop and promote your apps in Windows Store
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

    Thursday, December 20, 2012 12:45 AM