locked
Security in Light switch and DB RRS feed

  • Question

  • Hi :),

    Iam new in light switch, what If i want to compare the user rights in my database with Light switch. 
    for example the user have the right Manager ------- > then he will be able to see all screens in light switch.

    how to do this? I exporeted the project to my desktop (.exe) then I took a look at the folder where it was exported there was a 2 SQL files CreatUser, and another file call NaVview(this is my project).

    is itright to chang the sql code in thoses files to say like:

    EX:
    Select *
    from  DB
    where roles = 'manger'?

    or what can I do?


    Best regards,
    Zayed

    Monday, July 14, 2014 1:23 PM

Answers

  • Hi,
    if you are new to Lightswitch I recommend you to see the course of How-Do-I

    you can find all the series here:

    http://msdn.microsoft.com/en-us/vstudio/gg604823

    regarding user access and permissions, have a look at this one:

    11 - How Do I: Set up Security to Control User Access to Parts of a Visual Studio LightSwitch Application?
    http://msdn.microsoft.com/en-us/vstudio/gg278959

    Hope this help :)
    Khaled.


    • Edited by Al-Moukhtar Monday, July 14, 2014 2:11 PM update links
    • Marked as answer by Consultant_606 Tuesday, July 15, 2014 2:39 PM
    Monday, July 14, 2014 2:09 PM
  • Have you explored Active Directory groups support LightSwitch offers? When you say "...stored in my database...", I assume this contains the same subset of users from your Active Directory, and the relationships (manager ->direct report) are maintained.  In such case I suggest using Windows authentication in your LightSwitch app and define the user-role mapping through the security screens.
    Monday, July 14, 2014 3:24 PM
    Moderator
  • Hi Zayed,

    In order to control user access to screens, properties and entities, you need to create the permissions, even if the authentication is made via Active Directory. Then you must write code to set permissions to a screen, in the CanRunScreenName method, as described here.

    HTH.


    Nicolás Lope de Barrios
    If you found this post helpful, please "Vote as Helpful". If it actually answered your question, please remember to "Mark as Answer". This will help other people find answers to their problems more quickly.

    Tuesday, July 15, 2014 2:35 PM

All replies

  • Hi,
    if you are new to Lightswitch I recommend you to see the course of How-Do-I

    you can find all the series here:

    http://msdn.microsoft.com/en-us/vstudio/gg604823

    regarding user access and permissions, have a look at this one:

    11 - How Do I: Set up Security to Control User Access to Parts of a Visual Studio LightSwitch Application?
    http://msdn.microsoft.com/en-us/vstudio/gg278959

    Hope this help :)
    Khaled.


    • Edited by Al-Moukhtar Monday, July 14, 2014 2:11 PM update links
    • Marked as answer by Consultant_606 Tuesday, July 15, 2014 2:39 PM
    Monday, July 14, 2014 2:09 PM
  • Dear Khaled,
    Thanks a lot, I already know this video. but The problem is I want Light switch to see the rights which are stored in my database.
    So when a user log (User is registered in our active directory) Light switch will know the user roles and then it will decide what to show him and what now to show. this is what I really need.

    Regards,
    Zayed

    Monday, July 14, 2014 2:14 PM
  • Have you explored Active Directory groups support LightSwitch offers? When you say "...stored in my database...", I assume this contains the same subset of users from your Active Directory, and the relationships (manager ->direct report) are maintained.  In such case I suggest using Windows authentication in your LightSwitch app and define the user-role mapping through the security screens.
    Monday, July 14, 2014 3:24 PM
    Moderator
  • Hi, 

    PERFECT!!! this what I wanted.

    But is there any detailed steps to apply this solution? I want to say for example for this Group of users allow this screen and for others allow this?

    Thanks alot Ravi

    Regards,

    Zayed

    Tuesday, July 15, 2014 7:07 AM
  • Hi Zayed,

    In order to control user access to screens, properties and entities, you need to create the permissions, even if the authentication is made via Active Directory. Then you must write code to set permissions to a screen, in the CanRunScreenName method, as described here.

    HTH.


    Nicolás Lope de Barrios
    If you found this post helpful, please "Vote as Helpful". If it actually answered your question, please remember to "Mark as Answer". This will help other people find answers to their problems more quickly.

    Tuesday, July 15, 2014 2:35 PM