Help get this topic noticed by sharing it on Twitter, Facebook, or email.

Conditional Edit button based on UserRole or Current Logged In User

I have a component of my application where All user have access to create their very own requests for Time Off

I bet this has asked before!

Example:

Bob is in the role of "crw" and logs in to the system and submits a request for time off.

Jane is the role of "man" and has access to see Bob's Request and either Approve or Decline the Request (Jane should also be able to see and Edit the entire request)

Jake is in the Role of "frm" He can login and see that Bob has an approved Time Off Request but is not able to Edit the request because he is in the role "frm"

Bob Can log back in after his request has been approved and edit his own request and select an option to cancel the request.

I have tried to do this threw "When Client Script" but no matter what I put in their it breaks.
1 person has
this question
+1
Reply
  • Hi.

    Have you tried setting the Controller Actions accordingly?
    See if this helps:

    https://codeontime.com/learn/security...

    Cheers.

    Ivan
  • (some HTML allowed)
    How does this make you feel?
    Add Image
    I'm

    e.g. indifferent, undecided, unconcerned happy, confident, thankful, excited kidding, amused, unsure, silly sad, anxious, confused, frustrated

  • Hi,
    if you need a more sophisticated way to distinguish between User Roles you may do the following, which solved a challenge in my case (when using ASP Membership):

    1. Add a new Field "UserRoles" to the myProfile controller and put a tick in the box for "The value of this field is computed at run-time by SQL expression". Add the following SQL statement to retrieve all roles of an user:

    SELECT
    SUBSTRING(tab.UserRoles, 1, LEN(tab.UserRoles) - 1) AS UserRoles
    FROM
    (
    SELECT
    (
    SELECT
    r.RoleName + ',' AS 'data()'
    FROM
    dbo.aspnet_Users u
    INNER JOIN
    dbo.aspnet_UsersInRoles ur ON u.UserId = ur.UserId
    INNER JOIN
    dbo.aspnet_Roles r ON ur.RoleId = r.RoleId
    WHERE
    u.UserName = @BusinessRules_UserName
    FOR XML PATH ('')
    ) AS UserRoles
    ) tab


    2. Add a SQL business rule targeting on the corresponding command you wish to add some logic to by using the variable @BusinessRules_UserRoles or refer to the UserRoles field in javascript by adding a field in the corresponding controller retrieving the value from the business rule variable as shown here: https://codeontime.com/learn/business...
  • (some HTML allowed)
    How does this make you feel?
    Add Image
    I'm

    e.g. indifferent, undecided, unconcerned happy, confident, thankful, excited kidding, amused, unsure, silly sad, anxious, confused, frustrated

  • I guess there is still some confusion, in what I am looking for here. I understand the group roles. My intention is l as follows

    Bob who is of Role CRW logs into the system and creates a request for time off (Request 111)

    Sam who is of Role CRW logs into the system and should not be able to edit Bo's request (111) but is able to edit his request which is (108)

    Bob should still be able to log in and Edit his request 111 but not be able to edit Sam's request 108

    Bill who is of Role FRW should be able to login and edit his own request 110 as well not be able to edit Bob's or Sam's Request

    Jake who is of Role MAN should be able to log in and Edit Bob's Request 111, Sam's Request 108 as well Bill's Request 110

    I want a condition like the following if statement:

    IF (Logged In User is Creator of Request allow edit request) or (Logged in User is of Role ADM or MAN Allow User to edit request)

    I hope I have clarified this a bit better.
  • (some HTML allowed)
    How does this make you feel?
    Add Image
    I'm

    e.g. indifferent, undecided, unconcerned happy, confident, thankful, excited kidding, amused, unsure, silly sad, anxious, confused, frustrated

  • Ah, okay. Then this may is the solution you looking for:

    1. Go to the corresponding controller and click on the view you wish to filter.
    2. Make use of the "Filter Expression" in the field group "Sort, Filter, and Group"
    3. There you can enter as follows:

    AuditUserCreated = @BusinessRules_UserName AND @BusinessRules_UserRoles = N'[NameOftheRole]'
    OR
    @BusinessRules_UserRoles <> N'[NameOftheRoleWithHigherPermissions]'
  • (some HTML allowed)
    How does this make you feel?
    Add Image
    I'm

    e.g. indifferent, undecided, unconcerned happy, confident, thankful, excited kidding, amused, unsure, silly sad, anxious, confused, frustrated