Role-Based Authorizationhttp://www.asp.netWed, 27 Mar 2013 21:00:58 GMTumbracoComments for Role-Based AuthorizationenComment Posted by jibarrahttp://www.asp.net/web-forms/tutorials/security/roles/role-based-authorization-vbMon, 25 Jul 2011 22:41:41 GMT00000000-0000-0000-0000000013832nice, great tutorial

]]>Comment Posted by zyklohttp://www.asp.net/web-forms/tutorials/security/roles/role-based-authorization-vbSun, 08 Apr 2012 18:05:18 GMT00000000-0000-0000-0000000015282I'm getting an error on this line:

Dim UserName As String = UserGrid.DataKeys(e.RowIndex).Value.ToString()

in UserGrid_RowDeleting and UserGrid_RowUpdating

Error is:

Index was out of range. Must be non-negative and less than the size of the collection.

Parameter name: index

Have done exactly as this toturial says, and used cut and paste where possible.

Anyone knows what I am doing wrong?

]]>Comment Posted by jkjeromehttp://www.asp.net/web-forms/tutorials/security/roles/role-based-authorization-vbWed, 06 Mar 2013 04:37:03 GMT00000000-0000-0000-0000000018584I appreciate the intention not offend anyone with this constantly switching from "he" to "she", but the result is just weird to read.

Why not just say "they" or "their" instead?

]]>Comment Posted by jkjeromehttp://www.asp.net/web-forms/tutorials/security/roles/role-based-authorization-vbSat, 09 Mar 2013 02:58:28 GMT00000000-0000-0000-0000000018636Under "Programmatically Limiting Functionality" it states:

"Note: It is possible to hide the CommandField altogether when a non-Supervisor and non-Administrator is visiting the page. I leave this as an exercise for the reader."

If you're stuck on this, you can achieve this by amending your pageload event in RolesBasedAuthorization.aspx.vb as follows:

__________________________________________________________________________________________

Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load

If Not Page.IsPostBack Then

UserGrid.Columns(0).Visible = (User.IsInRole("Administrators") OrElse User.IsInRole("Supervisors"))

BindUserGrid()

End If

End Sub

__________________________________________________________________________________________

This is similar to how you would have hidden the link button in the grid on UserBasedAuthorization.aspx in a previous tutorial(if you did the "I'll leave it to the reader" exercise[a.k.a. "I can't really be arsed to explain this one" exercise] on that page)

]]>Comment Posted by jkjeromehttp://www.asp.net/web-forms/tutorials/security/roles/role-based-authorization-vbSat, 09 Mar 2013 03:17:03 GMT00000000-0000-0000-0000000018637Sorry to say it again but these tutorials desperately need proof-reading/testing. Not such a problem if you know what you're doing already but pretty useless if you don't. Lets face it lots of the latter will be using these tutorials so why put them through that?

......

Talking of which, under "Step 3: Applying Role-Based Authorization Rules to Classes and Methods" the 3 PrincipalPermission lines need a space inserting before the line contiuation character, otherwise you'll get a build error for each line. Spaces inserted below:

<PrincipalPermission(SecurityAction.Demand, Role:="Administrators")> _

<PrincipalPermission(SecurityAction.Demand, Role:="Supervisors")> _

Protected Sub UserGrid_RowUpdating(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.GridViewUpdateEventArgs) Handles UserGrid.RowUpdating

...

End Sub

<PrincipalPermission(SecurityAction.Demand, Role:="Administrators")> _

Protected Sub UserGrid_RowDeleting(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.GridViewDeleteEventArgs) Handles UserGrid.RowDeleting

...

End Sub

]]>Comment Posted by ricka6http://www.asp.net/web-forms/tutorials/security/roles/role-based-authorization-vbWed, 27 Mar 2013 21:00:58 GMT00000000-0000-0000-0000000018792@jkjerome - he/she - agreed. Thanks again for your contributions.

]]>