Data Aquarium Framework features on-demand creation of lookup items.
See it in Action
On the screen shot below a user has selected Edit command in context menu of a grid row that lists products from Northwind sample database.
The row is now displayed in edit mode. You can see that supplier company name field has an icon right next to the lookup box.
A click on this icon will bring up New Suppliers modal dialog that allows entering a supplier in-place. The supplier is automatically selected in the lookup when user clicks OK button.
You can try this online at http://dev.codeontime.com/demo/nwblob.
Controlling Access to This Feature
The feature is extremely useful but shall not be left uncontrolled. Typically only certain categories of users are allowed to create new lookup items.
This is how the creation of new lookup items is turned on in the data controller definition files.
<field name="SupplierID" type="Int32" label="Supplier#">
<items style="Lookup" dataController="Suppliers" newDataView="createForm1" />
</field>
Attribute newDataView of items element specifies the view defined in data controller identified by dataController attribute. The attribute value is automatically assigned by Code OnTime Generator. You can define a custom view in Suppliers data controller to provide an alternative form to create new suppliers.
If you don’t want in-place lookup item creation to to be enabled then simply delete the attribute.
Controlling in-place lookups With Roles
A better solution is to allow only certain user roles to create new lookup items.
Open data controller ~/Controllers/Suppliers.xml and modify New Suppliers action as follows:
<actionGroup scope="ActionBar" headerText="New">
<action commandName="New" commandArgument="createForm1"
headerText="New Suppliers"
description="Create a new Suppliers record."
roles="Administrators"/>
</actionGroup>
Attribute roles will enable this action to be executed by users with Administrators role only. The framework will make sure that there is an action with New command in Suppliers data controller with an argument matched to the view specified by newDataView attribute of items element. If such action is not available then in-place creation of lookup items is automatically disabled.
Our sample application has been generated with ASP.NET Membership enabled. Here is how the row will look if we sign in a user with the standard name user. This user belongs to the role Users and is not authorized to create new suppliers.
You can see that the icon that allows creating new suppliers is gone. The user still can create new categories.
The centralized business logic and definitions of Data Aquarium Framework ensure that any other references to the Suppliers lookup in the application are affected as well.
This is how the supplier screen will look when displayed to the same user. Notice that New option is not available on the action bar anymore.
Conclusion
ASP.NET declarative security if fully integrated into Data Aquarium Framework and allows easy control over AJAX web applications of any complexity.