security

Labels
AJAX(112) App Studio(9) Apple(1) Application Builder(245) Application Factory(207) ASP.NET(95) ASP.NET 3.5(45) ASP.NET Code Generator(72) ASP.NET Membership(28) Azure(18) Barcode(2) Barcodes(3) BLOB(18) Business Rules(1) Business Rules/Logic(140) BYOD(13) Caching(2) Calendar(5) Charts(29) Cloud(14) Cloud On Time(2) Cloud On Time for Windows 7(2) Code Generator(54) Collaboration(11) command line(1) Conflict Detection(1) Content Management System(12) COT Tools for Excel(26) CRUD(1) Custom Actions(1) Data Aquarium Framework(122) Data Sheet(9) Data Sources(22) Database Lookups(50) Deployment(22) Designer(178) Device(1) DotNetNuke(12) EASE(20) Email(6) Features(101) Firebird(1) Form Builder(14) Globalization and Localization(6) How To(1) Hypermedia(2) Inline Editing(1) Installation(5) JavaScript(20) Kiosk(1) Low Code(3) Mac(1) Many-To-Many(4) Maps(6) Master/Detail(36) Microservices(4) Mobile(63) Mode Builder(3) Model Builder(3) MySQL(10) Native Apps(5) News(18) OAuth(9) OAuth Scopes(1) OAuth2(13) Offline(20) Offline Apps(4) Offline Sync(5) Oracle(11) PKCE(2) Postgre SQL(1) PostgreSQL(2) PWA(2) QR codes(2) Rapid Application Development(5) Reading Pane(2) Release Notes(184) Reports(48) REST(29) RESTful(29) RESTful Workshop(15) RFID tags(1) SaaS(7) Security(81) SharePoint(12) SPA(6) SQL Anywhere(3) SQL Server(26) SSO(1) Stored Procedure(4) Teamwork(15) Tips and Tricks(87) Tools for Excel(3) Touch UI(93) Transactions(5) Tutorials(183) Universal Windows Platform(3) User Interface(338) Video Tutorial(37) Web 2.0(100) Web App Generator(101) Web Application Generator(607) Web Form Builder(40) Web.Config(9) Workflow(28)
Archive
Blog
security
Friday, June 15, 2012PrintSubscribe
Read Permission on Fields

Fields can be displayed or hidden based on the role of the user. For example, all users are allowed to view the Hire Date field in the Employees controller by default.

Hire Date is visible on the Employees grid view by default.

Let’s configure the field to only permit administrators to view the Hire Date field.

Start the Project Designer. In the Project Explorer, switch to Controllers tab. Double-click on Employees / Fields / HireDate field node.

Hire Date field in the Employees controller.

Change the “Read” Roles property:

Property New Value
“Read” Roles Administrators

Press OK to save the field. On the toolbar, click Browse to generate the application.

Log in as user/user123%. Navigate to the Employees page. The Hire Date column will not be present in the view.

When logged in as user, the Hire Date column is not visible in the grid.

Log out, and log in as admin/admin123%. The Hire Date column will be visible again.

When logged in as admin, the Hire Date column will be visible.

Labels: Security, User Interface, Web Application Generator
Thursday, June 7, 2012PrintSubscribe
Lookup of User Identity

Both name and id of a user selected in a lookup window can be captured in a database table when necessary. Let’s set up a lookup field to capture both properties of the user identity.

Start SQL Server Management Studio. In the Object Explorer, right-click Database / Northwind / Tables / dbo.Orders table node, and select Design option.

Design Orders table in the Northwind database using SQL Server Management Studio.

Add two columns with the following settings:

Column Name Data Type Allow Nulls
OwnerID uniqueidentifier True
OwnerName nvarchar(50) True

Save the table modification. Refresh the Orders controller.

Refresh the Orders table.

Regenerate the project. Navigate to the Orders page, and edit a record. The OwnerID and OwnerName fields will be visible at the bottom of the form, but are currently only simple text boxes.

OwnerID and OwnerName fields are rendered as simple text boxes.

Let’s configure the OwnerID field as a User Id Lookup and have it copy the user name into OwnerName field. The OwnerName will become an alias of OwnerID data field. Only Administrators will be allowed to modify the owner of the record.

Start the Project Designer. In the Project Explorer, switch to the Controllers tab. Double-click on Orders / Fields / OwnerID field node.

OwnerID field in the Orders controller in Code On Time Project Explorer.

Make the following changes:

Property New Value
Items Style User Id Lookup
Copy OwnerName=UserName
“Write” Roles Administrators

Press OK to save the field. In the Project Explorer, double-click on Orders / Views / editForm1 / c1 – Orders / OwnerID data field node.

OwnerID data field of editForm1 view of Orders controller.

Assign an alias for the data field:

Property New Value
Alias OwnerName

Press OK to save the data field. In the Project Explorer, right-click on Orders / Views / editForm1 / c1 – Orders / OwnerName data field node, and select Delete option.

Delete OwnerName data field of editForm1 view in Orders controller.

Confirm the operation. On the toolbar, select Browse option to regenerate the web application.

Navigate to the Orders page, and edit a record. If your user account belongs to the Administrators role, then the field is rendered as a lookup.

OwnerName field rendered as a User Id Lookup.

Activate the lookup, and a lookup window will open and display a list of users.

List of users displayed in the lookup window.

Select a user from the lookup, and the name of the user will be copied into the field Owner Name.

User Name inserted into the Owner Name field.

Save the field. If you look at the record in the database, both UserId and UserName fields have been populated.

Both UserID and UserName have been inserted into the record.

Labels: ASP.NET Membership, Database Lookups, Designer, Security, Tips and Tricks, Web Application Generator
Thursday, June 7, 2012PrintSubscribe
Items Style–User Name Lookup

Data fields can be configured as a User Name Lookup to allow selection and insertion from the user names registered in the ASP.NET membership tables.

First, add an Owner column in the Orders table.

Start SQL Server Management Studio. In the Object Explorer, right-click on Databases / Northwind / Tables / dbo.Orders node, and select Design option.

Design the Orders table in the Northwind database using SQL Server Management Studio.

Add the following column:

Column Name Data Type Allow Nulls
OwnerName nvarchar(50) True

Save the table design. Switch to Code On Time web application generator, and refresh the Orders controller.

Refresh the Orders controller.

Generate the application. Navigate to the Orders page, and select a record. The Owner Name field will just be a simple text box. Let’s convert this text box into a User Name Lookup.

Owner Name field is currently a simple text box.

Start the Project Designer. In the Project Explorer, switch to the Controllers tab. Double-click on Orders / Fields / OwnerName field node.

OwnerName field in the Orders controller.

Change the Items Style property:

Property New Value
Items Style User Name Lookup

Press OK to save the field. On the toolbar, click Browse.

Navigate to the Orders page and edit a record. The Owner Name field will now be a lookup.

Owner Name field is now a User Name Lookup.

When you activate the lookup, a list of users will be displayed.

Activating a User Name Lookup will display a list of users.

Select a user, and the user name will be inserted into the field.

Selecting a user from the lookup will insert the User Name into the field.

Labels: Database Lookups, Security, Web Application Generator
Continue to Password Text Mode
© 2025 Code On Time LLC. All rights reserved. All trademarks mentioned on this website are property of their respective owners.
Watch | Blog | Roadmap | Learn | Community | Support