/// <summary>
        /// Allows or blocks the display of an editable div depending on user authorization level.
        /// </summary>
        /// <typeparam name="TModel"></typeparam>
        /// <typeparam name="TProperty"></typeparam>
        /// <param name="htmlHelper"></param>
        /// <param name="expression"></param>
        /// <param name="requiredPrivilege">Privilege needed to show the field</param>
        /// <param name="readOnlyBehaviour">Behavior of the field if not authorized</param>
        /// <param name="htmlAttributes"></param>
        /// <param name="forceReadOnly">Force the field into read-only mode regardless of authorization</param>
        /// <returns></returns>
        public static IHtmlContent EditableDivAreaForAuth <TModel, TProperty>(this IHtmlHelper <TModel> htmlHelper, Expression <Func <TModel, TProperty> > expression, Enumerations.Role requiredPrivilege, Enumerations.ReadOnlyBehaviour readOnlyBehaviour, object htmlAttributes, bool forceReadOnly = false)
        {
            // If user has no privileges refuse access
            bool fullAccess  = !forceReadOnly && new UserSessionContext(htmlHelper.GetHttpContext()).UserHasAccess(requiredPrivilege);
            var  htmlOptions = new RouteValueDictionary(htmlAttributes);

            TagBuilder divTag = new TagBuilder("div");

            divTag.MergeAttributes(htmlOptions);
            divTag.AddCssClass("editable-div");
            divTag.GenerateId(htmlHelper.GetControlId(expression) + "__editableDiv", "_");
            divTag.Attributes.Add("parentId", htmlHelper.GetControlId(expression));

            ModelExpression modelExpression = htmlHelper.GetModelExpressionProvider().CreateModelExpression(htmlHelper.ViewData, expression);

            divTag.InnerHtml.Append(HttpUtility.HtmlDecode((string)modelExpression.Model));

            string html = divTag.ToString();

            if (!fullAccess)
            {
                switch (readOnlyBehaviour)
                {
                case Enumerations.ReadOnlyBehaviour.Disabled:
                    divTag.AddCssClass("disabled");
                    html = divTag.ToString();
                    break;

                case Enumerations.ReadOnlyBehaviour.EmptyString:
                    break;

                case Enumerations.ReadOnlyBehaviour.InnerHtml:
                    html = htmlHelper.SpanFor(expression, htmlAttributes).ToString();
                    break;

                default:
                    throw new ArgumentOutOfRangeException("readOnlyBehaviour");
                }
            }

            html += htmlHelper.HiddenFor(expression).ToString();

            return(new HtmlString(html));
        }
 public static IHtmlContent TextAreaForAuth <TModel, TProperty>(this IHtmlHelper <TModel> htmlHelper, Expression <Func <TModel, TProperty> > expression, Enumerations.Role requiredPrivilege, Enumerations.ReadOnlyBehaviour readOnlyBehaviour, bool forceReadOnly = false)
 {
     return(TextAreaForAuth(htmlHelper, expression, requiredPrivilege, readOnlyBehaviour, null, forceReadOnly));
 }
        public static IHtmlContent TextAreaForAuth <TModel, TProperty>(this IHtmlHelper <TModel> htmlHelper, Expression <Func <TModel, TProperty> > expression, Enumerations.Role requiredPrivilege, Enumerations.ReadOnlyBehaviour readOnlyBehaviour, object htmlAttributes, bool forceReadOnly = false)
        {
            // If user has no privileges refuse access
            bool   fullAccess = new UserSessionContext(htmlHelper.GetHttpContext()).UserHasAccess(requiredPrivilege);
            string controlId  = htmlHelper.GetControlId(expression);

            string html = htmlHelper.TextAreaFor(expression, htmlAttributes).ToString();

            if (!fullAccess)
            {
                ModelExpression modelExpression = htmlHelper.GetModelExpressionProvider().CreateModelExpression(htmlHelper.ViewData, expression);
                var             expressionValue = modelExpression.Model;

                switch (readOnlyBehaviour)
                {
                case Enumerations.ReadOnlyBehaviour.Disabled:
                    var htmlOptions = new RouteValueDictionary(htmlAttributes);

                    if (!htmlOptions.ContainsKey("disabled"))
                    {
                        htmlOptions.Add("disabled", "disabled");
                    }
                    else
                    {
                        htmlOptions["disabled"] = "disabled";
                    }

                    html  = htmlHelper.TextArea(controlId + "__text", htmlOptions).ToString();
                    html += htmlHelper.HiddenFor(expression).ToString();
                    break;

                case Enumerations.ReadOnlyBehaviour.EmptyString:
                    html = htmlHelper.HiddenFor(expression).ToString();
                    break;

                case Enumerations.ReadOnlyBehaviour.InnerHtml:
                    html  = htmlHelper.SpanFor(expression, htmlAttributes).ToString();
                    html += htmlHelper.HiddenFor(expression).ToString();
                    break;

                default:
                    throw new ArgumentOutOfRangeException("readOnlyBehaviour");
                }
            }

            return(new HtmlString(html));
        }
        /// <summary>
        /// Allows or blocks the display of a dropdownlist depending on user authorization level.
        /// </summary>
        /// <typeparam name="TModel"></typeparam>
        /// <typeparam name="TProperty"></typeparam>
        /// <param name="htmlHelper"></param>
        /// <param name="expression"></param>
        /// <param name="selectList"></param>
        /// <param name="optionLabel"></param>
        /// <param name="fieldRequiredPrivilege">Privilege needed to show the field</param>
        /// <param name="readOnlyBehaviour">Behavior of the field if not authorized</param>
        /// <param name="linkRequiredPrivilege">Privilege needed to navigate to the link destination</param>
        /// <param name="linkAuthFailedBehaviour">Behavior of the link text if not authorized</param>
        /// <param name="actionName">Action destination of the link</param>
        /// <param name="controllerName">Controller destination of the link</param>
        /// <param name="routeValues">Route values of the link</param>
        /// <param name="htmlAttributes"></param>
        /// <param name="forceReadOnly">Force the field into read-only mode regardless of authorization</param>
        /// <returns></returns>
        public static IHtmlContent DropDownListForAuth <TModel, TProperty>(this IHtmlHelper <TModel> htmlHelper, Expression <Func <TModel, TProperty> > expression, IEnumerable <SelectListItem> selectList, string optionLabel, Enumerations.Role fieldRequiredPrivilege, Enumerations.ReadOnlyBehaviour readOnlyBehaviour, Enumerations.Role?linkRequiredPrivilege, Enumerations.AuthFailedBehaviour?linkAuthFailedBehaviour, string actionName, string controllerName, object routeValues, object htmlAttributes, bool forceReadOnly = false)
        {
            // If user has no privileges refuse access
            bool   fullAccess = !forceReadOnly && new UserSessionContext(htmlHelper.GetHttpContext()).UserHasAccess(fieldRequiredPrivilege);
            string controlId  = htmlHelper.GetControlId(expression);

            string html = htmlHelper.DropDownListFor(expression, selectList, optionLabel, htmlAttributes).ToString();

            if (!fullAccess)
            {
                var selected = selectList.Where(x => x.Selected).FirstOrDefault();

                switch (readOnlyBehaviour)
                {
                case Enumerations.ReadOnlyBehaviour.Disabled:
                    var htmlOptions = new RouteValueDictionary(htmlAttributes);

                    if (!htmlOptions.ContainsKey("disabled"))
                    {
                        htmlOptions.Add("disabled", "disabled");
                    }
                    else
                    {
                        htmlOptions["disabled"] = "disabled";
                    }

                    html  = htmlHelper.DropDownList(controlId + "__ddl", selectList, optionLabel, htmlOptions).ToString();
                    html += htmlHelper.HiddenFor(expression).ToString();
                    break;

                case Enumerations.ReadOnlyBehaviour.EmptyString:
                    html = htmlHelper.HiddenFor(expression).ToString();
                    break;

                case Enumerations.ReadOnlyBehaviour.InnerHtml:
                    html  = htmlHelper.Span(selected == null ? "" : selected.Text, htmlAttributes).ToString();
                    html += htmlHelper.HiddenFor(expression).ToString();
                    break;

                case Enumerations.ReadOnlyBehaviour.AuthorizationLink:
                    if (!linkAuthFailedBehaviour.HasValue || !linkRequiredPrivilege.HasValue)
                    {
                        throw new ArgumentNullException("linkAuthFailedBehaviour", "linkAuthFailedBehaviour or linkRequiredPrivilege cannot be null");
                    }
                    html  = htmlHelper.ActionLinkAuth(linkRequiredPrivilege.Value, linkAuthFailedBehaviour.Value, selected == null ? "" : selected.Text, actionName, controllerName, routeValues, htmlAttributes, null).ToString();
                    html += htmlHelper.HiddenFor(expression).ToString();
                    break;

                default:
                    throw new ArgumentOutOfRangeException("readOnlyBehaviour");
                }
            }

            return(new HtmlString(html));
        }
 /// <summary>
 /// Allows or blocks the display of a dropdownlist depending on user authorization level.
 /// </summary>
 /// <typeparam name="TModel"></typeparam>
 /// <typeparam name="TProperty"></typeparam>
 /// <param name="htmlHelper"></param>
 /// <param name="expression"></param>
 /// <param name="selectList"></param>
 /// <param name="fieldRequiredPrivilege">Privilege needed to show the field</param>
 /// <param name="readOnlyBehaviour">Behavior of the field if not authorized</param>
 /// <param name="linkRequiredPrivilege">Privilege needed to navigate to the link destination</param>
 /// <param name="linkAuthFailedBehaviour">Behavior of the link text if not authorized</param>
 /// <param name="actionName">Action destination of the link</param>
 /// <param name="controllerName">Controller destination of the link</param>
 /// <param name="routeValues">Route values of the link</param>
 /// <param name="htmlAttributes"></param>
 /// <param name="forceReadOnly">Force the field into read-only mode regardless of authorization</param>
 /// <returns></returns>
 public static IHtmlContent DropDownListForAuth <TModel, TProperty>(this IHtmlHelper <TModel> htmlHelper, Expression <Func <TModel, TProperty> > expression, IEnumerable <SelectListItem> selectList, Enumerations.Role fieldRequiredPrivilege, Enumerations.ReadOnlyBehaviour readOnlyBehaviour, Enumerations.Role?linkRequiredPrivilege, Enumerations.AuthFailedBehaviour?linkAuthFailedBehaviour, string actionName, string controllerName, object routeValues, object htmlAttributes, bool forceReadOnly = false)
 {
     return(DropDownListForAuth(htmlHelper, expression, selectList, null, fieldRequiredPrivilege, readOnlyBehaviour, linkRequiredPrivilege, linkAuthFailedBehaviour, actionName, controllerName, routeValues, htmlAttributes, forceReadOnly));
 }
 /// <summary>
 /// Allows or blocks the display of a dropdownlist depending on user authorization level.
 /// </summary>
 /// <typeparam name="TModel"></typeparam>
 /// <typeparam name="TProperty"></typeparam>
 /// <param name="htmlHelper"></param>
 /// <param name="expression"></param>
 /// <param name="selectList"></param>
 /// <param name="optionLabel"></param>
 /// <param name="requiredPrivilege">Privilege needed to show the field</param>
 /// <param name="readOnlyBehaviour">Behavior of the field if not authorized</param>
 /// <param name="forceReadOnly">Force the field into read-only mode regardless of authorization</param>
 /// <returns></returns>
 public static IHtmlContent DropDownListForAuth <TModel, TProperty>(this IHtmlHelper <TModel> htmlHelper, Expression <Func <TModel, TProperty> > expression, IEnumerable <SelectListItem> selectList, string optionLabel, Enumerations.Role requiredPrivilege, Enumerations.ReadOnlyBehaviour readOnlyBehaviour, bool forceReadOnly = false)
 {
     return(DropDownListForAuth(htmlHelper, expression, selectList, optionLabel, requiredPrivilege, readOnlyBehaviour, null, null, null, null, null, null, forceReadOnly));
 }
        /// <summary>
        /// Allows or blocks the display of a textbox depending on user authorization level.
        /// </summary>
        /// <typeparam name="TModel"></typeparam>
        /// <typeparam name="TProperty"></typeparam>
        /// <param name="htmlHelper"></param>
        /// <param name="expression"></param>
        /// <param name="fieldRequiredPrivilege">Privilege needed to show the field</param>
        /// <param name="readOnlyBehaviour">Behavior of the field if not authorized</param>
        /// <param name="linkRequiredPrivilege">Privilege needed to navigate to the link destination</param>
        /// <param name="linkAuthFailedBehaviour">Behavior of the link text if not authorized</param>
        /// <param name="actionName">Action destination of the link</param>
        /// <param name="controllerName">Controller destination of the link</param>
        /// <param name="routeValues">Route values of the link</param>
        /// <param name="htmlAttributes"></param>
        /// <param name="forceReadOnly">(Optional) Force the field into read-only mode regardless of authorization</param>
        /// /// <param name="formatString">(Optional) String used to format the value of the control</param>
        /// <returns></returns>
        public static IHtmlContent TextBoxForAuth <TModel, TProperty>(this IHtmlHelper <TModel> htmlHelper, Expression <Func <TModel, TProperty> > expression, Enumerations.Role fieldRequiredPrivilege, Enumerations.ReadOnlyBehaviour readOnlyBehaviour, Enumerations.Role?linkRequiredPrivilege, Enumerations.AuthFailedBehaviour?linkAuthFailedBehaviour, string actionName, string controllerName, object routeValues, object htmlAttributes, string formatString = null, bool forceReadOnly = false)
        {
            // If user has no privileges refuse access
            bool fullAccess = !forceReadOnly && new UserSessionContext(htmlHelper.GetHttpContext()).UserHasAccess(fieldRequiredPrivilege);

            string controlId = htmlHelper.GetControlId(expression);

            ModelExpression modelExpression = htmlHelper.GetModelExpressionProvider().CreateModelExpression(htmlHelper.ViewData, expression);

            var    expressionValue = modelExpression.Model;
            string stringValue     = expressionValue == null ? "" : expressionValue.ToString();

            if (formatString != null)
            {
                stringValue = string.Format(formatString, expressionValue);
            }

            string html = htmlHelper.TextBox(controlId, stringValue, htmlAttributes).ToString();

            if (!fullAccess)
            {
                switch (readOnlyBehaviour)
                {
                case Enumerations.ReadOnlyBehaviour.Disabled:
                    var htmlOptions = new RouteValueDictionary(htmlAttributes);

                    if (!htmlOptions.ContainsKey("disabled"))
                    {
                        htmlOptions.Add("disabled", "disabled");
                    }
                    else
                    {
                        htmlOptions["disabled"] = "disabled";
                    }

                    html  = htmlHelper.TextBox(controlId + "__text", stringValue, htmlOptions).ToString();
                    html += htmlHelper.HiddenFor(expression).ToString();
                    break;

                case Enumerations.ReadOnlyBehaviour.EmptyString:
                    html = htmlHelper.HiddenFor(expression).ToString();
                    break;

                case Enumerations.ReadOnlyBehaviour.InnerHtml:
                    html  = htmlHelper.SpanFor(expression, htmlAttributes, formatString).ToString();
                    html += htmlHelper.HiddenFor(expression).ToString();
                    break;

                case Enumerations.ReadOnlyBehaviour.AuthorizationLink:
                    if (!linkAuthFailedBehaviour.HasValue || !linkRequiredPrivilege.HasValue)
                    {
                        throw new ArgumentNullException("linkAuthFailedBehaviour", "linkAuthFailedBehaviour or linkRequiredPrivilege cannot be null");
                    }
                    html  = htmlHelper.ActionLinkAuth(linkRequiredPrivilege.Value, linkAuthFailedBehaviour.Value, stringValue, actionName, routeValues, htmlAttributes).ToString();
                    html += htmlHelper.HiddenFor(expression).ToString();
                    break;

                default:
                    throw new ArgumentOutOfRangeException("readOnlyBehaviour");
                }
            }

            return(new HtmlString(html));
        }
 /// <summary>
 /// Allows or blocks the display of a textbox depending on user authorization level.
 /// </summary>
 /// <typeparam name="TModel"></typeparam>
 /// <typeparam name="TProperty"></typeparam>
 /// <param name="htmlHelper"></param>
 /// <param name="expression"></param>
 /// <param name="requiredPrivilege">Privilege needed to show the field</param>
 /// <param name="readOnlyBehaviour">Behavior of the field if not authorized</param>
 /// <param name="htmlAttributes"></param>
 /// <param name="forceReadOnly">Force the field into read-only mode regardless of authorization</param>
 /// <returns></returns>
 public static IHtmlContent TextBoxForAuth <TModel, TProperty>(this IHtmlHelper <TModel> htmlHelper, Expression <Func <TModel, TProperty> > expression, Enumerations.Role requiredPrivilege, Enumerations.ReadOnlyBehaviour readOnlyBehaviour, object htmlAttributes, string formatString = null, bool forceReadOnly = false)
 {
     return(TextBoxForAuth(htmlHelper, expression, requiredPrivilege, readOnlyBehaviour, null, null, null, null, null, htmlAttributes, formatString, forceReadOnly));
 }