/// <summary> /// Allows or blocks the display of a dropdownlist depending on user authorization level. /// </summary> /// <typeparam name="TModel"></typeparam> /// <typeparam name="TProperty"></typeparam> /// <param name="htmlHelper"></param> /// <param name="expression"></param> /// <param name="selectList"></param> /// <param name="optionLabel"></param> /// <param name="fieldRequiredPrivilege">Privilege needed to show the field</param> /// <param name="readOnlyBehaviour">Behavior of the field if not authorized</param> /// <param name="linkRequiredPrivilege">Privilege needed to navigate to the link destination</param> /// <param name="linkAuthFailedBehaviour">Behavior of the link text if not authorized</param> /// <param name="actionName">Action destination of the link</param> /// <param name="controllerName">Controller destination of the link</param> /// <param name="routeValues">Route values of the link</param> /// <param name="htmlAttributes"></param> /// <param name="forceReadOnly">Force the field into read-only mode regardless of authorization</param> /// <returns></returns> public static IHtmlContent DropDownListForAuth <TModel, TProperty>(this IHtmlHelper <TModel> htmlHelper, Expression <Func <TModel, TProperty> > expression, IEnumerable <SelectListItem> selectList, string optionLabel, Enumerations.Role fieldRequiredPrivilege, Enumerations.ReadOnlyBehaviour readOnlyBehaviour, Enumerations.Role?linkRequiredPrivilege, Enumerations.AuthFailedBehaviour?linkAuthFailedBehaviour, string actionName, string controllerName, object routeValues, object htmlAttributes, bool forceReadOnly = false) { // If user has no privileges refuse access bool fullAccess = !forceReadOnly && new UserSessionContext(htmlHelper.GetHttpContext()).UserHasAccess(fieldRequiredPrivilege); string controlId = htmlHelper.GetControlId(expression); string html = htmlHelper.DropDownListFor(expression, selectList, optionLabel, htmlAttributes).ToString(); if (!fullAccess) { var selected = selectList.Where(x => x.Selected).FirstOrDefault(); switch (readOnlyBehaviour) { case Enumerations.ReadOnlyBehaviour.Disabled: var htmlOptions = new RouteValueDictionary(htmlAttributes); if (!htmlOptions.ContainsKey("disabled")) { htmlOptions.Add("disabled", "disabled"); } else { htmlOptions["disabled"] = "disabled"; } html = htmlHelper.DropDownList(controlId + "__ddl", selectList, optionLabel, htmlOptions).ToString(); html += htmlHelper.HiddenFor(expression).ToString(); break; case Enumerations.ReadOnlyBehaviour.EmptyString: html = htmlHelper.HiddenFor(expression).ToString(); break; case Enumerations.ReadOnlyBehaviour.InnerHtml: html = htmlHelper.Span(selected == null ? "" : selected.Text, htmlAttributes).ToString(); html += htmlHelper.HiddenFor(expression).ToString(); break; case Enumerations.ReadOnlyBehaviour.AuthorizationLink: if (!linkAuthFailedBehaviour.HasValue || !linkRequiredPrivilege.HasValue) { throw new ArgumentNullException("linkAuthFailedBehaviour", "linkAuthFailedBehaviour or linkRequiredPrivilege cannot be null"); } html = htmlHelper.ActionLinkAuth(linkRequiredPrivilege.Value, linkAuthFailedBehaviour.Value, selected == null ? "" : selected.Text, actionName, controllerName, routeValues, htmlAttributes, null).ToString(); html += htmlHelper.HiddenFor(expression).ToString(); break; default: throw new ArgumentOutOfRangeException("readOnlyBehaviour"); } } return(new HtmlString(html)); }
/// <summary> /// Allows or blocks the display of a textbox depending on user authorization level. /// </summary> /// <typeparam name="TModel"></typeparam> /// <typeparam name="TProperty"></typeparam> /// <param name="htmlHelper"></param> /// <param name="expression"></param> /// <param name="fieldRequiredPrivilege">Privilege needed to show the field</param> /// <param name="readOnlyBehaviour">Behavior of the field if not authorized</param> /// <param name="linkRequiredPrivilege">Privilege needed to navigate to the link destination</param> /// <param name="linkAuthFailedBehaviour">Behavior of the link text if not authorized</param> /// <param name="actionName">Action destination of the link</param> /// <param name="controllerName">Controller destination of the link</param> /// <param name="routeValues">Route values of the link</param> /// <param name="htmlAttributes"></param> /// <param name="forceReadOnly">(Optional) Force the field into read-only mode regardless of authorization</param> /// /// <param name="formatString">(Optional) String used to format the value of the control</param> /// <returns></returns> public static IHtmlContent TextBoxForAuth <TModel, TProperty>(this IHtmlHelper <TModel> htmlHelper, Expression <Func <TModel, TProperty> > expression, Enumerations.Role fieldRequiredPrivilege, Enumerations.ReadOnlyBehaviour readOnlyBehaviour, Enumerations.Role?linkRequiredPrivilege, Enumerations.AuthFailedBehaviour?linkAuthFailedBehaviour, string actionName, string controllerName, object routeValues, object htmlAttributes, string formatString = null, bool forceReadOnly = false) { // If user has no privileges refuse access bool fullAccess = !forceReadOnly && new UserSessionContext(htmlHelper.GetHttpContext()).UserHasAccess(fieldRequiredPrivilege); string controlId = htmlHelper.GetControlId(expression); ModelExpression modelExpression = htmlHelper.GetModelExpressionProvider().CreateModelExpression(htmlHelper.ViewData, expression); var expressionValue = modelExpression.Model; string stringValue = expressionValue == null ? "" : expressionValue.ToString(); if (formatString != null) { stringValue = string.Format(formatString, expressionValue); } string html = htmlHelper.TextBox(controlId, stringValue, htmlAttributes).ToString(); if (!fullAccess) { switch (readOnlyBehaviour) { case Enumerations.ReadOnlyBehaviour.Disabled: var htmlOptions = new RouteValueDictionary(htmlAttributes); if (!htmlOptions.ContainsKey("disabled")) { htmlOptions.Add("disabled", "disabled"); } else { htmlOptions["disabled"] = "disabled"; } html = htmlHelper.TextBox(controlId + "__text", stringValue, htmlOptions).ToString(); html += htmlHelper.HiddenFor(expression).ToString(); break; case Enumerations.ReadOnlyBehaviour.EmptyString: html = htmlHelper.HiddenFor(expression).ToString(); break; case Enumerations.ReadOnlyBehaviour.InnerHtml: html = htmlHelper.SpanFor(expression, htmlAttributes, formatString).ToString(); html += htmlHelper.HiddenFor(expression).ToString(); break; case Enumerations.ReadOnlyBehaviour.AuthorizationLink: if (!linkAuthFailedBehaviour.HasValue || !linkRequiredPrivilege.HasValue) { throw new ArgumentNullException("linkAuthFailedBehaviour", "linkAuthFailedBehaviour or linkRequiredPrivilege cannot be null"); } html = htmlHelper.ActionLinkAuth(linkRequiredPrivilege.Value, linkAuthFailedBehaviour.Value, stringValue, actionName, routeValues, htmlAttributes).ToString(); html += htmlHelper.HiddenFor(expression).ToString(); break; default: throw new ArgumentOutOfRangeException("readOnlyBehaviour"); } } return(new HtmlString(html)); }