Allow/deny user access to different web pages

Question

0.00/5 (No votes)

See more:

In my sql db I have permissions to allow users access to different web pages in my app. I have a page where i can dynamically change the permissions of the users during runtime. Can I allow/deny user access without using web.config?
Here's my code so far in a class:

C#

public static int AllowUserAccess(int agentID, string formName)
        {
            SqlDataReader reader;
            int userid = 0;
            try
            {
                conn = OpenConnection();
                comm = new SqlCommand();
                comm.Connection = conn;
                comm.CommandType = CommandType.Text;
                comm.CommandText = "Select a.pkAgentID, PERM.FormName, AGP.fkAgentGroupID, agp.AllowAccess from Agents A inner join AgentGroupPermissions AGP on a.fkAgentGroupID = agp.fkAgentGroupID inner join Permission Perm ON AGP.fkPermissionID = PERM.pkPermissionID WHERE A.pkAgentID = @AgentID AND PERM.FormName = @FormName";
                comm.Parameters.Add("@AgentID", SqlDbType.Int).Value = agentID;
                comm.Parameters.Add("@FormName", SqlDbType.VarChar).Value = formName;


                reader = comm.ExecuteReader();

                if (reader.IsClosed == false)
                {
                    reader.Close();
                }

                return userid;
            }
            catch (Exception ex)
            {
                ex.Message.ToString();
                return userid;
            }
        }

In my site.master i wish to get this function and use it to authorize certain permissions once the user logs in. This is what I have so far:

C#

protected void AllowAccess()
       {
           SqlCommand comm = new SqlCommand();
           string id = Request.Params["AgentID"];
           int agentID = Convert.ToInt32(id);
           string form = "";

           int access = DataFunctions.AllowUserAccess(agentID, form);
           bool allow = false;

           if (allow == true)
           {

           }
           else
           {
               Response.Redirect("Login.aspx");
           }
       }

I'm stuck and I do not know what else to do in regards of getting the AllowAccess value and then getting a path or to show the specific web pages for each particular user.

Posted 26-Nov-12 1:15am

BreakingBad

Updated 26-Nov-12 1:20am

v2

Add a Solution

Comments

ZurdoDev 26-Nov-12 8:49am

What's the issue? It looks like you have code to validate whether or not they can access a page. What's wrong?

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

farham_heidari · Answer 1 · 2012-11-26T07:39:00

Solution 1

change your permissions with Ajax ; first make a page that can change permissions when you send a quarry string then send id in client side to that page ...
hope help full

Posted 26-Nov-12 7:39am

farham_heidari