LightSwitch with Oracle Data Source (part 3) – Server Side Data filtering

Long time ago I started those posts and now it’s time for me to write the next part.

But first I need to describe some changes based on version evolution of LightSwitch.

With the newest version we can filter table data on server side using session variables.

It all starts from “SessionCheck.aspx” (this is a file we added in part 2 for developing LightSwitch applications with external authentication)

p2 AddSessionService

The code shall look like this:

 

    /// <summary>
    /// Summary description for SessionCheck
    /// </summary>
    public class SessionCheck : IHttpHandler, IRequiresSessionState 
    {

        public void ProcessRequest(HttpContext context)
        {
            //Get Session ID from request
            string sid = context.Request.QueryString["sid"];
            context.Response.ContentType = "text/plain";

            //todo extract session values for this SID

            //Store Values in Session
            context.Session["grid"] = (decimal)GridFromSID;
            context.Session["brid"] = (decimal)BridFromSID;
            context.Session["usid"] = (decimal)UserIDFromSID;
            context.Session["name"] = (string)UserNAmeFromSID;

            //Responde Values to request
            context.Response.Write(
                  "sid=" + sid + 
                  ";grid=" + context.Session["grid"] + 
                  ";brid=" + context.Session["brid"] +
                  ";userid=" + context.Session["usid"] +
                  ";name=" + context.Session["name"] );
        }

        public bool IsReusable
        {
            get
            {
                return false;
            }
        }
    }

 

The new here is adding System.Web.SessionState.IRequiresSessionState allowing us to access Session object and storing values in it.

In logical view access any table you want to Data Filter and click on Write Code \ *_flter to enter filtering event code.

p3_client_filtering

The code you see will look like this:

partial void CLIENTs_Filter(ref Expression<Func<CLIENT, bool>> filter)
{
    // filter = e => e.IntegerProperty == 0;
}

What we need to add for server side filtering in my case shall make the code to look like this:

partial void CLIENTs_Filter(ref Expression<Func<CLIENT, bool>> filter)
{            
    filter = e => ((e.GRID == ((decimal)System.Web.HttpContext.Current.Session["grid"])) &&
                    (e.BRID == ((decimal)System.Web.HttpContext.Current.Session["brid"])));
}

One more thing we need to do: All record shown in the application are now filtered and it will be nice in case of change or insert to be sure filtered values are not changed.

For this the be secured we need to add Insert handler, Delete handler and Update handler:

partial void CLIENTs_Inserting(CLIENT entity)
{
    entity.GRID = ((decimal)System.Web.HttpContext.Current.Session["grid"]);
    entity.BRID = ((decimal)System.Web.HttpContext.Current.Session["brid"]);
}

partial void CLIENTs_Updating(CLIENT entity)
{
    entity.GRID = ((decimal)System.Web.HttpContext.Current.Session["grid"]);
    entity.BRID = ((decimal)System.Web.HttpContext.Current.Session["brid"]);
}

partial void CLIENTs_Deleting(CLIENT entity)
{
    entity.GRID = ((decimal)System.Web.HttpContext.Current.Session["grid"]);
    entity.BRID = ((decimal)System.Web.HttpContext.Current.Session["brid"]);
}

It’s a lot to code for each entity object in your database, but it’s stable and secure way to filter input and output from your tables.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

https://ceciliamettatraduzioni.com/ https://intalalab.isikun.edu.tr/wp-includes/assets/demo/ https://intalalab.isikun.edu.tr/wp-includes/assets/gacor/ https://intalalab.isikun.edu.tr/wp-includes/assets/jarwo/ https://intalalab.isikun.edu.tr/product/dana/ https://intalalab.isikun.edu.tr/product/pay4d/ https://kgo.ceciliamettatraduzioni.com/
https://pecintamania.online/
https://ejournal.unperba.ac.id/datamacau5d/
https://libstai.latansamashiro.ac.id/files/new/
https://sobatprinces.com/ https://heika77juara.com/ https://tukangpola.com/ https://heika77.online
https://lilin88.com/ https://privacy.reputationmanagementconsultants.com/