Access Control in C#

Question

TheDocterd 7 Junior Poster

13 Years Ago

Hi Experts :)

I am battling with some small logical error and I need some help.. I want to enable access levels in my windows form application. I have a database with a column named 'UserType'. In this column I have data from 1 to 5. This represents the access level of a user. 1 being the lowest and 5 being the highest allowing all.

The access level is determined on a button, etc.. For example on my edit button only users with 3 and above have the rights.

private void editJobBtn_Click(object sender, EventArgs e)
        {
            //Getting the sql connection and selecting columns in database
            SqlConnection conn = new SqlConnection("Data Source=DEWALD-PC;Initial Catalog=JobbookDatabase;Persist Security Info=True;User ID=sa;Password=123");
            SqlCommand cmd = new SqlCommand("SELECT UserType FROM UserAccounts", conn);

            //the temporary variables used
            int type = 0;
            Boolean proceed = false;

            try
            {
                //Opening connection and starting the data reader
                conn.Open();
                SqlDataReader myReader = cmd.ExecuteReader();

                //Using the datareader to get desired data
                while (myReader.Read())
                {
                    type = (myReader.GetInt32(2));
                }

                //closing all connections
                myReader.Close();
                conn.Close();

                try
                {
                    //if password is right, login will continue
                    if (type == 3)
                    {
                        proceed = true;
                    }
                }
                catch (Exception re)
                {
                    MessageBox.Show("Enter password or select user" + re);
                }
            }
            catch (Exception er)
            {
                MessageBox.Show("Error:" + er);
            }

            //If login is proceding, determine what type of user
            if (proceed == true)
            {
                if (type == 3)
                {
                    //Reading the selected row in the current datagrid and then passing it on to the viewing form
                    String JobID = dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[0].Value.ToString();
                    String Month = dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[1].Value.ToString();
                    String Date = dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[2].Value.ToString();
                    String Office = dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[3].Value.ToString();
                    String JobCode = dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[4].Value.ToString();
                    bool Pending = (bool)dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[5].Value;
                    String AllocatedTo = dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[6].Value.ToString();
                    String JobDescription = dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[7].Value.ToString();
                    String InvoiceNumber = dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[8].Value.ToString();
                    String Client = dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[9].Value.ToString();
                    String ContactDetails = dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[10].Value.ToString();
                    String Amount = dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[11].Value.ToString();
                    //String Assistants = dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[11].Value.ToString();
                    bool Surveyd = (bool)dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[13].Value;
                    bool PlanCompleted = (bool)dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[14].Value;
                    bool PlanGivenToClient = (bool)dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[15].Value;
                    bool LetterOfApproval = (bool)dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[16].Value;
                    bool Invoiced = (bool)dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[17].Value;
                    bool Paid = (bool)dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[18].Value;
                    String TypeOfJob = dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[19].Value.ToString();
                    bool FoundationStakeout = (bool)dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[20].Value;
                    bool BrickWork = (bool)dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[21].Value;
                    bool Application = (bool)dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[22].Value;
                    bool Approval = (bool)dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[23].Value;
                    bool Appeal = (bool)dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[24].Value;
                    bool Endorsements = (bool)dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[25].Value;
                    bool SGfeesPaid = (bool)dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[26].Value;
                    bool SubmitToSG = (bool)dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[27].Value;
                    bool PlansReceived = (bool)dataGridView1.Rows[dataGridView1.SelectedRows[0].Index].Cells[28].Value;
                    EditJob ej = new EditJob(this, JobID, Month, Date, Office, JobCode, Pending, AllocatedTo, JobDescription, InvoiceNumber, Client, ContactDetails, Amount, Surveyd, PlanCompleted, PlanGivenToClient, LetterOfApproval, Invoiced, Paid, TypeOfJob, FoundationStakeout, BrickWork, Application, Approval, Appeal, Endorsements, SGfeesPaid, SubmitToSG, PlansReceived);

                    //frm1inForm2 is the instance of the class clsForm1 in Form2.cs declared as public 
                    ej.frm1inForm2 = this;

                    //Display the Form2 as a modal dialog box.
                    ej.ShowDialog();
                }
                else
                {
                    MessageBox.Show("Access Denied");
                }
            }
        }

Can anyone help me with this??

c#

2 Contributors
2 Replies
200 Views
11 Hours Discussion Span
Latest Post 13 Years Ago Latest Post by TheDocterd

kvprajapati 1,826 Posting Genius

13 Years Ago

You should revise sql select statement. SELECT UserType FROM UserAccounts will fetch all five rows.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

TheDocterd 7 Junior Poster · Answer 1 · 2010-12-14T17:25:52+00:00

is there then by any chance how i can retrieve the usertype and display it in a hidden text box? this way I can mos put in a where clause, correct?