How to find all values that have changes in mvc object

‘Compare the original and new versions of any db model, return a string of changes
    Function GetChanges(ByRef database As YourCaretakerEntitiesByRef originalValues As ObjectByRef newValues As ObjectAs String
        Dim returnString As New StringBuilder()
        Dim comparer As ObjectStateEntry = database.ObjectStateManager.GetObjectStateEntry(originalValues)
        For Each changedField In comparer.GetModifiedProperties()
            returnString.Append(” changed from “)
            returnString.Append(” to “)
            returnString.Append(“, “)
        If returnString.Length > 0 Then returnString = returnString.Replace(“, ““.”, returnString.Length – 2, 2)
        Return returnString.ToString()
    End Function

Handle Access Denied in MVC

Today I had to add security to the application. Essentially check if the logged in user has got permission to access a function and if not redirect to Unauthorised page. There may be a few ways this can be achieved. Some developers may prefer to add if else check in the view and depending if access needs to be granted they show selective part of the view. This will work, but I think there is a more elegant way to handle this. This is how I achieved this.

Create an attribute that will redirect unauthorised access to a SecurityController. In order to show custom unauthorised messages, it should allow specific messages which can be achieved by passing a reason string.

Here is the code for security attribute: (its in, but I am sure you can convert to C# easily)

<AttributeUsage(AttributeTargets.Method, AllowMultiple:=True, Inherited:=True)> _

Public NotInheritable Class ApplySecurityAttribute

    Inherits ActionFilterAttribute

    Private ReadOnly _permission As Integer


    Public Sub New(ByVal permission As Integer)

        Me.New(permission, String.Empty)

    End Sub


    Public Sub New(ByVal permission As Integer, ByVal reason_1 As String)

        _permission = permission

        Reason = reason_1

    End Sub


    Public Property Reason() As String


            Return m_Reason

        End Get

        Set(ByVal value As String)

            m_Reason = Value

        End Set

    End Property

    Private m_Reason As String


    Public Overrides Sub OnActionExecuting(ByVal filterContext As ActionExecutingContext)

        If Not PermissionsManager.HasPermission(_permission) Then

            ‘ Put security check here

            ‘ Security Controller

            ‘ Unauthorized Action

            ‘ Put the reason here

            Dim routeValueDictionary = New RouteValueDictionary() From { _

             {“controller”, “Security”}, _

             {“action”, “Unauthorized”}, _

             {“reason”, Reason} _



            filterContext.Result = New RedirectToRouteResult(routeValueDictionary)

        End If



    End Sub

End Class

Using the attribute is simple. Just declare it on a controller like this:

<ApplySecurity(Enums.Permissions.OfficeUserViewReports, "You are not authorised to view reports")>

Here is the Security Controller class.

Namespace YourCaretaker
    Public Class SecurityController
        Inherits System.Web.Mvc.Controller
        Function Unauthorized(ByVal reason As String) As ViewResult
           ViewBag.Reason = reason
            Return View()
        End Function
    End Class
End Namespace

And finally the permission manager

Public NotInheritable Class PermissionsManager
    Private Sub New()
    End Sub
    Public Shared Function HasPermission(ByVal permissionId As Integer) As Boolean
        'insert your implementation
        'if access allowed Return True else Return False
    End Function
End Class
Posted in .net, asp .net, mvc. Tags: . Leave a Comment »

How to get date 3 days before today

Its pretty simple really…