I have a base class that checks if user has access to the derived form. I need to block/remove invoke/unsubscribe to all methods/events in derived class from base class, if user doesn't have access to the form.
I tried many things but couldn't find a way to handle this issue.
My approach is close form in base form load event, but if data loading in derived form Load Event, it also raises and closes after data load. This can be leak of some security problems.
I can easly solve this issue by adding some codes to derived form but i have about 450~500 about derived forms.
Or i can define a function to show form, that checks user role in form before showing but because of many derived forms, i can't change.
Public Class AuthBaseForm
Inherits DevExpress.XtraEditors.XtraForm
Property IsAuthorized As Boolean = False
Private Sub InitializeComponent()
Me.SuspendLayout()
'
'StartUpForm
'
Me.ClientSize = New System.Drawing.Size(825, 432)
Me.Name = "AuthBaseForm"
Me.AutoScaleMode = Windows.Forms.AutoScaleMode.Dpi
Me.ResumeLayout(False)
End Sub
Public Sub New()
MyBase.New()
' Here checks if user can access and visible this form
' function return true/false
IsAuthorized = GetUserRoleInForm(Me)
End Sub
Private Sub Form_Load(sender As Object, e As EventArgs) Handles Me.Load
If Not IsAuthorized Then
'Remove Here Derived Class Load Event
'Here, i need to find Derived class load event, and disable to invoke that method
MsgBox("You do not have permissions to show this form!", vbExclamation vbOKOnly)
Me.Close()
Return
End If
End Sub
End Class
Public Class DetailForm
Inherits AuthBaseForm
Public Sub New()
' This call is required by the designer.
InitializeComponent()
End Sub
Private Sub DetailForm_Load(sender As Object, e As EventArgs) Handles MyBase.Load
' this generated to test form role auth
MsgBox("If also my base class not authorized, this event is raising :(", vbInformation)
Me.KeyPreview = True
' Fetch data to show
Me.WaitHelper1.SetListingFunction(Sub() Me.GetData())
' Set auto filter rows
rh.devexFunc.SetGridViewFilterTypes(Me.viewSiparisler)
' Set column bolds
rh.devexFunc.SetGridViewFontBold(Me.viewSiparisler, "UNVAN")
End Sub
End Class
I've tried some works but still haven't get succeed.
CodePudding user response:
By Hans Passants' solution, i have revised base onl oad method as below and worked perfectly.
Protected Overrides Sub onl oad(e As EventArgs)
If Me.IsAuthorized Then
MyBase.OnLoad(e)
Else
Me.Close()
rh.ExclamationMsgBox("You are not allowed to show this form!")
End If
End Sub