WebGrid MVC 5 – Show action buttons based on Authentication and Authorization

Question

In the WebGrid last column has 3 buttons “create, edit, delete”. As indicated in the title I want to show only “edit” and “delete” buttons if the user is authenticated and authorized.

If the link is not in the WebGrid, for example “Add” button I can do that in this way:

<div >
     @if (Request.IsAuthenticated && (User.IsInRole("Admin") || User.IsInRole("canEdit")))
     {
         <a class="btn btn-success" href="@Url.Action("Create" )" id="btnCreate"><i class='glyphicon glyphicon-plus'></i> </a>
     }
</div>

In the grid I have formatted the last column in this way:

grid.Column(header: "Action", canSort: false, style: "action  col-lg-2",
            format: (item) => new HtmlString("<a href=" + @Url.Action("Details", new { id = item.id }) + " title='Detail' ><i class='glyphicon glyphicon-search'> </i><span class='sr-only'>Detail</span> </a> " 
                + " <a href=" + @Url.Action("Edit", new { id = item.id }) + "><i class='glyphicon glyphicon-edit'></i><span class='sr-only'>Edit</span> </a> " 
                + " <a href=" + @Url.Action("Delete", new { id = item.id }) + "><i class='glyphicon glyphicon-trash'> </i> </a> ") 
              )

And it works perfectly. But I am unable to figure out how to put if statement inside the lambda expression. How can I do that?

Here is the code:

var grid = new WebGrid(canPage: true, rowsPerPage: Model.PageSize, canSort: true, ajaxUpdateContainerId: "grid");
grid.Bind(Model.Content, rowCount: Model.TotalRecords, autoSortAndPage: false);
@grid.GetHtml(htmlAttributes: new { id = "grid" },  // id for ajaxUpdateContainerId parameter
fillEmptyRows: false,
tableStyle: "table table-bordered table-hover",
mode: WebGridPagerModes.All,
columns: grid.Columns(
         grid.Column("Id", "ID", style: "col-lg-1"),
         grid.Column("ProductName", "Name", style: "col-lg-3"),
         grid.Column("Description", "Description", style: "col-lg-5"),
         grid.Column(header: "Action", canSort: false, style: "action  col-lg-2",
         format: (item) => new HtmlString("<a href=" + @Url.Action("Details", new { id = item.id }) + " title='Detail' ><i class='glyphicon glyphicon-search'> </i><span class='sr-only'>Detail</span> </a> " 
             + " <a href=" + @Url.Action("Edit", new { id = item.id }) + "><i class='glyphicon glyphicon-edit'></i><span class='sr-only'>Edit</span> </a> " 
             + " <a href=" + @Url.Action("Delete", new { id = item.id }) + "><i class='glyphicon glyphicon-trash'> </i> </a> ")                   )
             )
         );

score 0 · Answer 1 · answered Aug 12 '15 at 20:34

You can authorize in the following way.

@if ( User.Identity.IsAuthenticated ){
    if ( User.IsInRole("Admin") ){
        + " <a href=" + @Url.Action("Edit", new { id = item.id }) + "><i class='glyphicon glyphicon-edit'></i><span class='sr-only'>Edit</span> </a> " 
                + " <a href=" + @Url.Action("Delete", new { id = item.id }) + "><i class='glyphicon glyphicon-trash'> </i> </a>        
    }
}

And remember to add [Authorize] attribute to your Admin action method:

[Authorize(Roles="Admin")]
public ActionResult Edit()
{
    // ...
    return View();
}

[Authorize(Roles="Admin")]
public ActionResult Delete()
{
    // ...
    return View();
}

It doesn’t work. Can you show complete code inside lambda expression? As I have stated in the question you can’t put this code in the lambda expression. Lambda expression is the one with `(item) => new HtmlString(…)` next to last format: . Your code can not put inside `HtmlString()`. That’s where we need to hide the buttons. What you have suggesting is the exact thing I have shown in the code for the Add (Create) action. That means your code will only work outside the WebGrid column formatting. By the way I’m still not comfortable with lambda expressions. — Dush, Aug 12 '15 at 23:25

WebGrid MVC 5 – Show action buttons based on Authentication and Authorization

1 Answers1