ASP.NET 4 Unleased - p 113 pptx

For example, you learn how to display different SiteMap nodes, depending on the roles associated with the current user.. Using Security Trimming You might want to display different navig

Trang 1

IsAccessibleToUser()—Returns True when the current user has permissions to view

the current node

IsDescendantOf()—Returns True when the current node is a descendant of a

particular node

By taking advantage of the SiteMap and SiteMapNode classes, you can work directly with

Site Maps in a page For example, imagine that you want to display the value of the

SiteMapNode title attribute in both the browser’s title bar and in the body of the page

Listing 23.7 demonstrates how you can retrieve the value of the Title property associated

with the current page programmatically

LISTING 23.7 Products/FirstProduct.aspx

<%@ Page Language=”C#” %>

<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.1//EN”

“http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd”>

void Page_Load()

{

if (!Page.IsPostBack)

{

SiteMapNode currentNode = SiteMap.CurrentNode;

this.Title = currentNode.Title;

ltlBodyTitle.Text = currentNode.Title;

lblDescription.Text = currentNode.Description;

}

</script>

<title>First Product</title>

</head>

<body>

<div>

<asp:Label

id=”lblDescription”

Runat=”server” />

Trang 2

FIGURE 23.5 Retrieving Site Map node properties

</div>

</form>

</body>

</html>

When you open the page in Listing 23.7, the Page_Load() event handler grabs the

current SiteMapNode and modifies the Page Title property The handler also assigns the

value of the Title property to a Literal control contained in the body of the page

Finally, the value of the SiteMapNode’s Description property is assigned to a Label control

(see Figure 23.5)

NOTE

It would make sense to place the code in Listing 23.7 in a Master Page To learn more

about Master Pages, see Chapter 5, “Designing Websites with Master Pages.”

Advanced Site Map Configuration

This section explores several advanced features of Site Maps For example, you learn how

to display different SiteMap nodes, depending on the roles associated with the current

user You also learn how to create multiple Site Maps for a single application Finally, you

learn how you can extend Site Maps with custom attributes

Trang 3

Using Security Trimming

You might want to display different navigation links to different users, depending on their

roles For example, if a user is a member of the Administrators role, you might want to

display links to pages for administrating the website However, you might want to hide

these links from other users

To display different links to different users depending on their roles, you must enable a

feature of Site Maps named Security Trimming This feature is disabled by default The web

configuration file in Listing 23.8 enables Security Trimming

LISTING 23.8 Web.Config

<?xml version=”1.0”?>

<system.web>

<add

name=”MySiteMapProvider”

type=”System.Web.XmlSiteMapProvider”

securityTrimmingEnabled=”true”

siteMapFile=”Web.sitemap” />

</providers>

</siteMap>

</system.web>

</configuration>

The configuration file in Listing 23.8 includes a <siteMap> element that configures a new

SiteMapProvider named MySiteMapProvider The new provider enables Security Trimming

with its securityTrimmingEnabled property

After you enable Security Trimming, any pages a user is not allowed to view are

automati-cally hidden For example, imagine that your website includes a folder named Admin that

contains the web configuration file in Listing 23.9

LISTING 23.9 Web.Config

<?xml version=”1.0”?>

<system.web>

Trang 4

</authorization>

</system.web>

</configuration>

The configuration file in Listing 23.9 prevents anyone who is not a member of the

WebAdmin role from viewing pages in the same folder (and below) as the configuration

file Even if the Web.sitemap file includes nodes that represent pages in the Admin folder,

the links don’t appear for anyone except members of the WebAdmin role

Another option is to explicitly associate roles with nodes in a Site Map This is useful in

two situations First, if your website contains links to another website, you can hide or

display these links based on the user role Second, if you explicitly associate roles with

pages, you hide page links even when a user has permission to view a page

The Web.sitemap file in Listing 23.10 contains links to the Microsoft, Google, and Yahoo

websites A different set of roles is associated with each link

LISTING 23.10 Web.sitemap

<?xml version=”1.0” encoding=”utf-8” ?>

<siteMapNode

title=”External Links”

description=”Links to external Websites”

roles=”RoleA,RoleB,RoleC”>

<siteMapNode

title=”Google”

url=”http://www.Google.com”

description=”The Google Website”

roles=”RoleA” />

<siteMapNode

title=”Microsoft”

url=”http://www.Microsoft.com”

description=”The Microsoft Website”

roles=”RoleB” />

<siteMapNode

title=”Yahoo”

url=”http://www.Yahoo.com”

description=”The Yahoo Website”

roles=”RoleC” />

</siteMapNode>

</siteMap>

Trang 5

The page in Listing 23.11 enables you to add yourself and remove yourself from different

roles Different links appear in the TreeView control, depending on which roles you select

LISTING 23.11 ShowSecurityTrimming.aspx

<%@ Page Language=”C#” %>

<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.1//EN”

“http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd”>

void Page_Load()

{

if (!Page.IsPostBack)

{

foreach (ListItem item in cblSelectRoles.Items)

if (!Roles.RoleExists(item.Text)) {

Roles.CreateRole(item.Text);

Roles.AddUserToRole(User.Identity.Name, item.Text);

} }

}

protected void btnSelect_Click(object sender, EventArgs e)

{

if (item.Selected)

{

if (!User.IsInRole(item.Text)) Roles.AddUserToRole(User.Identity.Name, item.Text);

}

else

{

if (User.IsInRole(item.Text)) Roles.RemoveUserFromRole(User.Identity.Name, item.Text);

}

Response.Redirect(Request.Path);

}

void Page_PreRender()

{

item.Selected = User.IsInRole(item.Text);

}

</script>

Trang 6

html

{

background-color:silver;

}

.column

{

float:left;

width:300px;

border:Solid 1px black;

background-color:white;

padding:10px;

}

</style>

<title>Show Security Trimming</title>

</head>

<body>

<asp:Label

id=”lblSelectRoles”

Text=”Select Roles:”

AssociatedControlID=”cblSelectRoles”

<br />

<asp:CheckBoxList

id=”cblSelectRoles”

Runat=”server”>

<asp:ListItem Text=”RoleA” />

<asp:ListItem Text=”RoleB” />

<asp:ListItem Text=”RoleC” />

</asp:CheckBoxList>

<asp:Button

id=”btnSelect”

Text=”Select”

OnClick=”btnSelect_Click”

</div>

Trang 7

<asp:TreeView

id=”TreeView1”

DataSourceID=”srcSiteMap”

<asp:SiteMapDataSource

id=”srcSiteMap”

</div>

</form>

</body>

</html>

When you first open the page in Listing 23.11, the Page_Load() handler creates three

roles—RoleA, RoleB, and RoleC—and adds the current user to each role

The CheckBoxList control in the body of the page enables you to select the roles that you

want to join Different links to external websites appear, depending on which roles you

select (see Figure 23.6)

FIGURE 23.6 Hiding Site Map nodes by user role

Trang 8

Merging Multiple Site Maps

To make it easier to manage a large application, you can store Site Maps in more than one

location and merge the Site Maps at runtime For example, if you use the default

SiteMapProvider—the XmlSiteMapProvider— you can create multiple sitemap files that

describe the navigation structure of different sections of your website

For example, the Web.sitemap file in Listing 23.12 includes a node that points to another

sitemap file

<siteMapNode

url=”Default.aspx”

title=”Home”

description=”The Home Page”>

<siteMapNode

url=”Products/Default.aspx”

title=”Our Products”

description=”Products that we offer”>

<siteMapNode

url=”Products/FirstProduct.aspx”

title=”First Product”

description=”The description of the First Product” />

<siteMapNode

url=”Products/SecondProduct.aspx”

title=”Second Product”

description=”The description of the Second Product” />

</siteMapNode>

<siteMapNode

url=”Services”

title=”Our Services”

description=”Services that we offer”>

<siteMapNode

url=”Services/FirstService.aspx”

title=”First Service”

description=”The description of the First Service”

metaDescription=”The first service” />

<siteMapNode

url=”Services/SecondService.aspx”

title=”Second Service”

description=”The description of the Second Service” />

</siteMapNode>

Trang 9

<siteMapNode

siteMapFile=”Employees/Employees.sitemap” />

</siteMapNode>

</siteMap>

The sitemap in Listing 23.12 includes the following node:

This node includes a siteMapFile attribute that points to a sitemap located in the

Employees subdirectory of the current application The contents of the

Employees.sitemap are automatically merged with the default Web.sitemap

The Employees.sitemap is contained in Listing 23.13

LISTING 23.13 Employees/Employees.sitemap

<siteMapNode

url=”Employees/Default.aspx”

title=”Employees”

description=”Contains descriptions of employees”>

<siteMapNode

url=”Employees/BillGates.aspx”

title=”Bill Gates”

description=”Bill Gates Page” />

<siteMapNode

url=”Employees/SteveJobs.aspx”

title=”Steve Jobs”

description=”Steve Jobs Page” />

</siteMapNode>

</siteMap>

There is nothing special about the sitemap in Listing 23.13 It contains a description of

the two pages in the Employees subdirectory

This is a great feature for working with large websites Each section of the website can be

managed by a different developer When the website is accessed by a user, the contents of

the different sitemaps are seamlessly stitched together

NOTE

You also can associate different SiteMapProviders with different nodes in a sitemap

file by taking advantage of the provider attribute For example, a Site Map might be

stored in a database table for one section of your website and stored in an XML file for

another section of your website

Trang 10

Creating Custom Site Map Attributes

You can extend a Site Map with your own custom attributes You can use a custom

attribute to represent any type of information that you want

For example, imagine that you want to associate <meta> Description tags with each page

in your web application to make it easier for search engines to index your website In that

case, you can add a metaDescription attribute to the nodes in a Web.sitemap file

The Web.sitemap file in Listing 23.14 includes metaDescription attributes for the two

Services pages

<siteMapNode

url=”Default.aspx”

title=”Home”

description=”The Home Page”>

<siteMapNode

url=”Products/Default.aspx”

title=”Our Products”

description=”Products that we offer”>

<siteMapNode

url=”Products/FirstProduct.aspx”

title=”First Product”

description=”The description of the First Product” />

<siteMapNode

url=”Products/SecondProduct.aspx”

title=”Second Product”

description=”The description of the Second Product” />

</siteMapNode>

<siteMapNode

url=”Services/Default.aspx”

title=”Our Services”

description=”Services that we offer”>

<siteMapNode

url=”Services/FirstService.aspx”

title=”First Service”

description=”The description of the First Service”

metaDescription=”The first service” />

<siteMapNode

url=”Services/SecondService.aspx”

title=”Second Service”

description=”The description of the Second Service”

metaDescription=”The second service” />

Định dạng
Số trang	10
Dung lượng	519,59 KB