I have a webform (ASP.NET and C#) and in Masterpage I have a navbar and in that navbar I have a LoginView. So, when some user loggs in the application, the shows up fine. I just want to hide some elements (some < li > 's of LoggedInTemplate) in MasterPage from Default page using codebehind; depending of "userlevel = "1" or "userlevel = "2" or "userlevel = "3" when I read cookies in PageLoad.
Note: I dont have problems to read cookies. The only problem is to hide elements from MasterPage with c# or JS when I load Default page knowing userlevel already.
This is my loginview in MasterPage:
<asp:LoginView ID="LoginView1" runat="server" ViewStateMode="Disabled">
<AnonymousTemplate>
<ul class="nav navbar-nav navbar-right">
<li><a runat="server" href="~/Account/Login">Log in</a></li>
</ul>
</AnonymousTemplate>
<LoggedInTemplate>
<ul class="nav navbar-nav navbar-right">
<!-- comentar esta linea <li><a runat="server" href="~/Account/Manage" title="Manage your account">Hello, <%: Context.User.Identity.GetUserName() %> !</a></li> -->
<!--<li><a runat="server" href="http://mxcopdr-app01/Reports/report/Scrapper/Scrapper%20-%20Reporte%20por%20ID%20de%20Scrappeo" target="_blank" rel="noopener noreferrer">Reportes</a></li>-->
<li runat="server" ><a runat="server" href="~/Aprobaciones">Aprobaciones</a></li>
<li class="dropdown">
<a class="dropdown-toggle" data-toggle="dropdown" href="#">Reportes
<span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a runat="server" href="http://mxcopdr-app01/Reports/report/Scrapper/Scrapper%20-%20Reporte%20por%20usuario" target="_blank" rel="noopener noreferrer">Por usuario</a></li>
<li><a runat="server" href="http://mxcopdr-app01/Reports/report/Scrapper/Scrapper%20-%20Reporte%20por%20fechas" target="_blank" rel="noopener noreferrer">Por fechas</a></li>
<li><a runat="server" href="http://mxcopdr-app01/Reports/report/Scrapper/Scrapper%20-%20Reporte%20por%20ID%20de%20Scrappeo%20(summary)" target="_blank" rel="noopener noreferrer">Por scrap ID (summary)</a></li>
<li><a runat="server" href="http://mxcopdr-app01/Reports/report/Scrapper/Scrapper%20-%20Reporte%20por%20ID%20de%20Scrappeo%20(detalle)" target="_blank" rel="noopener noreferrer">Por scrap ID (detalle)</a></li>
</ul>
</li>
<li><a runat="server" title="Manage your account">Hola, <%: Context.User.Identity.GetUserName() %> !</a></li>
<li><asp:LoginStatus runat="server" LogoutAction="Redirect" LogoutText="Log off" LogoutPageUrl="~/" OnLoggingOut="Unnamed_LoggingOut" /></li>
</ul>
</LoggedInTemplate>
</asp:LoginView>
NOTES: The top of my Master page is
<%@ Master Language="C#" AutoEventWireup="true" CodeBehind="Site.master.cs" Inherits="Scrapper.SiteMaster"% >
and the elements in my MasterPage are in:
<body runat="server">
...
</body>
Edit: Thanks for your answer. After some hours of thinking and testing I got what I wanted with this: I took the < li > out of the LoggedInTemplate so I can reach it from C# (I was unable to see the control from C# if it was inside the LoggedInTemplat, I dont know why ), well, then I just set visible-false with C# in Masterpage:
protected void Page_Init(object sender, EventArgs e)
{
if ((System.Web.HttpContext.Current.User != null) && System.Web.HttpContext.Current.User.Identity.IsAuthenticated)
{
//MessageBox.Show("Autenticado");
Aprobacionesbtn.Visible = true; //button in the navbar
Reportesmenu.Visible = true; //dropdown menu in the navbar
}
else if ((System.Web.HttpContext.Current.User == null))
{
//MessageBox.Show("No autenticado");
Aprobacionesbtn.Visible = false; //button in the navbar
Reportesmenu.Visible = false; //dropdown menu in the navbar
}
}
The way to "get at" and control say some menu items?
Just add some "id" and a runat="server" tags to the bootstrap menu.
so, say add this:
so, note the addition of a "id" and runat="server"
so, for example, I have a drop down - only for those with say administraor role.
say this:
so, the "whole" admin drop down now has a tag.
Now, in site master, it is a simple matter to hide/show these menu items, or sub options with code.
say this:
so, for example, above has:
And better yet?
as a "normal" rule, to hide/show elements on a page, we of course "often" use style, since then JavaScript (client side) code can see/use/hide/show/enjoy/work with those elements, showing or not. (and then of course js side code can toggle the hide/show of such elements).
However, when you use "SomeElement.visible" = false, then not only does this hide the element, it also not even sent nor rendered to the client side. (and that's good for security).
Now, of course all those pages are secured using role membership, so the pages can't be hit even by typing in the URL, and this takes no code on my part of the security issue, since all those pages are secured by role membership, and that occurs at and by IIS, and not me having to write code to prevent use of such pages.
Now, that menu has some "rough" parts, since it was one of my "early" goes at using security + roles to hide + show menu items.
So, all in all?
Add some "id" and runat=server.
And then on site master page load, simple toggle such menu items based on role membership.
In most cases, you can even toggle/set based on a role membership expression such as:
Looking back?
Well, m1, m2 etc. (for menu 1 etc.) was a poor choice, and next time around I probably give the menu items the same id as "role" from the roles security table, but not a huge deal.
So, after the user exits the logon page, then of course any navigation to any menu bar does trigger the site master page load event, and that's where the above code exists.