In this example, we configure the DevExpress Dashboard control for multi-user environments.
It illustrates how to identify a user in the current session and return the following user-specific content:
Custom dashboard storage allows you to specify which dashboards the user can access, edit, and save.
API: IEditableDashboardStorage Interface
Files to review: CustomDashboardStorage.cs
Custom data source storage allows you to specify which data sources are available to the user.
API: IDataSourceStorage Interface
Files to review: CustomDataSourceStorage.cs
A custom data source schema provider allows you to filter the data source for different users and display specific data source segments.
Files to review: CustomDBSchemaProvider.cs
A custom connection string provider allows you to specify connection strings based a given user’s access rights.
API: IDataSourceWizardConnectionStringsProvider Interface
Files to review: CustomConnectionStringProvider.cs
The Web Dashboard control can be used in ViewerOnly mode for unauthorized users. To enable this capability, handle the DashboardConfigurator.VerifyClientTrustLevel event and set the e.ClientTrustLevel property to Restricted. This setting prevents inadvertent or unauthorized modifications of dashboards stored on a server. To learn more, please review the following help topic: Security Considerations - Working Mode Access Rights.
API: DashboardConfigurator.VerifyClientTrustLevel Event
Files to review: Dashboard.cshtml and Startup.cs
You can limit access to sensitive information based on the current user's ID. Every custom store/provider reads the IHttpContextAccessor.HttpContext.Session.GetString("CurrentUser") value from session state. We use the standard IHttpContextAccessor with dependency injection to access the HTTP context is custom storages/providers.
When the application starts, you can use the Index view (with a ComboBox) to select a user. When you click the Sign in button, the ID of the selected user is passed to the CurrentUser variable in Session and you are redirected to the Dashboard view. In this view, the Web Dashboard control displays the features available to the selected user. Below is a table that illustrates the user IDs and their associated rights in this particular example:
| Role | Dashboard Storage | DataSource Storage | ConnectionString Provider | DBSchema Provider | Working Mode | Create/Edit |
|---|---|---|---|---|---|---|
| Admin | dashboard1_admin, dashboard2_admin | SqlDataSource, JsonDataSource | Northwind, CarsXtraScheduling | All (Categories, Products, Cars,...) | Designer, Viewer | Yes |
| User | dashboard1_user | SqlDataSource | CarsXtraScheduling | Cars | Designer, Viewer | No |
| Guest | dashboard1_guest | - | - | - | ViewerOnly | - |
| Unauthorized | - | - | - | - | ViewerOnly | - |
- Dashboard for ASP.NET Core - How to load different data based on the current user
- Dashboard for ASP.NET Core - How to implement authentication
- Dashboard for MVC - How to implement multi-tenant Dashboard architecture
- Dashboardfor MVC - How to load and save dashboards from/to a database
- Dashboardfor MVC - How to load different data based on the current user
(you will be redirected to DevExpress.com to submit your response)