User Permissions and Error Handling - A TimCo Retail Manager Video

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

welcome to the timko retail manager course this course focuses on real-world application development in this video we're going to be handling what happens when a user does not have the permissions necessary to perform a task now patreon members don't forget to head over to my patreon site to get the source code if you aren't a patreon member and are interested in getting a source code for each timko retail manager course video head over and sign up at the $5 per month level or higher now if you've been following along this course since a start you know the goal is to develop a dotnet framework application that can serve as an existing or legacy application so that we can learn how to upgrade to a dotnet core application the schedule is now set and as long as nothing unexpected comes up there lis only two more videos after this one before the big upgrade that tangibly schedules the upgrade for November 4th I'm playing a few surprises and giveaways for the event so you don't want to miss it I may even be live when it launches make sure you're subscribed to his channel to get alerted when new videos are launched also they'll be extra bonuses for mailing list members and patreon members the link to both of those is in the description ok so let's move over to visual studio now right now everything works as it should and we're kind of on the happy path meaning the user log in as has permission to do all they need to do but if we go look at the the trm data manager the controllers and go products right now it says hey if you're cashier then you can get all of the products well what if we weren't a cashier now instead of deleting that role what I'm going to do is change it to be a manager role instead now the user login in AZ is not a manager so let's just make that change and start the application and see what happens all right so we're started up here and I have my login form and now I'm gonna say login and I get this crash that says unauthorized so I'm not authorized to load my products if I continue it crashes the application and it says you've not hailed that exception and now WPF has stopped that's not ideal we don't want to just stop the application so let's think through a better way of handling this now yes I should have permission in order to go to this page but there may be a case where I don't have from it permission before we said that basically anyone can sign up on our API right now and we added those rules so that yes that can sign up but they can't do anything just like you can sign up at Amazon and you can have your own shopping cart and you can buy stuff but you can't manage Amazon's products you're not an administrator you're not a manager you're just a consumer well in the same way our API you can sign up but then you couldn't go in and try to make purchases because we require a cashier to do that at least for right now so let's talk through what we're going to do I'm gonna leave this user as Melissa open now leave us user as not a manager and make this leave us as as manager that way we do have that error so we can test it and so we're going to do is we're gonna say let's wrap this in a try-catch that's a good first start so let's go snip it surround with try and we'll catch the exception and we're not gonna throw it but the question is what do we do here in fact I'm going to put a breakpoint right there and let's start the application again and this time it should be that it won't crash the application but it hits this exception if we look at the exception in the locals window it says the message is unauthorized it makes sense and we hit continue and our form comes out there's no items in the list that's not ideal either our user to ask us where is the information and that's that's not you want we want them to say hey you can't go to the sales page because you can't do anything on the sales page so you want this page to close down and we want to alert the user and say something isn't right you're not allowed to be here you're unauthorized and this is one of those questions that comes up a lot with especially mvvm into UPF but even though UPF in general the question is well how do I create a message box so we're gonna create a message box today and it's not going to be there is the I platelets Windows dot system dot Windows dot message box or something like that for the EPF we're not going to use that because that kind of breaks mvvm because mvvm the controller shouldn't be directly doing UI stuff that's what the view does but then you have to put the code in the code behind for the view and that's not right instead we need a mvvm friendly message box of some type and what that means is that we need to create one so let's right-click on controllers and say add controller oops not here not in controllers hopefully you're yelling to scream right now view models that's better view models and I want to have a new class I'm going to call this the status info view model I get public and I'm going to inherit from screen which I have to add the using statement for caliber and micro for that now what you may not know is that I am NOT a great user interface designer I am horrible at graphics in general I'm gonna create a really simple bare-bones doesn't look great but it works message box okay now please please please if you're going to put it in production make it look better okay but we're gonna do something really simple so I create a property string called header and another one called message and that's we're typically a error message has like the the category of error something like that and it has a message that has the description of what's going on and so that's we're going to do or kind of mimic that functionality and then I'll create a public void update message method that takes in a header and it takes in a message and this is where the actual modification of those properties is going to happen so header equals header and message equals message and I'm going to do a notify of property change and that's going to be on the header and then notify of property change on the message okay I'm gonna change these right here to a private sets that way you can't make a change externally to these I want them to go through this update message method and the last thing I want to do here is I'm going to have a button on the form that is a close button or acknowledge button of some kind so public void closed sounds good enough to me and we're going to do try close what that does is it closes the existing form not the whole application just this form if you did this dot close and close the entire application we don't want that we just want this form itself to close when you hit the close button okay now let's create a view for this status info view model so add a user control and this is going to be a status info make sure the names match up view this is our view pretty simple right now it's just an empty box with nothing in it so let's put something in it but again I'm going to keep it really simple and do a stackpanel I'm not even gonna do the grid just a stackpanel with the orientation equals vertical and then I'm gonna have a couple of text blocks inside of it text block with the name equal to header and then let's the font size to 20 and we're gonna make this bold as well so font weight is bold that way it's it's pretty big and bold he'll put a margin on here of 10 again simple stuff just to just have something on the screen now let's do it again in fact I'll copy and paste this and this time it's a message the font size is still 20 but let's take off the bold let's leave the margin as it is you know what let's change the font size just a little bit yeah 18 so that the header really is a you know a standout header and then finally we're gonna have a button and let's give it the name of those clothes was our method name and that's the padding of 10 and a margin of 20 close again I'm just putting stuff on here that's you know gets us close to what we need just a couple of text boxes and a close button this we left aligned right now the buttons gonna be the entire width of the the form so that's fine I think that's gonna be a now we have a message box a status info view and view model that we can pop up at some point but that means now we have to figure out how to create a pop up and how to get a new instance every time you want to do this because don't forget you want to have multiple multiple of these possibly if you have multiple different issues so it can't just be that you have one copy of this so let's go back over to our sales view model this is where you have the exception and we're gonna do here is let's get a new message box so far let's call it msg equals and how do you get a new message box well you could pass it in through the constructor but that's going to create one instance for this form that's not the end of the world but it may be that that's not what you want to happen let's start there and then we'll talk about other options so if you want a status info view model you do a control dot here to create a field and now you could say equals actually don't you need to have this message here we can just say status dots update message so you can pass in the new message and let's pretend for right now we know it's an unauthorized so unnethe or is and then the message is going to be you do not have permission to interact with the sales view or sales form so now you've we've modified that form but we still need to show the form okay so we've we've called them modify and that's gonna change our messaging but now we still need to show it in some way so now we need to do is we need create a dialog box and for that we need the window manager so let's ask the window manager so I window manager window control dot to create our field and now down here we can say window dot show dialog this is gonna pop this box up as a dialog box which means you can't get behind the box do anything you have to acknowledge the box first and close it before you can then go back to what you were doing so a show dialog we're going to pass in status so that's the form where I pass in null for our context and null for our settings it's all really simple like that okay so now and I say really simple I don't mean to say that you it's obvious I'm saying simple as and we're not doing a lot with this we're not having a lot of settings there's no settings there's no context we're just updating the header and the message and then showing the dialog for that form let's try this and see how it looks okay so the form is opening up I got a log in and it says that after this weird trm desktop UI dot view model just as info view model up here but it says unauthorized access you do not have permission to interact with the sales form now I can't click off it so I can't go back to this form underneath I have to hit close and now I'm back to the form but the course is empty so the next thing I want to do I want to close this form so let's close this form once we have successfully shown that dialog box so try close let's just do just that so incremental little changes to make it a little bit better you don't have permission clothes and other forms going away there's nothing to replace it with so it's just kind of sitting here we can logout we can exit and that's it we really need to have a menu option here for sales information we have a drop-down with you know go a sales form we don't right now but we don't have permission either so that's kind of a moot point so you could log out and then log back in but then I get this message saying we can't go there and so now we have to go back to this blank page though we're making progress now let's look at that let's go log out and log back in right now I can resize this make it bigger I can move it around and this right here is ugly so let's change a couple these things let's make it so you can't resize this make it ugly and you can't let's replace this right here with something like you know system message or system error or something like that so let's go back here and we're going to modify these settings now what are those settings well this way it gets a little trickier you have to create basically a dynamic list of settings so we're gonna say dynamic settings equals new Expando object yes that is a real thing control dot to add using system dynamic dynamic to create new Expando object and whereas I say settings dodged notice there's no intellisense here because essentially we can create anything you want in this object so we're going to say settings dot window star location yes you have to type these out correctly because there is no intellisense and so you have to know what these options are so I'm gonna give you these options because that way you don't have to go looking for them so window window Wow startup location control dot to add using system dot windows dot and we have center owners centers Korean manual so now you can choose where you want this to open up in this case center owner which the owner is the person who called it I also want settings dot resize mode and that's going to be resize mode dot you can minimize you can resize you can resize it grip or no resize let's go with no resize and finally settings dot title equals let's go a system error and that's going to be the title bar now that I have those settings I can pass them in right here settings let's try us again I login those system error I cannot resize there's no a bit of resize it starts in the center I can't move around but it starts in the center ok that makes it a little cleaner now I mentioned that if you pass it in like this then calling it multiple times you may get it's gonna be a problem okay so in theory we could do we could do this and call it again and say duplicate and say this is our second call so this is our second call and show this as well and theory is work let's try it okay there's our first one there's our second one duplicate call this is our second call so that works but we're reusing the same form that might not be ideal maybe you want to have two of these on the screen the same time now show dialog makes it kind of difficult because that's actually a blocking call notice we didn't do the try closed until after the second dialog box was closed so it is a blocking call but may you want to just show a pop-up and not necessary and you want to have multiple of them well in that case you couldn't really use one instance of Staz info view model because you showed one and then show the next one the next one says it over at the 1st one settings and it would actually have to the same messages and it's the last message you showed not ideal in which case instead of getting this status info view model from the constructor which is ideal what you would do instead is you would say var let's just say info equal equals IOC dot yet status info view model like so and that would get a new view model each time that way you can have multiple copies inside of your one method or one class so that's an option as well so let's clean us up a little bit and remember before I said let's assume that we know that this is an unauthorized exception well what if it's not though you don't want to say you're gonna authorize we wants to put something else so let's do this let's control X here and say if y X dot message and I do a quick and dirty compare to so I'm just gonna say message equals unauthorized like so then do this now you could also do a string compare which a better it's gonna look at casing unless you say don't look at casing but this will work for a a quick way of doing this so you know it's unauthorized as our exception message whenever we have an unauthorized error so now we can say else and say status message is a fatal exception and say instead of this message we could say Y X dot message in this show the exception as an exception message itself okay that way we can handle either type of exception since they're both just exception and not ones that unauthorized exception or something similar now it could change it to send unauthorized exceptions but I think this works just as fine so now it shouldn't change anything it should be that works just the same way unless I spelled unauthorized wrong or something else nope I don't authorize access and now it drops us back to here alright so now we had the foundation on which we can build other exception handling and also make sure we have a foundation for handling what do you do when you don't have permissions of something in this case we're going to tell them you don't have permissions and drop them out of the application or out of the form itself now there may be a case where they have access to load the products but they don't have access to create a sale so let's come down here to and a car is fine but maybe they can't check out in which case what we do is we would wrap this right here with a try-catch and have a different message box in a different action maybe we'd say hey you're allowed to view stuff but you can't check out and then just leave it go back to the cart and don't do anything else that's a possibility so there's there's options here you can play with but now we have the tools to do so we also the tools to show message boxes and other locations can you make it prettier absolutely we definitely should but it does work the way it's the way it is right now all right so let's go back to our product controller we're going to control Z to undo we can't undo no problem we can do a cashier so it was and now it should be let's just verify this but it should be that the user can load the sales form just fine and see all the entries in a list I can great so let's commit our code staged our code and add dialogue box and check permissions checks to be sure a user has access and alerts them if they do not good enough we're going to commit and this could commit stage because a sync folder there is nothing on the server itself so I can go ahead and just hit push okay once that's done we are now complete with this next task we have handled what to do yet the user doesn't have permission and we've create a dialog box which we can reuse in multiple different areas in multiple different ways now the next video what we're going to do is we're going to look at creating a display for the users and their associated groups so we know okay this user has the these group accesses so they're a cashier or their administrator or their manager and we'll see which ones they have the video after that we're actually going to be allowing for some modification of those lists so we can say okay give you know give tim access to be a cashier now obviously I'm a administrator only ability but that's what's coming down the next two videos and after that is the dotnet core upgrade don't forget to go over and get the source code if you're a patreon member until the next video thanks for watching as always I am Tim quarry

Info

Channel: IAmTimCorey

Views: 7,743

Rating: undefined out of 5

Keywords: .net, C#, Visual Studio, code, programming, tutorial, course, training, how to, tim corey, C# course, C# training, C# tutorial, C# app start to finish, timco, timco retail manager, wpf, asp.net, .net core, asp.net mvc, autofac, c# solid, c# solid principles, dependency injection, tdd, unit testing, xunit, moq, mvvm messagebox, authentication, authorization, roles

Id: TNz31FmexKA

Channel Id: undefined

Length: 27min 10sec (1630 seconds)

Published: Mon Sep 23 2019