我有一个gridview表,它有三列..fileID,uploadedBy和delete。只有文件的所有者才能删除该文件。如何验证删除文件的人是文件的所有者。我有登录凭据,我有uploadedBy字符串。我可以获取登录凭据,但是我无法从单击的删除链接中获取uploadedBy列。
<asp:TemplateField HeaderText="View" ItemStyle-HorizontalAlign="Center">
<ItemTemplate>
<asp:HyperLink ID="lnkView" runat="server" NavigateUrl='<%# Eval("Id", "~/ViewFile.aspx?Id={0}") %>' Text="View"></asp:HyperLink>
</ItemTemplate>
</asp:TemplateField>
<asp:HyperLinkField ItemStyle-HorizontalAlign="Center" DataNavigateUrlFields="Id" DataNavigateUrlFormatString="~/DeleteFile.aspx?Id={0}" HeaderText="Delete" Text="Delete" />
protected void GridView1_RowDataBound(object sender, GridViewRowEventArgs e)
{
switch (e.Row.RowType)
{
case DataControlRowType.DataRow:
FileInfo myFileInfo = (FileInfo)e.Row.DataItem;
switch (myFileInfo.ContentType.ToLower())
{
case "image/pjpeg": // .jpg files
case "image/gif": // .gif files
case "application/msword": // .doc files
case "text/plain": // .txt files
case "application/vnd.ms-excel":
// Do nothing. When the row contains a viewable type,
// we want the View link to be enabled.
break;
default:
// Find the View link and disable it.
HyperLink myLink = (HyperLink)e.Row.FindControl("lnkView");
myLink.Enabled = false;
break;
}
break;
}
}
答案 0 :(得分:2)
您可以使用RowDataBound事件并使用当前登录用户检查更新者。如果它不是同一个用户,只需隐藏删除按钮。
protected void GridView1_RowDataBound(object sender, GridViewRowEventArgs e)
{
if (e.Row.RowType == DataControlRowType.DataRow)
{
System.Data.DataRow dr = ((System.Data.DataRowView)e.Row.DataItem).Row;
if (dr["uploadedBy"].ToString() != HttpContext.Current.User.Identity.Name)
{
((Button)e.Row.FindControl("btnDelete")).Visible = false;
}
}
}