The following blocks of code will provide you with a method of iterating through all the controls on a page and performing some change on the properties of the control. In this particular example, we wanted to provide a simple means of locking controls down to users who did not have edit permissions in the application. This allowed the data to still be viewable to the user, but no means to edit the information.

The following blocks of code will provide you with a method of iterating through all the controls on a page and performing some change on the properties of the control. In this particular example, we wanted to provide a simple means of locking controls down to users who did not have edit permissions in the application. This allowed the data to still be viewable to the user, but no means to edit the information.

Implementing the class is fairly easy, the security mechanisms are all contained within a single class called Security.vb. Contained in this class are three methods, one method to iterate through the controls on the page, another to lockdown the page, and another helper method to determine the control's type and do the actual lockdown. The first methods we'll look at is the LockDownPage. This methods is going to be called by the page where we want to lockdown the controls. It accepts the page to be locked down, and an optional value to manually setting a read or write access.

Public Sub LockDownPage(ByVal Page As System.Web.UI.Page, _
       Optional ByVal Access As String = "R")
        Dim mycontrol As Control
        For Each mycontrol In Page.Controls
            If Access = "R" Then
                IterateControl(mycontrol, True)
            ElseIf Access = "W" Or Access = "A" Then
                IterateControl(mycontrol, False)
            End If
        Next
    End Sub

    'routine to iterate through all controls on the page.
    Private Sub IterateControl(ByVal controlObject As Control, _
         ByVal Lock As Boolean)
        Dim currentControl As Control
        If Lock Then
            LockDown(controlObject)
        Else
            LockDown(controlObject, True)
        End If
        For Each currentControl In controlObject.Controls
            IterateControl(currentControl, Lock)
        Next
    End Sub

Here we checked the Boolean value and then called the LockDown, we also call IterateControl again to see if there are child controls of the current control. Many controls are nested within other controls so in order to make sure we hit every control on the page we need to do this.

'lockdown routine, checks control type and applies appropriate disable action.

    Private Sub LockDown(ByVal UIControl As Control, _
              Optional ByVal ControlEnabled As Boolean = False)
        Try
            Select Case UIControl.GetType.Name
                Case "TextBox"
                    If UIControl.ID = "txtNeedToConfirm2" Then
                        CType(UIControl, _
                          Web.UI.WebControls.TextBox).Enabled = ControlEnabled
                    Else
                        CType(UIControl, _
                          Web.UI.WebControls.TextBox).Enabled = ControlEnabled
                    End If
                Case "DropDownList"
                    CType(UIControl, _
                       Web.UI.WebControls.DropDownList).Enabled = ControlEnabled
                Case "RadioButtonList"
                    CType(UIControl, _
                      Web.UI.WebControls.RadioButtonList).Enabled = ControlEnabled
                Case "CheckBox"
                    CType(UIControl, _
                      Web.UI.WebControls.CheckBox).Enabled = ControlEnabled
                Case "HtmlTextArea"
                    CType(UIControl, _
                      Web.UI.HtmlControls.HtmlTextArea).Disabled = Not ControlEnabled
                Case "Button"
                    CType(UIControl, _
                      Web.UI.WebControls.Button).Enabled = ControlEnabled
                Case "LinkButton"
                    If UIControl.ID = "lnkDelete" Then
                        CType(UIControl, _
                         Web.UI.WebControls.LinkButton).Enabled = ControlEnabled
                    End If
            End Select
        Catch ex As Exception
        End Try
End Sub

In this last method have the control passed to the method. Here we determine the control type. It seems like a lot to do instead of just making the control disabled. But, we wanted to have some room to grow in case we wanted to change the properties of the individual control In addition certain controls like HTMLControls do not have the "Enabled" property, rather their corresponding property is "Disabled".

Finally we wrap the above methods in our Security class and then make the call from the page we want to lockdown. We make this call in the Page_Load method within the calling page like so:

If Session("AccessLevel") = 0 Then
    Dim uc As New Security
    uc.LockDownPage(Me.Page)
End If

You can see we have some kind of security and authentication method built into the application. In this example, it's a Session variable we're checking. If the level is zero, then we just call the lockdown, no value is passed to the optional parameter of the function since by default it will lockdown the page.