public class MyBusinessWebPage : mmBusinessWebPage { #region ImmSecurityBase Members // RAS: Security implementation changes /// <summary> /// Access Level property. Setting this property automatically fires the /// associated "Set Access" method. /// </summary> [Browsable(false), Category("Security"), Description("The Access Level set for this control."), Editor(typeof(mmControlIDTypeEditor), typeof(UITypeEditor)), DefaultValue(null)] public virtual mmSecurityAccessLevel AccessLevel { get { return this._accessLevel; } set { this._accessLevel = value; } } private mmSecurityAccessLevel _accessLevel = mmSecurityAccessLevel.Full; /// <summary> /// Unique security control ID for the web form itself /// </summary> [Browsable(true), Category("Security"), Description("Unique security control ID."), Editor(typeof(mmControlIDTypeEditor), typeof(UITypeEditor)), DefaultValue(null)] public virtual Guid ControlID { get { return this._controlID; } set { this._controlID = value; } } private Guid _controlID = Guid.Empty; #endregion public MyBusinessWebPage() { } protected override void OnLoad(EventArgs e) { // Do default page loading, which includes redirect to Login page if needed base.OnLoad (e); // *** Check to see if user has permissions for this page if (this.RequiresSecurity && !this.CheckPageLevelSecurity()) { return; } } /// <summary> /// Checks to see if this page has security restrictions. /// Displays error message instead of regular content if user doesn't have correct permissions /// </summary> public virtual bool CheckPageLevelSecurity() { if (this.SecurityUserPk == null) { // If user is not logged in, then they definitely don't have permissions this.AccessLevel = mmSecurityAccessLevel.None; } else { // Get this user's access level to this web page this.AccessLevel = this.SecurityManager.GetAccessLevel(this.SecurityUserPk, this.ControlID); } // If this user has no permissions for this page, redirect to the Error Message page if (this.AccessLevel == mmSecurityAccessLevel.None) { string Header = "Permission Denied"; string Message = "You do not have sufficient permissions to access this web page!"; string Url = "javascript: history.go(-1)"; int Timeout = 30; mmMessageDisplay.DisplayMessage(Context, Header, Message, Url, Timeout); return false; } else { return true; } } }