This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 82%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
i am working on a aspx page and vb.net
how can i disable deleteing rows for some user from a gridview
looking forward
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 62%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDX%3C/text%3E%3C/svg%3E)
Hi Simon, do you mean you want to implement such a function? Control the display of the delete button in the GridView and the validity of the delete operation according to the user's role or permission to ensure that only users with corresponding permissions can delete rows.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 32%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
There is insufficient information here to fully address your question. Can you please provide us clarification on exactly what you're trying to accomplish? Information on what you've already tried and screenshots, if appropriate, would be useful.
Based upon the statement "disable deleting rows for some users" it sounds like you want to enable permissions in your app such that some users can delete records while others cannot. Is this correct?
If so then the first question is how are you authenticating your users? The follow up question is how you determine what users can and cannot delete records? If you haven't implemented any of this logic yet then you're going to have to work on that part first.
On the UX side you also need to decide how you want to bubble this up. Presumably you have a "delete" button or something in your UX and ideally some sort of confirmation UX when it is clicked. The best solution is for the UX to remove the delete UX when the user doesn't have the permission. This can be handled by your rendering code not showing the button if the user doesn't have permissions. But it depends on how you are rendering the grid. For a more traditional approach refer to something like this. Of course the Visible button is a somewhat clean approach but if you don't trust users then you probably should ensure it doesn't render at all. An alternative, as discussed later in the post, is to handle this at row binding. It'll depend on whether you're using codebehind or eventing to manage your GridView, you can go either way. If you're populating the data on the client side then that would change things as well.
But, again, this is dependent on how you authenticate your users and how you determine whether they have permissions or not. At a minimum, if we assume you are using traditional authentication and you have already hooked into the HttpContext.User object to manage your user information, you'd need to look at the "permissions" of the user and determine whether they have the necessary rights or not. If you're using a claims-based approach then it might be a claim or role the user is in. Again, depends on how you're going to implement this on your security side.
Remember that a user can generate a server-side request irrelevant of the UX so ultimately your server side code that handles the request to delete a record should also ensure the user is allowed to perform the delete. This server-side check should always be done irrelevant of what the UX does. If you have implemented a web API solution then this can be handled on the API side, otherwise the codebehind for the delete button should validate the permissions.