asp.net Can I force every page to inherit from a base page? Also should some of this logic be in my master page?

Question

I have a web app that has a base page.

Each page needs to inherit from this base page as it contains properties they all need as well as dealing with the login rights.

My base page has some properties, eg: IsRole1, IsRole2, currentUserID, Role1Allowed, Role2Allowed.

On the init of each page I set the properties "Role1Allowed" and "Role2Allowed"

 Private Sub Page_Init(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Init

    Role1Allowed = True
    Role2Allowed= False

End Sub

The basepage then decides if the user needs redirecting.

'Sample code so not exactly what is going to be, bug gives the idea

 Protected Overridable Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs)
          If Role1Allowed And Not Role1 Then
'Redirect somewhere
          End If 
       End Sub

The page then must override this pageload if they need anything else in it, but making sure they call the base pageload first.

  Protected Overrides Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
    MyBase.Page_Load(sender, e)
    If Not IsPostBack Then
        BindGrid()
    End If
End Sub

The other properties (IsRole1, IsRole, currentUserID) are also accessible by the page so it can be decided if certain things need doing based on the user.

(I hope this makes sense)

Ok so I have 2 questions

1. Should this functionality be in the base page or should it somehow be in the master, and if so how would I get access to all the properties if it was?
2. As there are multiple people working on this project and creating pages some are forgetting to inherit from this basepage, or call the base pageload when overriding it. Is there any way to force them to do this?

Answer 1

As Moo-Juice said in his answer, you can't force specific class to inherit other class.

However, using HttpModule you should be able to get the current Page instance and then simple check of its type (in C# it's if (!page is BaseClass)) should tell if it's inheriting from base page or not, and if not throw some error.

Answer 2

Should this functionality be in the base page or should it somehow be in the master

Either is okay, but you also have the same problem either way - developers can forget to inherit from a base page, and developers can also forget to include a reference to a master page. You have to decide which is less likely to happen. Master pages are also more likely to be used on non-secure pages as they contain the common style and visual elements of a site, so maybe your best option is to have a "secure" base page.

be in the master, and if so how would I get access to all the properties if it was?

If you embed the functionality in the Master page you can get to the public properties of the Master by using the Page.Master from the code behind of the regular aspx page.

Is there any way to force them to do this?

Code reviews. Or you could write a rule for a static code analysis tool like StyleCop, and have it run every time someone checks a page in to the source repository.

Your best solution may be a combination of a base class which implements some of the role based code you speak of, and a page template that should be used for any new pages - you have the appropriate base class calls already set up in the template file. But this still isn't bullet proof, in which case refer to my other point above - code reviews and static code analysis.

Answer 3

1. Yes, it should be in the base page. In my opinion, the Master Page exists for design purposes only and is purely visual layout. Some of that layout, of course, might depend on permissions but it makes no decisions itself, that is entirely up to the base-page classes. This has the added advantage of using different Master pages without losing the functionality in your page classes. Which is nice.

2. AFAIK, you have to change the base class of your 'code-behind' page-class manually. To detect issues where developers are not deriving from the appropriate class:

   • Tell them to pay attention ( :P )
   • Write some code using reflection that examines the pages in your assembly and throws out some kind of warning text if it is not derived from the right class. Bonus points if the developers' name can be included in this output.
   • With regards to ensuring a method is called, you could set some kind of flag that is set only in that method and throw an exception further down the rendering chain if it has not been set.
   • Better yet, make sure it gets called regardless of what the developer has decided to do.