DataTables
Advanced interaction
features for your tables.
Editor
Comprehensive editing
library for DataTables.
Manual
Download
Show site navigation

Reconciling statesave with visible property

Reconciling statesave with visible property

GregPGregP Posts: 487Questions: 8Answers: 0
in Free community support

I have a bit of a catch-22 I think, and I'm looking for advice on how I might solve it.

We are using stateSave to assist primarily with retaining pagination. Since statesave "remembers" the column visibility settings, making changes to a column definition's "visible" property has no effect.

Our application has the concept of administrators and "read-only" users. I have a bit of logic that modifies a DT parameters object thus (using underscore.js to locate the relevant column... if there's a "DT way" of getting the column on a non-initialized table, I'd be curious about that, too!):

  if(!memory.isAdmin){
    var controlCol = _.findIndex(dtProps.columns, {"className": "taskControl"});
    dtProps.columns[controlCol].visible = false;
  }

Without 'stateSave', it works as expected.

Any thoughts? The closest I have to a solution is to use the 'stateDuration' and switch it to using sessionStorage, since it is unlikely that there will be a user who can transition from admin status to read-only status during a session.

Any other thoughts out there?

This question has an accepted answers - jump to answer

Answers

  • allanallan Posts: 63,075Questions: 1Answers: 10,384 Site admin
    Answer ✓

    using underscore.js to locate the relevant column... if there's a "DT way" of getting the column on a non-initialized table, I'd be curious about that, too!

    It depends on exactly how you are doing it. Probably not a native DT way, but probably a native JS way.

    Regarding the column visibility, my suggestion is to not include the data or columns for the non-admin user at all. Otherwise you have a security hole and any non-admin user could simply use the API in their browser's console to view data that they shouldn't be able to.

    The only other option I can think of would be to disable the state saving of the column parameter.

    Allan

  • GregPGregP Posts: 487Questions: 8Answers: 0

    As always, thanks for the reply, Allan!

    The first iteration of this actually followed your suggestion, dynamically modifying both the DOM and the "columns" property so that the table column was simply never rendered. However, once we remembered that the back end will sanitize any requests anyhow (rejecting any admin requests by a non-admin user) we figured that the much simpler to manage "visible" property was the maintenance winner.

    I think based on your answer I'm about as far as I need to go, really. With statesave enabled and stateDuration at -1 (use session storage), my needs are probably already met. I mainly wanted a sanity check ("Greg, you numpty, there is a much better native way!" might have changed my strategy).

    Thanks again for your time,
    Greg

This discussion has been closed.

DataTables

DataTables designed and created by SpryMedia Ltd.
© 2007-2023 MIT licensed. Privacy policy. Supporters.
SpryMedia Ltd is registered in Scotland, company no. SC456502.