|bAllow (ByRef)||If False, the call is not processed, and an error is returned to the client.|
|sMethodName||The method name|
|hoMessage||The method handle|
|bIsFunction||Is the method a function?|
Procedure AllowServerAction Boolean ByRef bAllow String sMethodName Handle hoMessage Boolean bIsFunction
Before a published function or procedure is called (from the client), AllowServerAction is called. This provides the basic hook for controlling server actions based on user rights.
If the bAllow parameter is set to False, the call is not processed, and an error is returned to the client.
The cWebBaseUIObject class (the base class for all UI objects) overrides this procedure and checks if a control is accessible using IsControlAccessible. This means that only controls that are enabled and visible on the client will now process events.
pbNoAccessibilityCheck is called for each server action and controls whether the framework looks at pbRender, pbVisible and pbEnabled of itself or its parents to determine if the control is accessible.
This procedure can be overridden to customize the behavior. Note that not doing a forward send will make it skip the new security check. Some controls might override this procedure to enable specific server actions when a control is disabled.