Abstract to Privileges rather than to Roles in ASP.NET Applications
page 3 of 3
by Steven Smith
Average Rating: This article has not yet been rated.
Views (Total / Last 10 Days): 27603/ 63
Article Contents:


You can read more about this approach and download sample code from my related blog post on this subject, Favor Privileges over Role Checks.  You can follow me on twitter or subscribe to my blog feed to be notified about additional articles and discussions on related topics.

View Entire Article

User Comments

Title: Dermatal   
Name: Dermatal
Date: 2010-12-30 1:42:12 AM
It is a actually adequate apprehend for me, to acquire that you are a allotment of the finest bloggers I acquire seen. Thanks for publishing this aboveboard cavalcade Developer Symposium | Trust.. Continue the adequate work, I acquire added you to my blogroll.
Title: Nice solution, but there is at least one other way   
Name: Mark Kamoski
Date: 2010-12-29 11:56:04 AM
Nice solution, but there is at least one other way. I usually use an added table bolted onto the ASP.NET Application Services tables that maps (object-type and action-type) and then grants (or denies) access to that operation. The calls look like something like this... bool hasPermission = SecurityHelper.HasPermission(CurrentUserName, ObjectName, ActionName); ...and so on. That works OK too. Just a thought. Thank you. -- Mark Kamoski
Title: use static   
Name: Trevor
Date: 2010-12-29 11:12:51 AM
I would prefer to see a static method below. ie.


That way you don't need to instantiate a class for no reason.

var articlePrivilege = new ArticlePrivilege();
if(articlePrivilege.AuthorizedToEdit(article, currentUser))
editLink.Visible = true;

Product Spotlight
Product Spotlight 

Community Advice: ASP | SQL | XML | Regular Expressions | Windows

©Copyright 1998-2021 ASPAlliance.com  |  Page Processed at 2021-12-01 8:24:10 AM  AspAlliance Recent Articles RSS Feed
About ASPAlliance | Newsgroups | Advertise | Authors | Email Lists | Feedback | Link To Us | Privacy | Search