Print
Add To Favorites
Email To Friend
Rate This Article
|
Abstract to Privileges rather than to Roles in ASP.NET Applications
|
by Steven Smith
Feedback
|
Average Rating: This article has not yet been rated.
Views (Total / Last 10 Days):
25335/
27
|
|
|
Conclusion |
You can read more about this approach and download sample
code from my related blog post on this subject, Favor
Privileges over Role Checks. You can follow
me on twitter or subscribe
to my blog feed to be notified about additional articles and discussions on
related topics.
|
|
|
User Comments
Title:
Dermatal
Name:
Dermatal
Date:
2010-12-30 1:42:12 AM
Comment:
It is a actually adequate apprehend for me, to acquire that you are a allotment of the finest bloggers I acquire seen. Thanks for publishing this aboveboard cavalcade Developer Symposium | Trust.. Continue the adequate work, I acquire added you to my blogroll.
|
Title:
Nice solution, but there is at least one other way
Name:
Mark Kamoski
Date:
2010-12-29 11:56:04 AM
Comment:
Nice solution, but there is at least one other way. I usually use an added table bolted onto the ASP.NET Application Services tables that maps (object-type and action-type) and then grants (or denies) access to that operation. The calls look like something like this... bool hasPermission = SecurityHelper.HasPermission(CurrentUserName, ObjectName, ActionName); ...and so on. That works OK too. Just a thought. Thank you. -- Mark Kamoski
|
Title:
use static
Name:
Trevor
Date:
2010-12-29 11:12:51 AM
Comment:
I would prefer to see a static method below. ie.
ArticlePrivilege.AuthorizedToEdit
That way you don't need to instantiate a class for no reason.
---- var articlePrivilege = new ArticlePrivilege(); if(articlePrivilege.AuthorizedToEdit(article, currentUser)) { editLink.Visible = true; } ----
|
|
Product Spotlight
|
|