creating a _simple_ fine grained user based security system
-
hi, (I want someone to check if my idea is utterly stupid or ok??) I have a mid complex app for a hotel that needs a fine grained user security system. In other words an admin should be able to deny/grant specific access to users like Ability to make a Reservation or the ability to print reports. Now, I'm thinking the business objects could take something like: enum UserPrivileges { various privileges....... }; IPrivilegedUser { public UserPrivileges Privileges { get; } } The user class inherits from this interface, the business objects could take this user in a function and return true/false as per the needed privileges, or maybe throw an exception: User user1 = new User(); //class User inherits from IPrivilegedUser and loads the right privileges from the DB Reservations.LoadPrivileges(user1);//check the returned value..?? Reservations.EditReservation() // calling this should fail if the privileges are not enough!? Is this a good enough design, will it break apart somewhere or is there a better way to do this? Declarative security like CAS in .NET would be an overkill since its not a very large app, but I do need the design to be flexible enough so that if the app does grow big I'm not in a mess. Thanks Gideon
-
hi, (I want someone to check if my idea is utterly stupid or ok??) I have a mid complex app for a hotel that needs a fine grained user security system. In other words an admin should be able to deny/grant specific access to users like Ability to make a Reservation or the ability to print reports. Now, I'm thinking the business objects could take something like: enum UserPrivileges { various privileges....... }; IPrivilegedUser { public UserPrivileges Privileges { get; } } The user class inherits from this interface, the business objects could take this user in a function and return true/false as per the needed privileges, or maybe throw an exception: User user1 = new User(); //class User inherits from IPrivilegedUser and loads the right privileges from the DB Reservations.LoadPrivileges(user1);//check the returned value..?? Reservations.EditReservation() // calling this should fail if the privileges are not enough!? Is this a good enough design, will it break apart somewhere or is there a better way to do this? Declarative security like CAS in .NET would be an overkill since its not a very large app, but I do need the design to be flexible enough so that if the app does grow big I'm not in a mess. Thanks Gideon
2 words. MembershipProvider. RoleProvider. These providers will more than take care of your needs.
Deja View - the feeling that you've seen this post before.
-
2 words. MembershipProvider. RoleProvider. These providers will more than take care of your needs.
Deja View - the feeling that you've seen this post before.
aren't those classes for ASP.NET? I'm doing a Windows Desktop application.
-
aren't those classes for ASP.NET? I'm doing a Windows Desktop application.
Doesn't matter - you can use them with desktop apps as well - I've done it.
Deja View - the feeling that you've seen this post before.
-
Doesn't matter - you can use them with desktop apps as well - I've done it.
Deja View - the feeling that you've seen this post before.
Cool.Thanks so much.