Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • World
  • Users
  • Groups
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Code Project
CODE PROJECT For Those Who Code
  • Home
  • Articles
  • FAQ
Community
  1. Home
  2. General Programming
  3. Design and Architecture
  4. creating a _simple_ fine grained user based security system

creating a _simple_ fine grained user based security system

Scheduled Pinned Locked Moved Design and Architecture
csharpdatabasedesignsecuritybusiness
5 Posts 2 Posters 0 Views 1 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • G Offline
    G Offline
    giddy_guitarist
    wrote on last edited by
    #1

    hi, (I want someone to check if my idea is utterly stupid or ok??) I have a mid complex app for a hotel that needs a fine grained user security system. In other words an admin should be able to deny/grant specific access to users like Ability to make a Reservation or the ability to print reports. Now, I'm thinking the business objects could take something like: enum UserPrivileges { various privileges....... }; IPrivilegedUser { public UserPrivileges Privileges { get; } } The user class inherits from this interface, the business objects could take this user in a function and return true/false as per the needed privileges, or maybe throw an exception: User user1 = new User(); //class User inherits from IPrivilegedUser and loads the right privileges from the DB Reservations.LoadPrivileges(user1);//check the returned value..?? Reservations.EditReservation() // calling this should fail if the privileges are not enough!? Is this a good enough design, will it break apart somewhere or is there a better way to do this? Declarative security like CAS in .NET would be an overkill since its not a very large app, but I do need the design to be flexible enough so that if the app does grow big I'm not in a mess. Thanks Gideon

    P 1 Reply Last reply
    0
    • G giddy_guitarist

      hi, (I want someone to check if my idea is utterly stupid or ok??) I have a mid complex app for a hotel that needs a fine grained user security system. In other words an admin should be able to deny/grant specific access to users like Ability to make a Reservation or the ability to print reports. Now, I'm thinking the business objects could take something like: enum UserPrivileges { various privileges....... }; IPrivilegedUser { public UserPrivileges Privileges { get; } } The user class inherits from this interface, the business objects could take this user in a function and return true/false as per the needed privileges, or maybe throw an exception: User user1 = new User(); //class User inherits from IPrivilegedUser and loads the right privileges from the DB Reservations.LoadPrivileges(user1);//check the returned value..?? Reservations.EditReservation() // calling this should fail if the privileges are not enough!? Is this a good enough design, will it break apart somewhere or is there a better way to do this? Declarative security like CAS in .NET would be an overkill since its not a very large app, but I do need the design to be flexible enough so that if the app does grow big I'm not in a mess. Thanks Gideon

      P Offline
      P Offline
      Pete OHanlon
      wrote on last edited by
      #2

      2 words. MembershipProvider. RoleProvider. These providers will more than take care of your needs.

      Deja View - the feeling that you've seen this post before.

      My blog | My articles | MoXAML PowerToys

      G 1 Reply Last reply
      0
      • P Pete OHanlon

        2 words. MembershipProvider. RoleProvider. These providers will more than take care of your needs.

        Deja View - the feeling that you've seen this post before.

        My blog | My articles | MoXAML PowerToys

        G Offline
        G Offline
        giddy_guitarist
        wrote on last edited by
        #3

        aren't those classes for ASP.NET? I'm doing a Windows Desktop application.

        P 1 Reply Last reply
        0
        • G giddy_guitarist

          aren't those classes for ASP.NET? I'm doing a Windows Desktop application.

          P Offline
          P Offline
          Pete OHanlon
          wrote on last edited by
          #4

          Doesn't matter - you can use them with desktop apps as well - I've done it.

          Deja View - the feeling that you've seen this post before.

          My blog | My articles | MoXAML PowerToys

          G 1 Reply Last reply
          0
          • P Pete OHanlon

            Doesn't matter - you can use them with desktop apps as well - I've done it.

            Deja View - the feeling that you've seen this post before.

            My blog | My articles | MoXAML PowerToys

            G Offline
            G Offline
            giddy_guitarist
            wrote on last edited by
            #5

            Cool.Thanks so much.

            1 Reply Last reply
            0
            Reply
            • Reply as topic
            Log in to reply
            • Oldest to Newest
            • Newest to Oldest
            • Most Votes

            • Login
            • Don't have an account? Register
            • Login or register to search.
            • First post
              Last post
            0
            • Categories
            • Recent
            • Tags
            • Popular
            • World
            • Users
            • Groups