posted on Thursday, May 27, 2004 2:09 PM
by
stefandemetz
ASP.NET controls - Granular security
1) you need a repository for your permissions ie a database structure
2) design user, page, group then usergroups,pagegroups tables linking all with proper keys
a) associate users to groups and groups to pages in composite tables usergroups,pagegroups
3) add permission columns for view, add, update, delete - one column for each permission - setting 0/1 for allowed/not
4) build custom(extended) base page which
a)does the lookup of user on these tables to retrieve permission sets
b)loads the permissions into session
c)authentication of user ie if user's group does not have permissisons on page
5) build custom(extended) webcontrols which
a)map a (design time)property to the above permissions
b)verify the above permissions
c)do something based on b) eg hide, set enabled=false, change CSSClasss attrubue or other cool stuff like hiding EditCommandColumn and ButtonColumn in a datagrid
6) add custom assembly to VS.NET