c# - Role-Based Access Control to a User -


i have application mvc 4.0 using entity framework.

i have user table, role table, type table.

role can out of two: administrator, user

type can out of 8: none, admin, asst.admin, ......

so want allow different pages accessed based on type below:

1) types defined: 

none    con     acc     rec     st      fr      admin  asad  ( <-- types) ----------------------------------------------------------

1.a) update client: 

none    none    none    none    edit    view    full  full  ( <-- roles)

1.b) new client: 

none    none    none    view    view    edit    full  full  ( <-- roles)

so how achieved ?

you can achieve authorizeattribute:

[attributeusage(attributetargets.class | attributetargets.method)] public sealed class actionpermissionattribute : authorizeattribute {     public override void onauthorization(authorizationcontext filtercontext)     {         var controllername = filtercontext.actiondescriptor.controllerdescriptor.controllername;         var actionname = filtercontext.actiondescriptor.actionname;

add attribute actions need have authorised - add @ controller makes easier or create base controller inherits controller , inherit controllers that.

you can store controller+action vs role in db

        // allowed groups controller+action database (cache this)         // ad groups current user in (or db etc)         var usergroups = httpcontext.current.request.logonuseridentity.groups                          .translate(typeof(system.security.principal.ntaccount))         // check if user in in required group

if want have permissions defined in code per action, add properties attribute , attribute constructor required.

i didn't understand role vs type, in mvc action (method) lock down individual actions (there's no 'edit' action called 'edit').


Comments

Post a Comment

Popular posts from this blog

android - MPAndroidChart - How to add Annotations or images to the chart -

i working latest mpandroidchart library , looking way add annotations or images clickable. example: once data reaches value event occurs want able display user - there multiple events can occur annotations (not sure if right word) or image added @ point in chart. any pointers welcome. check documentation of yaxis . focus on setspacetop(...) , setaxismaxvalue(...) methods. for background: bar-shadow , disable calling: barchart.setdrawbarshadow(false) or change color: bardataset.setbarshadowcolor(int color)
Read more

javascript - Add class to another page attribute using URL id - Jquery -

i have attached id url. ex: when click link 1 , has #tab-2 id , takes me landing page. in landing page have find element has #tab-2 id have add class .active . i tried no luck. please 1 correct code. thanks js fiddle link html <div class="menu"> <ul> <li><a href="http://jsfiddle.net/gscyoa0j/1/#tab-2">link 1</a></li> <li><a href="http://jsfiddle.net/gscyoa0j/1/#tab-44">link 2</a></li> <li><a href="http://jsfiddle.net/gscyoa0j/1/#tab-74">link 3</a></li> </ul> </div> landing page <div class="tab"> <ul> <li><a id="tab-2" class="active" >link 1 content</a></li> <li><a id="tab-44" >link 2 content</a></li> <li><a id="tab-74" >link 3 content</a></l...
Read more

firefox - Where is 'webgl.osmesalib' parameter? -

i'm trying webgl running on firefox (v37.0.2) via software acceleration mesa. tried following steps have been stated in article: http://www.binarytides.com/enable-webgl-firefox-ubuntu/ however, unable find parameter named ' webgl.osmesalib ' in about:config section? has been removed (or renamed)? if yes, how should instruct firefox use mesa's software acceleration webgl? looks support osmesa removed in favour llvmpipe.
Read more