All geek questions in one place

MVC User Data Security Protection

I'm starting to pamper ASP.Net MVC. One of the questions I have is recommendations for protecting user data. For example, in a salesperson script, they should be able to view their own data.

eg.

SalesData/Edit/14

It is very easy to change “14” to view other data that they may / may not have access to.

At this point, I think that in the controllers I check who is logging in and checks to see if they have access to the requested "id". The problem that I see in this is that it will be widely used, and I am looking for best practices on how to approach this. Should I look at CustomControllers? Filters? or what? Any articles / links for dealing with this would be appreciated.

+3
source share
3 answers

Configure methods for retrieving data from the database repository so that you can pass the UserIDcurrent user as a parameter. Then you can use the permissions table to filter data only for the data for which the user has access.

The permissions table must have two fields: UserIDand ContentID. Once this is set up, it’s quite simple to set up CRUD screens so that someone with administrator privileges can set permissions for the content.

+1
source

The problem that I see in this is that it will be widely used,

, . , IAuthorisationService.

, . CustomControllers? ? ?

, IAuthorisationService .
, :

/* Interfaces */
public interface IAuthorisationService {
    bool CanEdit(YourItem item);
}

public interface ICurrentUserProvider {
    YourUserEntity GetCurrentUser();
}

/* Implementations */
public class HttpUserProvider : ICurrentUserProvider {
    public YourUserEntity GetCurrentUser() {
        return HttpContext.Current.User.Principal as YourUserEntity;
    }
}

public calss RolesAuthorisationService : IAuthorisationService {
    ICurrentUserProvider userProvider
    public RolesAuthorisationService(ICurrentUserProvider userProvider) {
        this.userProvider = userProvider;
    }

    public bool CanEdit(YourItem item) {
        var u = userProvider.GetCurrentUser();
        if (u == null)
            return false;
        return item.Owner == u && u.IsInRole("EditYourItem");
    }
}

/* Controller */

public class MyController: Controller {
    IAuthorisationService authorisation;

    public MyController(IAuthorisationService authorisation) {
        this.authorisation = authorisation;
    }

    public ActionResult Edit(int id) {
        var item = GetTheItembyIdSomehow();
        if (!authorisation.CanEdit(item))
            return new HttpUnauthorizedResult();

        // Can do this
    }
}

ControllerFactory :

class DependencyInjectionContainer : WindsorContainer {
    public DependencyInjectionContainer() {
        RegisterDependencies();
    }

    private void RegisterDependencies() {

        // Services
        Register(
            AllTypes.Of<IDiscoverableService>()
                .FromAssembly(typeof(IDiscoverableService).Assembly)
                .Configure(c => c.LifeStyle.Transient)
                .WithService.FromInterface()
            );

        // Controllers
        Register(
            AllTypes.Of<IController>()
                .FromAssembly(typeof(DependencyInjectionContainer).Assembly)
                .Configure(c => c.LifeStyle.Transient)
            );
    }
}

class WindsorControllerFactory : DefaultControllerFactory, IDisposable {
    private readonly IWindsorContainer container;

    public WindsorControllerFactory() {
        container = new DependencyInjectionContainer();
    }

    protected override IController GetControllerInstance(Type controllerType) {
        if (controllerType == null)
            return base.GetControllerInstance(controllerType);
        return (IController) container.Resolve(controllerType);
    }

    public void Dispose() {
        container.Dispose();
    }
}
+1

IPrincipal Authorize (Roles = '...') . IPrincipal , .

Example: users create tasks. Each user can see their tasks. The GetTask (int taskId) method first filters the CreatedBy field using the identifier from IIdentity, and then accepts the job with the specified identifier. If the user does not have access to the data, the method will not return rows.

0
source

Source: https://habr.com/ru/post/1723949/

More articles:


All Articles