Sorry for the length here ... I hope I did not go overboard ...
I am working on my first MVC product and I try to adhere to the DDD principles in this process. I came across some questions regarding how to deal with application security requirements and thought that I would see if the SO community can offer some best practice recommendations.
Domain Information
To use a simplified explanation, this application will have AffiliateCompanies, Usersand Customers.
AffiliateCompaniesare hierarchical, so one partner can register and become attached to the actions of another partner. Root is the main company providing products / services.Users all belong to an affiliate.Customers- organizations in which products / services are sold. Branches are assigned to clients in such a way that it is possible for two hierarchically unrelated branches to separate the client.
Safety information
The rights to perform certain actions in the application will be determined based on the type of ACL. Each object Userhas a property, which is a set SystemAccessRulesthat determines what actions they can perform and what is the scope of their permissions (their own objects, their child objects, or all their hierarchy objects). Users can also belong to roles that themselves have the same set SystemAccessRules.
, , , , , , - .
DDD , - . ( ) :
AffiliateCustomers - " " , PK FK, PK .ACL - , ( ), (, "CreateCustomer" ), ( ) ( , ).
...
. - , - "" , . Linq, , , , . , :
( ), Linq. , , , ACL, . Linq ( this), .
, , ...
, (, " " ) , , EXISTS CTE, .
, DDD .
, , , . , ( , ).
- , , , ? , .