I am working on an internal web application (only employees can log in) and need some help to find a good approach to handling individual user access rights to the system.
The system itself is located in C # / ASP.NET (4.0 / Webforms / Forms Authentication) / SQL Server 2008 and has several different areas that will have different permission sets. You can think about it in the basic crud script (create, view, update, delete), although they will apply to various aspects of the system.
(I want to mention that this is not a type of CMS system, so I cannot select an open source project such as DotNetNuke or anything else. It is developed from scratch. I can use open source libraries if they are available though .)
What would be a good approach to designing a User Permission system for a complex system, possibly with 5-6 different sections that contain 10-15 different views / updates / deletions contained in each section?
The goal is to do this:
- It is clear for users (admins) to use / configure.
- Easy code maintenance.
- Easy to adapt as new permissions are needed (different types or in different places).
Two approaches come to mind:
Approach 1:
ASP.NET, . . , , . (HttpContext.User.IsInRole() ..).
, , , , . , , .
2:
. scenerio / . , , - - . ..
, . . , , Roles 1. .
, , - . - , /? "" . , "" , , . !