Check role-based permissions for all actions in a centralized or clean way in .Net applications

Question

Check role-based permissions for all actions in a centralized or clean way in .Net applications

I try to avoid the usual:

if(!user.HasPermission(Actions.UpdateRecord))
{
 // code to update record
}

on a large number of permissions throughout my application.

I am looking for a tool for checking permissions in an efficient and (if possible) elegant style. In this case, there are several actions in each resolution.

+3

c # .net permissions

RBZ Feb 13 '11 at 1:18

source share

2 answers

. , . - . factory. factory .

:

public abstract class SecureAction
{
    public void PerformAction();
}

public class UpdateRecords : SecureAction
{
    public void PerformAction()
    {
        //code to do the update
    }
}

public class DoesNotHavePermissionAction : SecureAction
{
    public void PerformAction()
    {
        //code to handle missing permissions
    }
}

public class SecureActionFactory
{
    public void GetUpdateRecordsAction(User user)
    {
        if(user.HasPermissions(Actions.UpdateRecord)) {return new UpdateRecordsAction();}

        return new DoesNotHavePermissionAction();
    }
}

0

tallseth 13 . '11 1:47

John Sobolewski · Accepted Answer · 2011-02-13T01:34:17+0000

How about placing a decorator on your dataaccess objects. The decorator pattern is very useful for performing actions such as handling permissions. Your dataAccess level can only access data, and then decorate these classes by processing only permissions and permissions.

It is very elegant ...

http://en.wikipedia.org/wiki/Decorator_pattern

Check role-based permissions for all actions in a centralized or clean way in .Net applications

More articles: