All geek questions in one place

Design pattern for implementing a set of user permissions

I am trying to find the right way to implement and encode the following using desing patterns or a good object oriented solution:

There is a user class that can contain a set of permissions, each of which allows it to perform various actions in the application. The idea is to be able to tell a specific user object, for example, to delete an order, if it has any permissions that allow it to do this, to do it, and if not, to create an exception.

If someone has a place to read about it, this is also helpful. thanks

+6
source share
2 answers

C # /. NET has built-in functions for resolution.

Requirements for access to the function are set through the PrincipalPermissionAttribute class or inside the code using PrincipalPermission . To prevent a method call if the current user is not a member of the Administrators role, the following attribute is used (sample from MSDN ):

 [PrincipalPermission(SecurityAction.Demand, Role = "Administrators")] static void CheckAdministrator() { Console.WriteLine("User is an administrator"); }

Both of these checks correspond to the current identifier of the calling thread. So, you need to implement the IPrincipal interface IPrincipal that your users can be set as a stream identifier. You can then use the standard .NET PrincipalPermission to verify security. It works exactly the way you want - if the security requirement is not met, an exception is thrown.

+5
source

If one user can have several permissions, each permission allows different execution tasks, then you can take a look at the decorator template.

although it greatly depends on your requirements.

0
source

Source: https://habr.com/ru/post/903054/

More articles:


All Articles