ARCHITECTURE : Enabling and disabling functionality in ASP.NET based on roles.

V

VSK

Hi all,

In our ASP.NET web application we have to enable or disable features in each
ASP.NET page based on role assigned to user.

Ex: if user who logs in is superisor then he can change phonenumber in
page1.aspx
if user who logs in is finaceofficial then he can just view the phone
number in page1.aspx

Thus Each page has elements whose functionality is enabled or disabled based
on roles.

Iam trying to do this checks in a Single class for all page and am not sure
whether it efficient.
My idea is to put code which checks the roles and enables and disabes server
controls in one class for easier maintenence.Not sure as to whether there is
any other alternative.

PS: am passing the entire Page object to the class :
objPageController.DeterminePageElements(this,"webform1");

Ex
a.aspx.cs
----------
private void Page_Load(object sender, System.EventArgs e)
{
PageController objPageController = new PageController();
objPageController.DeterminePageElements(this,"webform1");
}

PageController.cs
-----------------
public void DeterminePageElements(System.Web.UI.Page objPage,string
strPageName)
{
switch(strPageName){
case "webform1" :
//find the controls which are to be enabled or
//disabled from page collection.
//check for the role and credentials
//dummy code will be something like below
TextBox tb = objPage.FindControl("TextBox1");
if(security related checks)
{
tb1.Enabled = true;
}
else
{
}
case "" :
case "" :
....
}
}

Please let me know whether am doing anything wrong.

TIA for your patience
VSK
 
J

John Saunders

VSK said:
Hi all,

In our ASP.NET web application we have to enable or disable features in each
ASP.NET page based on role assigned to user.

Ex: if user who logs in is superisor then he can change phonenumber in
page1.aspx
if user who logs in is finaceofficial then he can just view the phone
number in page1.aspx

Thus Each page has elements whose functionality is enabled or disabled based
on roles.

Iam trying to do this checks in a Single class for all page and am not sure
whether it efficient.
My idea is to put code which checks the roles and enables and disabes server
controls in one class for easier maintenence.Not sure as to whether there is
any other alternative.

PS: am passing the entire Page object to the class :
objPageController.DeterminePageElements(this,"webform1");

Ex
a.aspx.cs
----------
private void Page_Load(object sender, System.EventArgs e)
{
PageController objPageController = new PageController();
objPageController.DeterminePageElements(this,"webform1");
}

PageController.cs
-----------------
public void DeterminePageElements(System.Web.UI.Page objPage,string
strPageName)
{
switch(strPageName){
case "webform1" :
//find the controls which are to be enabled or
//disabled from page collection.
//check for the role and credentials
//dummy code will be something like below
TextBox tb = objPage.FindControl("TextBox1");
if(security related checks)
{
tb1.Enabled = true;
}
else
{
}
case "" :
case "" :
....
}
}

Please let me know whether am doing anything wrong.

Why in the world would you want one class to be aware of all of your pages?

You can easily enable or disable a control by setting its Enabled property
based on IsInRole:

txtPhoneNumber.Enabled = Page.User.IsInRole("Supervisor")
 
V

VSK

this is the design in this company according to which when user logs in a
user object is created with uname,logintime, multiple roles(not single
role).

For each role we will get pagesection credentials.
Pagesectioncredentials table
----------------------------
pagesectioncredentailsid pageid sectionid roleid isenabled
1 1 1 1
0/1
where sectionid represents functionality in page.

So we have to get the roles and then pagesectioncredentails for each of them
and then enable or disable based on "isenabled" field.
There is no scope for changing DB design at this point of time....

i have worked with a user with single role in prev projects.this is new to
me.. :)

thanks for the suggestion

VSK
 
J

John Saunders

I said nothing about single roles. A user can be in multiple roles, and
IsInRole can be used to test for each one.

--
John

VSK said:
this is the design in this company according to which when user logs in a
user object is created with uname,logintime, multiple roles(not single
role).

For each role we will get pagesection credentials.
Pagesectioncredentials table
----------------------------
pagesectioncredentailsid pageid sectionid roleid isenabled
1 1 1 1
0/1
where sectionid represents functionality in page.

So we have to get the roles and then pagesectioncredentails for each of them
and then enable or disable based on "isenabled" field.
There is no scope for changing DB design at this point of time....

i have worked with a user with single role in prev projects.this is new to
me.. :)

thanks for the suggestion

VSK
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,743
Messages
2,569,478
Members
44,899
Latest member
RodneyMcAu

Latest Threads

Top