W
wiernyjacek
I have a .NET 2.0 web application consisting of few tabs with
different functionality (for students to carry out tests, for teachers
to evaluate them). Each tab contains few components with certain
functionality (calendar, lists, buttons, combo-boxes). Depending on
the role the user can access certain tabs, can see certain controls
(eg. students can only see the tabs with the tests, and the Teacher
can access all tabs, except the personal students data).
In addition, every user having a certain role assigned eg. teacher can
enter work results only for his own students (so the users working as
a teacher can have different scopes of students assigned). This part
of settings identify what the user can do.
Yet there is a business logic, eg. the teacher can only have the
button Evaluate available once the student mark his test as Done.
I think that managing roles and scopes is a very typical problem (how
to define the GUI, how to construct the controls to manage
privileges).
I don't want to program each role seperately, but rather manage some
settings, so adding the role would let me just configure the controls
and implementing the business logic would mean managing a sort of map
of the current tab stage (this is just my feeling about it).
Does anyone know of a book/publication with the design patters for
managing roles? What is the best solution for such problem. The
security in terms of encryption and possible intrussion attaks are not
an issue.
Thanks for all the information.
different functionality (for students to carry out tests, for teachers
to evaluate them). Each tab contains few components with certain
functionality (calendar, lists, buttons, combo-boxes). Depending on
the role the user can access certain tabs, can see certain controls
(eg. students can only see the tabs with the tests, and the Teacher
can access all tabs, except the personal students data).
In addition, every user having a certain role assigned eg. teacher can
enter work results only for his own students (so the users working as
a teacher can have different scopes of students assigned). This part
of settings identify what the user can do.
Yet there is a business logic, eg. the teacher can only have the
button Evaluate available once the student mark his test as Done.
I think that managing roles and scopes is a very typical problem (how
to define the GUI, how to construct the controls to manage
privileges).
I don't want to program each role seperately, but rather manage some
settings, so adding the role would let me just configure the controls
and implementing the business logic would mean managing a sort of map
of the current tab stage (this is just my feeling about it).
Does anyone know of a book/publication with the design patters for
managing roles? What is the best solution for such problem. The
security in terms of encryption and possible intrussion attaks are not
an issue.
Thanks for all the information.