Databases
StackOverflow2013
Postsdbo
POHow do you do Access Control in C#?
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POHow do you do Access Control in C#?
    primarykey
    data
    text
    <p>How do you do Business-logic level access control in C#? I started tinkering with a simple system last night that lives inside LINQ objects, but I realized that I'd never seen a particularly clean access control system. I'd like to know how the gurus do it and see if you spot any holes in my late night toy. </p> <p>I feel like I'm jumping through some unneeded hoops in order to build a flexible read-only access control object, it just seems like there should be some framework prebuilt widget I'm unaware of.</p> <pre><code>#region Simple Demo public class SomeObject { public AccessControl AccessControl; public SomeObject() { ConfigureAccessControl(); } private void ConfigureAccessControl() { AccessControlBuilder acb = new AccessControlBuilder(); acb.AddRole(UserTypes.Admin, true, true); acb.AddRole(UserTypes.Anonymous, true, true); acb.AddRole(UserTypes.Owner, true, true); acb.AddRole(UserTypes.User, true, true); AccessControl = acb.GetAccessControl(); } } public class ObjectFactory { private int _requestingUserId; public ObjectFactory(int RequestingUserId) { _requestingUserId = RequestingUserId; } public SomeObject GetSomeObject() { SomeObject sso = new SomeObject(); if (sso.AccessControl.UserAllowed(_requestingUserId, UserActions.Read)) return new SomeObject(); else throw new Exception("Unauthorized Access"); } } #endregion #region AccessControl Code public class AccessControl { private Hashtable _data = new Hashtable(); public AccessControl(Hashtable data) { _data = data; } public bool UserAllowed(int UserId, UserActions Action) { //Assorted app-specific logic here to determine role. //Determine if User is Admin //Determine if User is Owner //Determine if User is Logged In //Determine if User is Anonymous //Check read/write for determined role return true; } protected AccessControlSettings Role(UserTypes ut) { return (AccessControlSettings)_data[ut]; } } public class AccessControlBuilder { private Hashtable _data = new Hashtable(); public void AddRole(UserTypes ut, bool read, bool write) { _data.Add(ut, new AccessControlSettings(read, write)); } public AccessControl GetAccessControl() { return new AccessControl(_data); } } public enum UserActions { Read, Write } public enum UserTypes { Admin, Owner, User, Anonymous } public class AccessControlSettings { //Wraps specific access options so we make them set once in the builder public bool Read { get { return _read; } } public bool Write { get { return _write; } } private bool _read; private bool _write; public AccessControlSettings(bool read, bool write) { _read = read; _write = write; } } #endregion </code></pre>
    singulars
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PTQuestion
    1. This table or related slice is empty.
    1. USuser209982
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. VO
      singulars
      1. POHow do you do Access Control in C#?
      1. USuser209982
      1. VTFavorite
    2. VO
      singulars
      1. POHow do you do Access Control in C#?
      1. This table or related slice is empty.
      1. VTUpMod
    3. VO
      singulars
      1. POHow do you do Access Control in C#?
      1. USMirek
      1. VTFavorite
    1. This table or related slice is empty.
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload