Databases
StackOverflow2013
Postsdbo
POASp.NET MVC EF4 SQL Table or Field level security
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POASp.NET MVC EF4 SQL Table or Field level security
    primarykey
    data
    text
    <p>I have an slightly unusual security requirement, and I'm looking for advice on best practice, or at-least non-brittle approaches.</p> <p>Scenario: Intranet system. Data about a number of related entities is to be considered as private. This is known as the unpublished part of the system. Only certain users can access this data. At some stage the users make a selection from this data, mark some records and publish them to the "published" side. The data published to the published side is removed from the unpublished side. The bulk of the systems users can then work on the records in the published side.</p> <p>I know this sounds like a bool field on a parent record, flagging as published or unpublished, but let me explain how the system we are replacing tackles the issue - this is the level of security we need to emulate. It is a flat file database (Dataflex) with the unpublished and published data in separate tables, on separate server drives, backed up to separate tapes, in different rooms, with physical access by different people. Network rights ensure that the published users cannot get at the unpublished data. The software also manages rights, but if that goes wrong, or a programmer makes a mistake, they still can't access the wrong data. Sys admins who could potentially broach this data have positive vetted security clearance.</p> <p>So what I am looking for is advice on how to achieve an architecture with MVC, EF4, SQL that achieves this. At one extreme I build two systems with two sql databases, different rights: potentially with the differences contained within web.config so its actually the same codebase. At the other end of the scale its the flag in the table with controller methods marked up to deny access. (Thats no good because if a programmer messes up say a search query and it returns data from the wrong category, and it makes it out of the building unnoticed, its likely to result in human sacrifice, dogs and cats living together... mass hysteria)</p> <p>Sorry for the lengthy description. Best practices or other advice on how to access this sought.</p>
    singulars
    1. PO
      singulars
      1. PTAnswer
    1. This table or related slice is empty.
    1. PTQuestion
    1. This table or related slice is empty.
    1. USAndiih
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PO
      singulars
      1. PTAnswer
    2. PO
      singulars
      1. PTAnswer
    3. PO
      singulars
      1. PTAnswer
    1. VO
      singulars
      1. POASp.NET MVC EF4 SQL Table or Field level security
      1. USPradeep
      1. VTFavorite
    2. VO
      singulars
      1. POASp.NET MVC EF4 SQL Table or Field level security
      1. This table or related slice is empty.
      1. VTUpMod
    1. COout of curiosity, what industry are you working in? :)
      singulars
      1. POASp.NET MVC EF4 SQL Table or Field level security
      1. USRPM1984
    2. COIt's associated with the Royal Household.
      singulars
      1. POASp.NET MVC EF4 SQL Table or Field level security
      1. USAndiih
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload