Databases
StackOverflow2013
Postsdbo
PO
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    primarykey
    data
    text
    <p>1.Decorate your user creation and permission setting actions with Authorize attribute (Notify, that usage of Roles property of AuthorizeAttribute requires implementation of MembershipProvider (standart or custom) and registering it in web.config)</p> <pre><code>public class AccountController : Controller { [HttpGet, Authorize(Roles = "Admin")] public ViewResult CreateUser() { return View(); } [HttpPost, Authorize(Roles = "Admin")] public ActionResult CreateUser() { //... call service method to create user } [HttpPost, Authorize(Roles = "Admin")] public ActionResult AssignPageToUser(int userId, string controllerName, string ActionName) { //... insert record into table (UserPermissions) with attributes (userId, actionName, controllerName) } // other methods without decoration by authorize attribute } </code></pre> <p>Next paragraphs are correct if you really want to have full control on action permissions separately for each user. If you think, that your permissions can group in finite and small number on roles - you can decorate all actions/controllers by authorize attribute and specify roles, for which action/controller available: <code>[Authorize("Customer, Manager, RegionalAdmin")]</code> and give admin possibility to assign roles to users. But remember, that in is enough to be in only 1 of listed roles to get access, you can't require by this attribute, for example and Admin, and Manager roles. If you want to require necessarily more than 1 role, use multiple attributes:</p> <pre><code>public class MyController:Controller { [Authorize(Roles = "Manager")] [Authorize(Roles = "Admin")] public ActionResult Action1() { //... } } </code></pre> <p>2.For your pages you can create your own filter attribute, inherited from authorize attribute, that will check, if action is available for user (i think you want to assign actions but not views to user).</p> <pre><code>public UserPermissionRequiredAttribute: AuthorizeAttribute { public OnAuthorization(AuthorizationContext filterContext) { var isAuthenticated = filterContext.HttpContext.User.Identity.IsAuthenticated; var userName = filterContext.HttpContext.User.Identity.Name; var actionName = filterContext.ActionDescriptior.ActionName; var controllerName = filterContext.ActionDescriptior.ControllerDescriptor.ControllerName; if (isAuthenticated &amp;&amp; myUserActionPermissionsService.UserCanAccessAction(userName, actionName, contollerName) { filterContext.Result = HttpUnauthorizedResult(); // aborts action executing } } } </code></pre> <p>3.Decorate actions (controllers), that accessible for users granted by admin:</p> <pre><code>MySpecialController: Controller { [UserPermissionRequired] Action1() { //... } [UserPermissionRequired] Action2() { //... } Action3() { //... } </code></pre> <p>}</p> <p>I don't recommend to use base controller for that aim, because attribute usage is more flexible (you have control on action/controller level instead of only controller level), it is better way to implement separated responsibility. Base controller and filter attribute usage correlated as polymorphism and switch operator.</p>
    singulars
    1. This table or related slice is empty.
    1. PORole Management in MVC3
      singulars
      1. PTQuestion
    1. PTAnswer
    1. USEvgeny Levin
    1. USEvgeny Levin
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    2. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    3. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    1. This table or related slice is empty.
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload