Handling Roles end-to-end
in [CSharp]
|
Prev: Delegate Called via System.Reflection.Emit Returning Wrong Value
Next: accessing public members of a .net asembly exe
From: rodchar on 7 May 2010 23:24 Hi All, I have an employees database which consists of personnel and salespeople. Let's say I have 2 offices. One in Los Angeles and one in New York. I have Sales Managers and Sales Reps in both locations. What's the simplest way to handle these roles in a system? For instance, how do I make sure that sales managers can only see their sales reps and no one else's. And regional managers can see all sales managers under them only. And system administrators can see everyone. How do you handle this type of hierarchy in a system end-to-end? Any kind of resource is welcomed. Thanks, Me
From: Glenn on 7 May 2010 23:35 Active directory will implement the hierarchy, but then you have to interface with it. If you have never done that, then it can be daunting. .NET framework has objects for traversing the directory structure. If you don't have Active Directory, try out Active Directory for Application Mode (ADAM). It can be installed on any computer and implement a lightweight directory for your application. --- frmsrcurl: http://msgroups.net/microsoft.public.dotnet.languages.csharp/Handling-Roles-end-to-end
From: Mr. Arnold on 8 May 2010 00:47 rodchar wrote: > Hi All, > > I have an employees database which consists of personnel and salespeople. > > Let's say I have 2 offices. One in Los Angeles and one in New York. I have > Sales Managers and Sales Reps in both locations. > > What's the simplest way to handle these roles in a system? For instance, how > do I make sure that sales managers can only see their sales reps and no one > else's. And regional managers can see all sales managers under them only. And > system administrators can see everyone. > > How do you handle this type of hierarchy in a system end-to-end? Any kind > of resource is welcomed. > There is no simple way here. However, you can implement a roles based security scheme. <http://msdn.microsoft.com/en-us/library/52kd59t0(VS.80).aspx> By using SQL server tables and a hash table, one can assign various roles and rights to a user right down to the region/local the user is located or user has rights across regions/locals. <http://www.codeguru.com/csharp/.net/net_security/authentication/article.php/c7415>
From: rodchar on 11 May 2010 07:29
what is the concept behind whether a user can see sensitive information lateral to his role and below it? In other words, how would you relate the employees table to, let's say, a customers table so that employees can only see the customers there suppose to? I'm sorry I'm being vague because I'm not sure how to articulate the single point I'm trying to ask about. "rodchar" wrote: > Hi All, > > I have an employees database which consists of personnel and salespeople. > > Let's say I have 2 offices. One in Los Angeles and one in New York. I have > Sales Managers and Sales Reps in both locations. > > What's the simplest way to handle these roles in a system? For instance, how > do I make sure that sales managers can only see their sales reps and no one > else's. And regional managers can see all sales managers under them only. And > system administrators can see everyone. > > How do you handle this type of hierarchy in a system end-to-end? Any kind > of resource is welcomed. > > Thanks, > Me |