ARCHITECTURE : Enabling and disabling functionality in ASP.NET based on roles.

  • Thread starter Thread starter VSK
  • Start date Start date
V

VSK

Hi all,

In our ASP.NET web application we have to enable or disable features in each
ASP.NET page based on role assigned to user.

Ex: if user who logs in is superisor then he can change phonenumber in
page1.aspx
if user who logs in is finaceofficial then he can just view the phone
number in page1.aspx

Thus Each page has elements whose functionality is enabled or disabled based
on roles.

Iam trying to do this checks in a Single class for all page and am not sure
whether it efficient.
My idea is to put code which checks the roles and enables and disabes server
controls in one class for easier maintenence.Not sure as to whether there is
any other alternative.

PS: am passing the entire Page object to the class :
objPageController.DeterminePageElements(this,"webform1");

Ex
a.aspx.cs
----------
private void Page_Load(object sender, System.EventArgs e)
{
PageController objPageController = new PageController();
objPageController.DeterminePageElements(this,"webform1");
}

PageController.cs
-----------------
public void DeterminePageElements(System.Web.UI.Page objPage,string
strPageName)
{
switch(strPageName){
case "webform1" :
//find the controls which are to be enabled or
//disabled from page collection.
//check for the role and credentials
//dummy code will be something like below
TextBox tb = objPage.FindControl("TextBox1");
if(security related checks)
{
tb1.Enabled = true;
}
else
{
}
case "" :
case "" :
....
}
}

Please let me know whether am doing anything wrong.

TIA for your patience
VSK
 
VSK said:
Hi all,

In our ASP.NET web application we have to enable or disable features in each
ASP.NET page based on role assigned to user.

Ex: if user who logs in is superisor then he can change phonenumber in
page1.aspx
if user who logs in is finaceofficial then he can just view the phone
number in page1.aspx

Thus Each page has elements whose functionality is enabled or disabled based
on roles.

Iam trying to do this checks in a Single class for all page and am not sure
whether it efficient.
My idea is to put code which checks the roles and enables and disabes server
controls in one class for easier maintenence.Not sure as to whether there is
any other alternative.

PS: am passing the entire Page object to the class :
objPageController.DeterminePageElements(this,"webform1");

Ex
a.aspx.cs
----------
private void Page_Load(object sender, System.EventArgs e)
{
PageController objPageController = new PageController();
objPageController.DeterminePageElements(this,"webform1");
}

PageController.cs
-----------------
public void DeterminePageElements(System.Web.UI.Page objPage,string
strPageName)
{
switch(strPageName){
case "webform1" :
//find the controls which are to be enabled or
//disabled from page collection.
//check for the role and credentials
//dummy code will be something like below
TextBox tb = objPage.FindControl("TextBox1");
if(security related checks)
{
tb1.Enabled = true;
}
else
{
}
case "" :
case "" :
....
}
}

Please let me know whether am doing anything wrong.
Click to expand...

Why in the world would you want one class to be aware of all of your pages?

You can easily enable or disable a control by setting its Enabled property
based on IsInRole:

txtPhoneNumber.Enabled = Page.User.IsInRole("Supervisor")
 
this is the design in this company according to which when user logs in a
user object is created with uname,logintime, multiple roles(not single
role).

For each role we will get pagesection credentials.
Pagesectioncredentials table
----------------------------
pagesectioncredentailsid pageid sectionid roleid isenabled
1 1 1 1
0/1
where sectionid represents functionality in page.

So we have to get the roles and then pagesectioncredentails for each of them
and then enable or disable based on "isenabled" field.
There is no scope for changing DB design at this point of time....

i have worked with a user with single role in prev projects.this is new to
me.. :)

thanks for the suggestion

VSK
 
I said nothing about single roles. A user can be in multiple roles, and
IsInRole can be used to test for each one.

--
John

VSK said:
this is the design in this company according to which when user logs in a
user object is created with uname,logintime, multiple roles(not single
role).

For each role we will get pagesection credentials.
Pagesectioncredentials table
----------------------------
pagesectioncredentailsid pageid sectionid roleid isenabled
1 1 1 1
0/1
where sectionid represents functionality in page.

So we have to get the roles and then pagesectioncredentails for each of them
and then enable or disable based on "isenabled" field.
There is no scope for changing DB design at this point of time....

i have worked with a user with single role in prev projects.this is new to
me.. :)

thanks for the suggestion

VSK
Click to expand...
 
Back
Top