C
Craig Buchanan
i am hoping to leverage asp.net user and role based security framework to
help me secure the data in my application at a database-row-level.
essentially, i need to:
* assign a user to a role
* assign a role to a record, specifying the access level (no access,
read-only, edit, full control)
* enforce the access w/o creating tuples--if a user is assigned to two
roles and both roles have access to the same record, i don't want two,
duplicate records returned.
seems like there should be a best practice related to this topic, but i have
been unable to find anything. thoughts appreciated.
thanks,
craig buchanan
help me secure the data in my application at a database-row-level.
essentially, i need to:
* assign a user to a role
* assign a role to a record, specifying the access level (no access,
read-only, edit, full control)
* enforce the access w/o creating tuples--if a user is assigned to two
roles and both roles have access to the same record, i don't want two,
duplicate records returned.
seems like there should be a best practice related to this topic, but i have
been unable to find anything. thoughts appreciated.
thanks,
craig buchanan