如何为某些用户配置文件ASP.NET提供删除授权
[英]How to provide delete authorization to certain user profiles ASP.NET
问题描述
I want to give permission to certain user profiles (ie Administrators, Managers which I already have it in DB) to delete certain records in DB if they press the delete button in my ASP.NET web application page. 
我想授予某些用户配置文件(即,数据库中已有管理员的管理员)的权限,如果他们按我的ASP.NET Web应用程序页面中的删除按钮,则可以删除数据库中的某些记录。 Can someone help me on this? 有人可以帮我吗? Or provide me useful resources. 或为我提供有用的资源。
1 个解决方案
解决方案1
0 已采纳 2015-06-29 15:27:51
There are many options to handle user roles. 有许多选项可以处理用户角色。 One of them is forms authentication . 其中之一是表单身份验证 。 It makes role management very easy and you won't have to spend much time on it once you get it set up. 它使角色管理变得非常容易,并且设置完成后,您无需花费太多时间。 More info here . 更多信息在这里 。
If you wanted to set up your own role management system, you could just add a column to your Users table called Role and set visibility of controls based on the value of Role . 如果您想建立自己的角色管理系统,则可以在Users表中添加一个名为Role的列,并根据Role的值设置控件的可见性。
If it were me, I would add a class called CurrentUser having the properties from your Users table (including Role ). 如果是我,我将添加一个名为CurrentUser的类,该类具有您的Users表(包括Role )中的属性。 Your Insert() , Update() , and Delete() methods might then look something like this: 然后,您的Insert() , Update()和Delete()方法可能看起来像这样:
if (CurrentUser.Role == "Admin" || CurrentUser.Role == "Manager")
{
// Allow insert, update, or delete to process
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.