[英]How to provide delete authorization to certain user profiles ASP.NET
I want to give permission to certain user profiles (ie Administrators, Managers which I already have it in DB) to delete certain records in DB if they press the delete button in my ASP.NET web application page. 我想授予某些用户配置文件(即,数据库中已有管理员的管理员)的权限,如果他们按我的ASP.NET Web应用程序页面中的删除按钮,则可以删除数据库中的某些记录。 Can someone help me on this?
有人可以帮我吗? Or provide me useful resources.
或为我提供有用的资源。
There are many options to handle user roles. 有许多选项可以处理用户角色。 One of them is forms authentication .
其中之一是表单身份验证 。 It makes role management very easy and you won't have to spend much time on it once you get it set up.
它使角色管理变得非常容易,并且设置完成后,您无需花费太多时间。 More info here .
更多信息在这里 。
If you wanted to set up your own role management system, you could just add a column to your Users
table called Role
and set visibility of controls based on the value of Role
. 如果您想建立自己的角色管理系统,则可以在
Users
表中添加一个名为Role
的列,并根据Role
的值设置控件的可见性。
If it were me, I would add a class called CurrentUser
having the properties from your Users
table (including Role
). 如果是我,我将添加一个名为
CurrentUser
的类,该类具有您的Users
表(包括Role
)中的属性。 Your Insert()
, Update()
, and Delete()
methods might then look something like this: 然后,您的
Insert()
, Update()
和Delete()
方法可能看起来像这样:
if (CurrentUser.Role == "Admin" || CurrentUser.Role == "Manager")
{
// Allow insert, update, or delete to process
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.