简体繁体 English

设置用于在IIS7中读写文档文件的用户权限

[英]Setting up user permissions for reading and writing document files in IIS7

原文 2009-11-15 01:22:15 9 2 c#/ asp.net-mvc/ iis/ iis-7

I want to make a very simple CMS for my sites. 我想为我的网站制作一个非常简单的CMS。 So what I am thinking is this a user logs in and a list of their pages shows up. 所以我在想这是用户登录并显示其页面列表。 Now they change their ends and save it. 现在他们改变了自己的目的并保存了下来。 My C# code would then write over the file/section. 然后，我的C＃代码将覆盖文件/部分。

So I don't think it would be to bad to do this however I am not sure about how it works with read and write premission and how to set it up. 因此，我认为这样做并不坏，但是我不确定它如何与读写权限以及如何设置权限有关。

Like I want the user to only be able to read and write to their files they own. 就像我希望用户只能读取和写入其拥有的文件一样。

So if User A has Page1.html and Page2.html they can only read those files and write to those files they can touch User B's page3.html and Page4.html 因此，如果用户A具有Page1.html和Page2.html，则他们只能读取这些文件并写入这些文件，因此他们可以触摸用户B的page3.html和Page4.html

So how would I setup this up? 那么我该如何设置呢？

Thanks 谢谢

2 个解决方案

When you create your list of files, you will be reading that list from a database repository. 创建文件列表时，您将从数据库存储库中读取该列表。 Include in that code conditions that allow only those records for which the user has permission. 在该代码条件中包括仅允许用户具有权限的那些记录的条件。

The most straightforward way to do this is to create a table with two columns: UserID and DocumentID. 最简单的方法是创建一个包含两列的表：UserID和DocumentID。 A presence of a record in the table indicates that the user has permission to that particular document. 表中记录的存在表示用户有权访问该特定文档。 Add records to this table that give the user permissions to the appropriate documents. 将记录添加到此表中，这些记录将授予用户适当文档的权限。

Then, when you read the documents from the database, you can join this table to the documents table via the DocumentID, and filter the table by UserID. 然后，当您从数据库中读取文档时，可以通过DocumentID将此表连接到Documents表，并按UserID过滤该表。 This will return only those records for which the user has permission. 这将仅返回用户具有权限的那些记录。 You can then use that set of records as the basis for the list of documents that you display to the user. 然后，您可以使用该组记录作为显示给用户的文档列表的基础。

You could employ a cms the SharePoint way. 您可以采用cms的SharePoint方式。 You begin with a base file on the network. 您从网络上的基本文件开始。 If a change to it is made then the page is stored in a database. 如果进行了更改，则该页面将存储在数据库中。 each subsequent change is a db change and the application renders the last entry in the table for that page. 随后的每个更改都是数据库更改，并且应用程序在该页面的表中呈现最后一个条目。

this does two things. 这有两件事。 first, you can see revisions and re-instate them. 首先，您可以查看修订并恢复它们。 you can see a complete history of the page, who made the changes and when. 您可以查看该页面的完整历史记录，更改者和更改时间。

it also allows you to lock pages within the database and assign roles/users against the pages. 它还允许您锁定数据库中的页面，并根据页面分配角色/用户。 you can then apply a decoration to the controller which checks rights and either renders the page or displays a access denied page and then log the attempted access to the page. 然后，您可以对控制器进行装饰，以检查权限并呈现页面或显示访问被拒绝的页面，然后记录对页面的尝试访问。

i know this sounds complex but can you foresee a time when after you've gone live with your cms that the client is going to want more from it? 我知道这听起来很复杂，但是您可以预见，在您的cms上线之后，客户会从中得到更多的希望吗？ you need to implement a solution that's adaptable to needs. 您需要实施适合需求的解决方案。

if it's worth writing then it's worth writing well. 如果值得写作，那就值得写作。