Extending ASP.NET Role provider in MVC
Question
I want know if this can be done and if there is somewhere that you can point me in the right direction.
Basically, at the moment, i am using the built in Role Provider for asp.net, on my controller actions, i use a custom attribute filter as described here.
But what i would like to do is extend it even further to do something like this:
Admin - View, Edit, Delete
Manager - View, Edit
So basically, granular permissions. I have searched around on the net, but can't seem to find any way of doing this without writing my own authentication/authorisation providers:(
Any help would be greatly appreciated!!
Cheers, Nick
1 answers
solution1
1 2011-06-08 12:43:15
There are several ways to tackle this. The easiest (but not necessarily best) way is to have partial views with the navigation elements, view/edit/delete and if statements surrounding each link checking the currebt User's role.
Alternatively, at the other end of the spectrum is something called AzMan (Microsoft's Authorisation Manager) which allows you to create very granular role and task-based authorizations.
AzMan been around for ages but as far as I know it is now incorporated into MS's enterprise library .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.