ASP.NET Custom Role provider: Role depending on the context? -

-


ASP.NET Custom Role provider: Role depending on the context? -

i'm starting new project, , i've question custom role provider asp.net mvc 3.

i need have role verification several actions of constructor, said me, okay easy, can utilize role provider.

the problem role depending of current "context":

in fact users in database linked several "entities", , have role "a" entity x, , role b entity y. info displayed/edited "childrens" of entity

it's strictly separated: when log in, have take entity want work, , then, until inquire alter of entity, have info of entity , rights of entity.

the current "entity" stored in session.

the goal have no unauthorized menu/action entity x, because right allowed user y.

the problem in role provider, i've no way receive context, receive username.

so think do?(if can help, membership custom membership provider).

to block access specific pages implement rolemanagementfilter on actions. allow users in employee role, admin role access specific pages.

[requiresemployeerole(route = "account", action = "logon", order = 1)] public actionresult employeesettings(){ homecoming view(); }

what actionfilter based on role of user requesting page either redirect them route , action set route = "account", action = "logon" or allow them in.

below part of actionfilterattribute.

public override void onactionexecuting(actionexecutingcontext filtercontext) { string[] roles = roles.getrolesforuser(); string userrole = ""; if (roles.length > 0) userrole = roles[0]; if (regex.ismatch(userrole, role)) filtercontext.httpcontext.response.redirect(redirecturl(), true); }

i don't know how may entities have, , if feasable or not, if create roles each entity, attach users roles base of operations restrictions on actions if user in roles.getrolesforuser();

i found msdn article re action filters http://msdn.microsoft.com/en-us/magazine/gg232768.aspx might help. there plenty of examples out there hope helps out.

asp.net asp.net-mvc authorization membership-provider roleprovider

Comments

Post a Comment

Popular posts from this blog

How do I check if an insert was successful with MySQLdb in Python? -

-
How do I check if an insert was successful with MySQLdb in Python? - i have code: cursor = conn.cursor() cursor.execute(("insert new_files (videos_id, filename, " "is_processing) values (%s,%s,1)"), (id, filename)) logging.warn("%d", cursor.rowcount) if (cursor.rowcount == 1): logging.info("inserted values %d, %s", id, filename) else: logging.warn("failed insert values %d, %s", id, filename) cursor.close() fun is, cursor.rowcount always one, though updated database create videos_id unique key. is, insert fails because in tests same videos_id going appear (and when check database, nil inserted). whatever reason, rowcount 1 - logging.warn have spits out rowcount of 1. so, question: can utilize rowcount work out if insert went fine? if so, (presumably) doing wrong? otherwise, how check if insert went fine? your code not commit after modifications (your modifications rolled back). should...
Read more

delphi - blogger via idHTTP : error 400 bad request -

-
delphi - blogger via idHTTP : error 400 bad request - i'm trying post blogger using idhttp component, however, i'm getting "http/1.0 400 bad request" error. procedure tform1.button1click(sender: tobject); var request,response,req : tstringlist; auth,blogid : string; begin blogid := '00000000000000000000000'; request := tstringlist.create; response := tstringlist.create; req := tstringlist.create; idhttp1.request.connection := 'keep-alive'; idhttp1.request.contenttype := 'application/x-www-form-urlencoded'; idssliohandlersocket1.ssloptions.method := sslvsslv23; request.clear(); request.values['accounttype'] := 'google'; request.values['email'] := 'xxx@gmail.com'; request.values['passwd'] := 'yyy'; request.values['service'] := 'blogger'; response.text :=idhttp1.post('https://www.google.com/accounts/clientlogin',request); auth := resp...
Read more

postgresql - ERROR: operator is not unique: unknown + unknown -

-
postgresql - ERROR: operator is not unique: unknown + unknown - i have postgis database , have compute new values rows in new column. these values should average of values of several columns. query: insert bdps (da_m) values (avg('da_1'+'da_2'+'da_3'+'da_4'+'da_5'+'da_6'+'da_7')); in query bdps database, da_m new column , da_1 da_7 existing columns have double precision type. da_m created using alter table bdps add together column da_m double precision; i next error: error: operator not unique: unknown + unknown line 2: values (avg('da_1'+'da_2'+'da_3'+'da_4'+'da_5'+'da_6'+'da_7... ^ hint: not take best candidate operator. might need add together explicit type casts. ********** error ********** error: operator not unique: unknown + unknown sql state: 42725 hint: not take best candidate operator. might need add togethe...
Read more