tags:

views:

386

answers:

4
Q: 

ASP.NET, how to manage users with different types of roles

Hi folks.

I know, that this is probably going to be a very simple and frequently asked question. I have searched for solutions, but I am overwhelmned by the huge amount of documentation about memberships and roles. I'm very new to the asp.net and general concepts behind it, and my head is spinning after watching hours of video tutorials as asp.net/learn :)

My goal is: I want to create a website with various users. The users can have different roles, admin and user, which is a very well documented situation. But I would like to also group the users on their location, so at each location I can have both admins and users. - A multi dimensional role system? The reason is, that users in Germany should have access to a certain set of documents, while the Italian users shouldn't.

What I'm asking for is, where should I look for documentation on this specific topic? I need some way to limit my search, maybe some keywords.

Kind regards, Casper

A: 

You might want to look at custom profile properties. MSDN

Paddy  2009-09-02 12:46:53
+2  A: 

A different approach would be to add another set of roles, corresponding with the different locations available, for example Germany and Italy. You then make all German users members of the Germany role, and the German admins members of both Germany and Admin. When checking permissions, you then check both for Admin and for the current locale.

Remember, one user can have many roles.

Tomas Lycken  2009-09-02 13:06:15
I have thought of that, but how do I distinguish between location and user-type roles? The approach I would used in the late 90’s, was to have a database with a user table, a role table, a location table and Ids to link them together. Then I could distinguish between the different types, do lookups based on the different types and so on. But I think that asp.net might have done this easier, and that is what I’m looking for. Does that make sense?
Chau  2009-09-02 13:18:18
I see your point, and no - this solution does not provide a simple answer to that question. If it's important for you to be able to list locations specifically, you might want to implement your own ´MembershipProvider´ that inherits from the standard one. On the other hand, if you're only going to have Admins and Users (or maybe one or two more roles) and the rest will be locations, you can list all but the few roles you have. Ugly, but working...
Tomas Lycken  2009-09-03 12:49:20
Greg  2009-09-03 15:54:54
That is my approach so far, but I can imagine the huge amount of roles necessary to represent 100 countries multiplied by the number of user types (admin, user...) multiplied by the number of different capabilities each user needs to have (adding, editing, printing, deleting...). Is this the normal approach or is there a better "best practice"?
Chau  2009-09-04 13:27:18
Well, that sounds like kind of a pain to manage, honestly. I'm not sure what to tell you.
Greg  2009-09-04 13:29:54
Tomas Lycken  2009-09-04 13:33:22
@Tomas: If a user is a member of Germany and Italy, but has admin rights for Germany, but only user in Italy, how should I manage that?
Chau  2009-09-07 08:40:36
True, that would not be coveredy by my setup. I had no understanding that support for that scenario was a requirement.
Tomas Lycken  2009-09-07 14:55:15
A: 

Please check this thread, hope will help you.. http://stackoverflow.com/questions/995776/c-how-to-secure-webpages/995795#995795

Muhammad Akhtar  2009-09-02 16:53:44
+1  A: 

First of all, please see the very excellent tutorial series on 4GuysFromRolla: http://aspnet.4guysfromrolla.com/articles/120705-1.aspx

Secondly, the built in Role Provider is extremely rudimentary. You associate a user with a string (role) and that's pretty much it. There's no heirarchy or additional properties that you associate with the role, unless you pack in into the string (role name).

Greg  2009-09-02 17:02:51
#1: Yeah, I have looked at that, but it still confuses me :)#2: Exactly what I was afraid of. The things you say it lacks, are probably what I'm looking for :S
Chau  2009-09-03 06:30:51

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps