I'm working with ASP.Net Dynamic Data and I have a section in my web.config like this:
<location path="Foo/List.aspx">
<system.web>
<authorization>
<allow roles="The Name of Some Role"/>
<deny users="*"/>
</authorization>
</system.web>
</location>
This works fine for restricting access to that path, however later I'll want to restrict access to similar paths like "Bar/List.aspx" (Every time I add a new table in Dynamic Data there will be a new similar path) It would be nice if I could use a regular expression here, but I don't think I can. I think the solution is to tweak the routing to where Foo and Bar fall under the Role1 path like Role1/Foo/List.aspx and Role1/Bar/List.aspx
So I'll want to change the code that registers my routes to something like this:
routes.Add(new DynamicDataRoute("{role}/{table}/{action}.aspx") {
Constraints = new RouteValueDictionary(new { action = "List|Details|Edit|Insert" }),
Model = DefaultModel
});
Two questions:
- Would you solve this problem with routing like this? Or would you do something different?
- Assuming this is a good way to do this, how do I get Dynamic Data to map URL's to routes like this? I think ideally I'd like to decorate my models (I'm using LinqToSQL) with attribute tags designating the roles that should be allowed for each one.