tags:

views:

36

answers:

1
Q: 

How to manage significant functionality differences between user types in ASP.NET MVC2

I think I may have made a mess of my controllers. I have a fairly simple site that allows users of type "Staff" or "Client" to view Projects. Staff have access to all projects, can add and delete them, add and delete users, assign clients permission to projects, etc.

As it stands this means I have a UserController and ProjectController, littered with Authentication attributes (ie. so a Client can change his email but nothing else like permissions, and Clients can't add/remove/edit projects but can browse their contents).

And also, based on the user type/role, I switch out menu components. Should I be splitting up my controllers to have narrower focus, or is this a candidate for Areas? I "feel" like to much of my code is checking whether user X can do action Y based on both his role AND explicit per-project permissions.

PS. I rewrote the subject several times trying to make it shorter :\

+2  A: 

Have you considerd splitting your controllers like so:

  • ClientUserController

  • ClientProjectController

  • StaffUserController

  • StaffProjectController

Splitting like this would allow you to easily have specialised controllers and views for each user type. Use a single Authentication attribute at the top of each "Staff" controller to secure access.

By setting up approriate routes, you could mainatin friendly URLs to each controler type: eg

  • /User/Edit (Shows all User detail, but only allows edit of Email field)
  • Staff/User/Edit (Allows edit of all User fields)
JcMalta  2010-08-14 08:11:16
Yeah that might be the way to go. I did start off with a ie. UserAdminController, but I ended up with too much duplication. I'll see if I can clean it up a bit.
George R  2010-08-14 09:05:40
You can always share common functionality between controllers ... remember that Controllers are really nothing more than classes - it is only the naming conventions (to enable to framework to call the correct method) that make them seem "magical".Also, never underestimate the power of using different ViewModels for acheiving different functionality .. your main controller code could remain the same, but the data presented to the View (including Display-type attributes etc) could vary according to which view you decide to present and the data (both real and meta-data) that you pass.
JcMalta  2010-08-14 11:27:14

related questions

What's the best way to implement field validation using ASP.NET MVC?
How do I handle page flow in MVC (particularly asp.net)
Entity diagrams in ASP.NET MVC
How do I get rid of Home in ASP.Net MVC?
Can I generate ASP.NET MVC routes from a Sitemap?
ASP.NET Model-view-controller (MVC) - where do I start from?
user controls and asp.net mvc
ASP.Net MVC route mapping
RSS Feeds in ASP.NET MVC
Open Source Licensing Options for ASP.NET MVC Application?
Does the OutputCacheFilter in the Microsoft MVC Preview 4 actually save on action invocations?
MVC Learning Resources
Validating posted form data in the ASP.NET MVC framework
Best mock framework that can do both WebForms and MVC?
Use the routing engine for form submissions in ASP.NET MVC Preview 4
How do you get a custom id to render using HtmlHelper in MVC
MVC Preview 4 - No route in the route table matches the supplied values.
Is there a way to include a fragment identifier when using Asp.Net MVC ActionLink, RedirectToAction, etc. ?
In ASP.NET MVC I encounter an incorrect type error when rendering a user control with the correct typed object
ASP.NET MVC - Is it worth it yet?
Multiple languages in an ASP.NET MVC application?
Is it better to create Model classes, or just stick with generic database utility class?
ASP.NET MVC Without Visual Studio
ASP.NET MVC "CRUD" Database Sample
How to RedirectToAction in ASP.NET MVC without losing request data