In an asp.net webform app, I need to restrict the logged in user to show data only for their company. This is a primary key of my topmost table. How to I set that based off the user. I imagine I would have another table with some user ID mapped to company ID?
A:
If a user can be part of exactly one company, then generally there would be a table of companies and a table of users, with the latter having a company ID foreign key column to the primary key of the former. The user object would then have the company ID throughout the application (such as in the cookie data or session data) and the application would apply filtering rules accordingly.
David
2010-09-06 23:26:24
sure, how would i wire up with the asp.net user. is there an object for the currently logged in user?
tim
2010-09-06 23:39:56
Are you using the Asp.Net Membership API?
GenEric35
2010-09-07 00:00:04
@tim: That's going to depend a lot on how your application is currently set up. I usually have the authentication request processed through custom domain models, one of which is a "User". That custom model would have the company data in it and would follow the logged-in user by use of their session (validated from their cookie).
David
2010-09-07 00:00:22
Yes, i am using the membership api. My question is how to i tie into that?
tim
2010-09-07 01:26:16
@Tim: I'm not 100% sure on how to use the membership DB alongside data that is non-membership? Is it ok to build around the membership database or is there another table created in your enterprise database, for example Employee, that would map to it? I would suggest editing the title of your question to include ASP.Net Membership API. Surely someone with a lot of experience with it will be able to suggest the best way. As for me I don't know the best answer and will stick around to see. Good question!
GenEric35
2010-09-07 01:55:49