ansaurus

Question

Why would I hard-code user permissions in my controller attributes?

Answer 1

+1 A:

You wouldn't, hardcoding users is a bad smell. Roles exist for things like that.

Edit: I believe that, like when .net 1.0 hit with the whole web.config with allow/deny permissions, those are (or atleast SHOULD ONLY be) used as example sauce, even tho I'm into the pile of people that believe that blogs, tutorials and samples should only use good practices.

F.Aquino 2010-02-16 15:27:36

Answer 2

+1 A:

The only "legitimate" reason to do that I can think of is building a back-door - either for nefarious, or for "future maintenance" purpose. The latter is Bad Juju as it introduces security risk. The former is Bad Juju as well of course :)

DVK 2010-02-16 15:27:49

Answer 3

+3 A:

There are a few legitimate uses of this, and here's one example: If you're building a really simple site, that simply has an admin account and an unauthenticated account, you could do

[Authorize(Users = "Admin")]

This saves you the trouble of bothering to construct roles just for a single user. Think UNIX style, where the root account (uid 0) is special rather than a particular group.

Another example is simply a throw-away application, where you're testing something. There's no reason to bother with roles if you just want to test your authentication page or something like that.

One more reason: testing. You could build a unit test just for your authentication without wanting to unit test your role based framework. (Keep in mind, not everyone is using the default membership provider, and some membership providers are pretty sophisticated.) By creating a hard coded authentication for a test user, you can bypass the roles framework.

David Pfeffer 2010-02-16 15:30:47

Agree, but couldn't you just do `Role = "Admin"`?

Robert Harvey 2010-02-16 15:31:50

@Robert Harvey: No because then any administrator account would be able to access the feature. In his example, only THE administrator account may access it.

Joel Etherton 2010-02-16 15:36:53

Right. That's why I'm drawing the analogy to root. For example, on most UNIX systems (those using a PAM authentication system excepted) the root account with uid=0 has special rights to everything. Other admins, members of the wheel group, are permitted to `sudo` (do as super user) or `su` (become superuser) which transforms them into the uid=0 account for a limited time (either for a command or until they exit their shell). But the user itself is special, not the membership in the wheel (admin) group.

David Pfeffer 2010-02-16 15:48:25

Answer 4

A:

A couple of reasons you might consider doing it:

The application is expected to have a very short lifecycle and no maintenance is required.
The user(s) in question may not belong to a sufficiently defined group (as in the case of a small business), and there are no expected changes. (still very bad design, but it wouldn't be unheard of)
You may have several overloads in a small application that require different behaviors for individuals within a group.

In any case it boils down to bad design and you wouldn't want to do it. But the interface is there because it is the simplest level of control.

Joel Etherton 2010-02-16 15:35:26

Answer 5

A:

I agree with David Pfeffer.

In addition I think you could define a set of users with very specific permissions and jobs inside your app -maybe testing purposes, perhaps perfomance tracking... you will know it when the requirement knock the door ; )-.

Simply a group that is not supposed to be contained in the set of valid users used by your application. : ) -the hardcore way-

SDReyes 2010-02-16 16:23:38

ansaurus

tags:

views:

answers:

Why would I hard-code user permissions in my controller attributes?

related questions