Application Structure / Class Design

Question

User-1498408751 posted

Hello,

I am attempting to create my first application using a proper structure and object orientated programming.

I am looking for some advice/guidance as I attempt my project.

I need to perform the following tasks (Here are some of the main ones anyway).

1) Make sure the user is logged-in (check for cookie)

2) Get the current page content (or the homepage content if there is no page id)

3) When a user is viewing a page ensure that they have the proper permissions to view the page (check their role by UserId and compare it to the page role)

4) Write the page stats (for this application I am just storing the user id and page id in a database)

This is how I see my application being structured

I'll have a class for:

- Permissions

  -- IsLoggedIn -> Function to see if Cookie exits - return True or False

  -- HasPagePermission -> Function to check database to see if the user has the same permission as the page

- Pages

  -- ShowContent (ByVal PageId as Integer) -> Function to return content from database, if PageId = 0 then display homepage Info

  -- WriteStats (ByVal PageId as Integer, ByVal UserId as Integer) -> Function to record userId and PageId in database

I would then have my test.aspx page and From the PageLoad I would create objects and check the IsLoggedIn

If that is true then Check to see if user hasPagePermission. If that is true then write the content and then store page stats (WriteStats)

Is this how I would tackle the creation of my application? Or is there a better way to accomplish this? 

Thanks

Hello,

I am attempting to create my first application using a proper structure and object orientated programming.

I am looking for some advice/guidance as I attempt my project.

I need to perform the following tasks (Here are some of the main ones anyway).

1) Make sure the user is logged-in (check for cookie)

2) Get the current page content (or the homepage content if there is no page id)

3) When a user is viewing a page ensure that they have the proper permissions to view the page (check their role by UserId and compare it to the page role)

4) Write the page stats (for this application I am just storing the user id and page id in a database)

This is how I see my application being structured

I'll have a class for:

- Permissions

  -- IsLoggedIn -> Function to see if Cookie exits - return True or False

  -- HasPagePermission -> Function to check database to see if the user has the same permission as the page

- Pages

  -- ShowContent (ByVal PageId as Integer) -> Function to return content from database, if PageId = 0 then display homepage Info

  -- WriteStats (ByVal PageId as Integer, ByVal UserId as Integer) -> Function to record userId and PageId in database

I would then have my test.aspx page and From the PageLoad I would create objects and check the IsLoggedIn

If that is true then Check to see if user hasPagePermission. If that is true then write the content and then store page stats (WriteStats)

Is this how I would tackle the creation of my application? Or is there a better way to accomplish this? 

Thanks

Answer 1

User-364289655 posted

That sounds like a good start. It's difficult to give you much more feedback as there isn't much going on here.

It's probably overkill, but you should consider looking at asp.net Profiles and membership providers at some point and digging into how those work.

~P 

Answer 2

User-952121411 posted

Introduction to Membership: 

http://msdn.microsoft.com/en-us/library/yh26yfzy.aspx

How To: Use Membership in ASP.NET 2.0:

http://msdn.microsoft.com/en-us/library/ff648345.aspx

 

Answer 3

User-1498408751 posted

Great. Thanks for the resources. Right now I am trying to wrap my head around best practices for coding/architecture and OOP

I have a couple questions (I'll post my code below):

• How do I use the Get and Set methods? I understand how to write the code but am unsure when or how to use it? Like would I use this for my pageId and userId rather than having this information on the test.aspx.vb page? And if so, would I have to have the get and set methods in each class?
• Is it good practice to have the all the calls to the database within the Class or should it be separated out?
• What is the best way to handle errors within the application?

Thanks again!

Here is the Code:

test.aspx.vb

Partial Class test
    Inherits System.Web.UI.Page

    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        Dim pageId As Integer = 0
        Try
            pageId = Convert.ToInt32(Request.QueryString("pageId"))
        Catch ex As Exception
            Response.Redirect("error.aspx")
        End Try
        Dim userId As String = "A4F0A227-BCBE-4A6F-A56A-AA4AZA84QD1A" 'Get Real User ID from cookie
        Dim Permissions As New Security
        If Permissions.IsLoggedIn(1) And Permissions.HasPagePermission(pageId, userId) Then 'If user is Logged-In
            Dim Page As New Pages
            Label1.Text = Page.GetData(pageId, userId)
        End If

    End Sub

Security Class

Imports Microsoft.VisualBasic
Imports System.Data.SqlClient
Imports System.Web.HttpContext

Public Class Security
    Public Function IsLoggedIn()

        If Not IsNothing(Current.Request.Cookies.Get("X")) Then
            If Current.Request.Cookies.Get("X").Value < 0 Then
                Return False
                Exit Function
            Else
                Return True
            End If
        Else
            Return False
            Exit Function
        End If

        If Not IsNothing(Current.Request.Cookies.Get("Y")) Then
            If Current.Request.Cookies.Get("Y").Value < 1 Then
                Return False
                Exit Function
            Else
                Return True
            End If
        Else
            Return False
            Exit Function
        End If
    End Function

    Public Function HasPagePermission(ByVal pageId As Integer, ByVal userId As String)
        If pageId > 0 Then
            'Query Database
            Dim role As Integer = 0
            Dim sqlConn444 As New SqlConnection()
            sqlConn444.ConnectionString = ConfigurationManager.ConnectionStrings("ConnectionString").ConnectionString
            Dim cmd444 As New SqlCommand
            cmd444.CommandText = "SELECT roleId FROM [pagePermissions] WHERE pageId=@PageId"
            cmd444.Parameters.AddWithValue("@pageId", pageId)
            cmd444.Connection = sqlConn444
            sqlConn444.Open()
            cmd444.ExecuteNonQuery()
            Dim reader444 As SqlDataReader = cmd444.ExecuteReader()
            If reader444.Read() Then
                role = reader444("roleId")
            Else
                Return False
                Exit Function
            End If
            reader444.Close()
            sqlConn444.Close()
            '-- Check page role vs user role
            Dim sqlConn1444 As New SqlConnection()
            sqlConn1444.ConnectionString = ConfigurationManager.ConnectionStrings("ConnectionString").ConnectionString
            Dim cmd1444 As New SqlCommand
            cmd1444.CommandText = "SELECT roleId FROM [userPermissions] WHERE roleId=@roleId AND userId=@userId"
            cmd1444.Parameters.AddWithValue("@roleId", role)
            cmd1444.Parameters.AddWithValue("@userId", userId) 
            cmd1444.Connection = sqlConn1444
            sqlConn1444.Open()
            cmd1444.ExecuteNonQuery()
            Dim reader1444 As SqlDataReader = cmd1444.ExecuteReader()
            If reader1444.Read() Then
                'Continue with the script
                Return True
            Else
                reader1444.Close()
                sqlConn1444.Close()
                Return False
                Exit Function
            End If
            reader1444.Close()
            sqlConn1444.Close()
        Else
            Return True 'everyone has access to homepage if they are logged in
        End If
    End Function
End Class

Pages Class

Imports Microsoft.VisualBasic
Imports System.Data.SqlClient
Imports System.Web.HttpContext
Imports System.IO

Public Class Pages

Public Function GetData(ByVal pageId As Integer, ByVal userId As String)
        Dim Title As String = ""
        Dim Content As String = ""
        Dim Update As String = ""

        Dim sqlConn444 As New SqlConnection()
        sqlConn444.ConnectionString = ConfigurationManager.ConnectionStrings("ConnectionString").ConnectionString
        Dim cmd444 As New SqlCommand
        cmd444.CommandText = "SELECT title, content, submitted FROM PageMap INNER JOIN PageVersions ON PageMap.versionId=PageVersions.id INNER JOIN Pages ON PageMap.pageId=Pages.pageId WHERE PageMap.pageId=@pageId"
        cmd444.Parameters.AddWithValue("@pageId", pageId)
        cmd444.Connection = sqlConn444
        sqlConn444.Open()
        cmd444.ExecuteNonQuery()
        Dim reader444 As SqlDataReader = cmd444.ExecuteReader()
        If reader444.Read() Then
            Title = reader444("title")
            Content = Current.Server.HtmlDecode(reader444("content"))
            Dim lastUpdate As DateTime = reader444("submitted")
            Update = "<p>Updated on " & lastUpdate.ToString("MMM dd, yyyy") & "</p>"
        End If
        reader444.Close()
        sqlConn444.Close()
        TrackStats(pageId, UserId)
        Return "<h1>" & Title & "</h1>" & Content & Update
    End Function

    Private Sub TrackStats(ByVal pageId As Integer, ByVal userId As String)
        Dim sqlConn8888 As New SqlConnection()
        sqlConn8888.ConnectionString = ConfigurationManager.ConnectionStrings("ConnectionString").ConnectionString
        Dim cmd8888 As New SqlCommand
        cmd8888.CommandText = "INSERT INTO IN_pageAccessLog (userId, pageId) VALUES ( @userId, @pageId)"
        cmd8888.Parameters.AddWithValue("@userId", userId)
        cmd8888.Parameters.AddWithValue("@pageId", pageId)
        cmd8888.Connection = sqlConn8888
        sqlConn8888.Open()
        cmd8888.ExecuteNonQuery()
        sqlConn8888.Close()
    End Sub

Answer 4

User-1498408751 posted

This was a duplicate post of above

Answer 5

User-952121411 posted