locked
Lightswitch design pattern integrating asp membership user and roles into queries RRS feed

  • Question

  • I am currently building an application in Lightswitch 2013 and one of my key requirements is to implement row level security so that only members of certain roles have access to assigned rows of a specific tables.

    As lightswitch implements asp_membership it seemed to make good sense to implement this using the users, roles and role objects provided by the ASP membership capabilities. Therefore I set up WCF RIA services to expose these objects (user, Role, role membership) however this is proving to be very difficult as Roles are implemented quite differently to users (getallroles only returns a text list). I figure I have 3 options:

    1. Implement my own Userdetails, Role and role membership tables and associated management screens
    2. Update the WCF RIA services to access the asp membership tables directly (read-only)
    3. Do what everyone else does.

    It only makes sense to doe 3 - use a standard design pattern for this problem. I cant imagine I am the only one who has asked this question. Does anyone have a suggestion as to the most appropriate approach?

    Thanks

    Adam

    Wednesday, February 19, 2014 12:23 PM

Answers

  • LightSwitch has fully build support for row level security: permissions.


    paul van bladel

    • Marked as answer by Angie Xu Monday, March 3, 2014 1:46 AM
    Wednesday, February 19, 2014 7:49 PM