locked
generic way to apply action-level-security based on aspnet_Roles RRS feed

  • Question

  • User-1614457691 posted

    All --

    Please help.

    I need to figure out a generic way to apply action-level-security based on aspnet_Roles.

    I think that can be done in the templates, showing/hiding screen elements based on run-time security checks.

    The operative goal is to provide security such as "RoleA can create/read/update/delete, RoleB can create/read/update, RoleC can create/read, RoleD can read, etc, where the scenario might be either "User1 can belong to exactly one group" or "User1 can belong to one or more groups where permissions are hierarchical such that highest permission wins".

    What do you think?

    Please advise.

    Thank you.

    -- Mark Kamoski

    Tuesday, August 26, 2008 7:26 AM

Answers

  • User1641955678 posted

    Hi Mark, 

    Steve Naughton has written a great series of blog posts on doing something like this.  Check it out here.

    thanks,
    David

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, August 26, 2008 11:30 AM