Hello (again)
I need to grant access to entities in my system to specific users.
For example, for a given project there will be a owner that is allowed to delete the project, there will be a cleark that can do some operations and there will be a manager that will be able to view the content of all projects.
The manager is OK as it's granted as a regular userrole, si U just grant read access to all users in role "Manager".
However, the other rights is given pr. project/user, not just pr. user.
To solve this I have a access list (role list) connected to the project so that users may be granted special project roles. I think this is the (only?) way to solve this.
My problem now is that I'm having a bit of difficulties finding a logical and resonable way of accessing and checking the users role for the project.
The solution I'm currently is leaning towards is to create a ProjectAuthorizationRules that has a project paramenter in the constructor. I will then modify the ApplicationContext.User call to use a ProjectPrincipal that extends the user and holds all the users roles and all project roles that the user is granted trough the project.
Does this sound like a resonable solution?
regards, TEK
Copyright (c) Marimer LLC