Hi I need to create a flexible authorisation situation to cover four levels of users and then to specify which users have what access.
ie. High Level User has access to all
Medium Level will have access to what the High Level User deems appropriate. on an object by object basis.
Low Level will also have the access given by the High Level User.
I was thinking of having a grid of the sections and stating the minimum level required to access. L, M or H. The idea I had was an algorithm eg. UL 3 > 2 Minimum
This will be set by the users. But how to code the business objects for this variable arrangement.
Any suggestions welcomed
Ellie
Remember that your objects set up their authorization in AddAuthorizationRules(). The methods called in that method are string based, specifically so you can easily make that code data-driven.
In other words, you can store the object-role metadata in a database, and then use that metadata in AddAuthorizationRules() to specify the roles that can act on each of your objects and their properties.
Copyright (c) Marimer LLC