In this post I am going to explain the logic that I use to implement roles and permissions with ASP.NET MVC, for this, I have created 4 tables.
Database
- User: this table manages all the users of our system, and has a field called Rol_id, which refers to the following table.
- Role: it manages the roles that our systems will implement, eg: Super Administrator, Administrator, Moderator, Super User, etc.
- Permission: this table handles all the permissions that our business requires, eg: Can you create a new student? Can you view a student? Can you add a note to a student?
- PermissionDeniedByRol: this table works the other way around since the normal thing would be to assign permissions to a user, for me, a user has permission for everything, so it is easier to add the permissions to which they cannot implement. I do this because it is easier, otherwise, we would have to add all the available permissions and remove them.
MOdel Layer
In this layer what I have done is create a class called FrontUser, this class allows us to know which user is authenticated in our system and also implements a method to know if they have permission or not.
public class FrontUser
{
public static bool HasPermission (RolesPermisos value)
{
var user = FrontUser.Get ();
return! user.Rol.Permission.Where (x => x.PermissionID == value)
.Any ();
}
public static User Get ()
{
return new User (). Get (SessionHelper.GetUser ());
}
}
If you noticed, the HasPermission method does the reverse, if it is true it returns false, otherwise true. In addition, it receives an Enum as a parameter. WhyRead more
Top comments (0)