How should i organize authority code?

Posted by acidzombie24 on Stack Overflow See other posts from Stack Overflow or by acidzombie24
Published on 2010-03-15T03:01:27Z Indexed on 2010/03/15 3:09 UTC
Read the original article Hit count: 296

I have users that fall into the following

  • Not logged in
  • Not Verified
  • Verified
  • Moderator
  • Admin

All code that only admin and moderators can access (like banning) is in ModeratorUser which inherits from verified which inherits from BaseUser. Some pages are accessible to all users such as public profiles. If a user is logged in he can leave a comment. To check this i use if (IsVerifiedUser). Now here is the problem. To avoid problems if a user is banned he is not recognized as a verified user. However in the rare case i need to know if he is verified i can use usertype & Verified.

Should i not be doing this? I have a bunch of code in my VerifiedUser class and find i am moving tons of it to BaseUser. Is this something i help because a not logged in user can access the page? Should i handle the ban user in a different way and allow IsVerifiedUser to be true even if the user is banned?

© Stack Overflow or respective owner

Related posts about authorize

Related posts about web-development