Winforms role based security limitations
Posted
by muhan
on Stack Overflow
See other posts from Stack Overflow
or by muhan
Published on 2010-04-11T07:51:15Z
Indexed on
2010/04/11
7:53 UTC
Read the original article
Hit count: 830
I'm implementing role based security using Microsoft's membership and role provider.
The theoretical problem I'm having is that you implement a specific role on a method such as:
[PrincipalPermissionAttribute(SecurityAction.Demand, Role="Supervisor")]
private void someMethod() {}
What if at some point down the road, I don't want Supervisors to access someMethod() anymore?
Wouldn't I have to change the source code to make that change? Am I missing something?
It seems there has to be some way to abstract the relationship between the supervisors role and the method so I can create a way in the application to change this coupling of role permission to method.
Any insight or direction would be appreciated. Thank you.
© Stack Overflow or respective owner