Winforms role based security limitations

Posted by muhan on Stack Overflow See other posts from Stack Overflow or by muhan
Published on 2010-04-11T07:51:15Z Indexed on 2010/04/11 7:53 UTC
Read the original article Hit count: 830

Filed under:
|
|

I'm implementing role based security using Microsoft's membership and role provider.

The theoretical problem I'm having is that you implement a specific role on a method such as:

[PrincipalPermissionAttribute(SecurityAction.Demand, Role="Supervisor")]
private void someMethod() {}

What if at some point down the road, I don't want Supervisors to access someMethod() anymore?

Wouldn't I have to change the source code to make that change? Am I missing something?

It seems there has to be some way to abstract the relationship between the supervisors role and the method so I can create a way in the application to change this coupling of role permission to method.

Any insight or direction would be appreciated. Thank you.

© Stack Overflow or respective owner

Related posts about c#

Related posts about roleprovider