0

I am trying to use ASP.NET membership and roles for my project and have been going through different articles, posts and SO to check if using it is a better option for me rather than hand coding the whole functionality from scratch. Yet after days of search I haven't yet figured out if its even possible for the following scenario.

  1. The users of my application have roles and they belong to a company as well. So, I would need to retrieve the company id for the user as soon as he/she logs in as I would need the company id on different pages to show the user his/her company specific data.
  2. Roles should be categorized. (i-e Application Admin, Company Admin, Company Users (Managers, front-desk etc). So when company admin assign roles to users, he/she could only assign Manager, front-desk etc and Not Application Admin. (I thought about adding another field to Roles table in order to categorize the roles but I don't know whether that would be a good or bad thing to do and how it will modify the behavior of membership controls)

Not exactly a question but I am rather seeking advice whether I should go for the ASP.NET Membership in this scenario

4

1 回答 1

1

writing from scratch is not recommended for what you want . you can handle your requirements using asp.net membership .

1- you can save user information in their profiles (company , name , ... ) or create another table to map users to companies.

2- for your second question ,you can create a separate class or method to handle the access.

something like below :

public IList<string> GetRolesUserCanAssign(string userRole)
{
    var roles  = new List<string>();

    if(userRole == "Manager" || userRole == "FrontDesk")
    {
        return roles;
    }

    roles.AddRange(new[]{"Manager" , "FrontDesk"});

    if(userRole == "CompanyAdmin")
    {
        return roles;
    }

    if(userRole == "ApplicationAdmin")
    {
        roles.Add("CompanyAdmin");
    }

    return roles;
}
于 2013-02-09T14:05:55.353 回答