Please can someone tell me the best way to resolve my user access query. Im developing a HR database application where users login to view the details. However I want to be able to give each user different access for different departments and levels depending on what their job is in the company.

What is the best way to do this The user logons are stored in a database along with details of which employees they have access to e.g. warehouse staff and team capains.

Any help would be great


Re: Visual C# General Security for a windows application

H. Tony

you can simply enable/disable (enable), hide/show (visible) certain controls based on the logged in credential.

e.g. you can create a role enum class and based on the user login info to assign different value and switch view like what I said based on role value.

Re: Visual C# General Security for a windows application


In order to implement an "Authorization" architecture you'll have to consider (and do) a couple of things:

- Do you want to restrict the UI
- Do you want to restrict the use of Services/Endpoints (or individual methods on these)
- Do you want to restrict the access to the database

In most situations you would setup a "Role-Based Access Control" system (search the web for RBAC). Anyway, to perform the mapping of user to group, and of group to operation you would probably use something like AzMan . Now all you have to do is make sure that the controls are not visible ( restrict ui), that methods can't be called ( eg: implement a RolePermissionAttribute) or use the database access control system to limit access to the stored procedures (not recommended).