Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
hdv212
Posting Yak Master
140 Posts |
 Posted - 2009-04-17 : 06:24:59
|
| Hii'm looking for any example or article about how to implement user-level security for mu application.my app scenario is :1. My app have some forms2. Users & Roles can define in app3. Each user must have a role4. Each role must have it's security level (i want in my app, admin can select a role and give a appropriate right on selected objects(forms) to that role)How to implement this ?A Good Idea : if u familiar with SharePoint, u saw, even users can assign a permission just for an specific Item! but don't know how to that.What table's are needed ?What data store in each table ?Which tables have relationship together ?any other idea would be great appreciated.Thanks |
|
|
whitefang
Enterprise-Level Plonker Who's Not Wrong
272 Posts |
Posted - 2009-04-17 : 07:21:03
|
| Tables needed: UsersRoles - Admin, Basic, Data, Backup - etcPermissions - Read, Write, Modify, Edit etcObjects - a record for each of your formsObjectsPermissionsForRoles - Which Forms have which permissions for which roles. You can also specify a user column and leave the role column NULL which would mean that this permission applies only to a specific user.There's also a .NET roles and membership engine built right on to the framework (if you're using .NET). You can use that, however, building your own provider might be better since it provides more control & flexibility. There's many ways to implement it, and the above is just one of the ways. The design above provides maximum control on each specific object. Instead of providing permissions for a role, it goes more detailed by providing permissions for a object for a role/user.It is also possible to enable a dynamic compiled permission engine. The engine compiles itself based on the rules in the DB tables, this would improve performance (you could alternatively cache it as well). |
 |
|
|
hdv212
Posting Yak Master
140 Posts |
Posted - 2009-04-17 : 08:20:50
|
| Thanks whitefangi've review and do something like this, but i'm confusing about it's architecture. can u give me an example or article to explain this ?Thanks |
|
|
|
whitefang
Enterprise-Level Plonker Who's Not Wrong
272 Posts |
|
|
hdv212
Posting Yak Master
140 Posts |
Posted - 2009-04-17 : 11:09:18
|
| after a lot of search, i define some tables which represent in this image :http://i44.tinypic.com/142v439.jpgas u can see in that image, my tables are these :Users : to define userRoles : to define roleUserRoles : store relationship between Users and Roles (which user member of which role)Rights : to define right (like Select,Insert,Update,Delete,Report, ...)Objects : to hold all objects(can be include database objects or application objects) which must be assign security level toPermissons : to hold which role on which object have which right.and now, i want to display this form and table to user :http://i42.tinypic.com/v75gzb.jpgin the form, admin can select a role from comboBox and set appropriate permission to an specific object,but i don't know how to query tables to display this table, and how to manage this data.i think the database design is correct but getting query is main problem, i want to manage security levels like second image.any help would be great appreciated. |
|
|
|
hdv212
Posting Yak Master
140 Posts |
Posted - 2009-04-17 : 16:01:38
|
| can anybody help me ?It's very Emergency. |
|
|
|
|
|
|
|
|
How to implement User-Level security in app ?
