We are in the process of migrating our current sites from ASP to ASP.NET and I would like to change the way our admin section is set up. This is the way we have it currently:
We have a table of Administrators that contains their names, etc and also contains their permissions to the various admin tasks. Each task has a bit field in the table and if the administrator can access that task then they get a 1 and if not then they get a 0.
The permissions are changed by either checking or unchecking a checkbox. When they login their permissions are read from the table and they are assigned a session variable that looks like this "YNNNNNNNNNNNNNNNNN", each Y stands for the tasks that they are allowed to perform.
The navigation is an included page which only displays the tasks that they have permissions to. Each page checks the location of it's "Y" against the session to validate the user like this:
if mid(permission,1,1) = "Y" then
if mid(session("permissions"),1,1) = "Y" then
I realize that this is a VERY poor way to set this up (I didn't create it) and I want to change this during our migration. Some of the tasks are divided up into sections and then the sections are divided up into categories. We want to change this so that the users who have permissions to tasks only have permissions to specific sections in those tasks if there are sections.
For example, if a user is supposed to manage the links for the General and Accounting sections then they shouldn't be able to see or change any links that belong to other sections.
Also, sometimes we have to add or remove sections or categories. We are thinking along the lines of having groups set up but there are only about 15 administrators right now and we are not sure how to go abou doing this.
Has anyone set something like this up before?
My question is: Can you tell me the BEST way to do this? We are using as MSSQL 7 DB
Thanks in advance,