Creating a global Application Permission class


I have been taxed by a problem that my brain refuses to process.

I am developing an Windows Forms application that consists of a number of forms, each allowing users to carry out specific tasks. I want to be able to restrict certain users to certain tasks ie Administrator - Can do everything, Secretary - Can only view, not delete etc.

I have a database structure which details what a certain type of user can do which tasks. I want to able to load these details into a class when the application loads and use properties of the class to enforce the restrictions throughout the application.

However, i cant seem to figure out the best approach to this. Can I use a global class in that is visible to all the forms? If so, how do you set a global variable in (that is visible across multiple forms).

Any better ways of doing this? I would be grateful for any useful links that can help me out with this dilemma.


Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Yes,YOU need to create a DLL and put it into GAC
There's numerous ways of doing this in detail, clearly depending on what's "behind the scenes" on your end. If you are using SQL-Server, you might want to setup role based security there and just query the current user's permission from there, acting accordingly on the form-level.
Whatever you actually have behind, you'll have just something that will serve as the container for storing the information on who is assigned which role. Hence, I'd suggest creating a class which you would then be using from every form that needs security-role dependent information in order to act accordingly (i.e. hiding certain menu-items, etc.). That class would then handle all requests such as querying the database to find out what role the user is in and return that information to the calling form.
You might either create a globally defined instance of that class or, better, make that class'es public methods be <shared> so that you don't need to create an instance at all. For the latter, use <private shared ...> variables that store the security-relevant information about a user and just return that to the caller. This way, information will only have to be queried once from the database.

Cheers & HTH,

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
are you referrring database operations for users? if so, is it varying on each form or it is globally unique across. And users means system users or your application users????
Introduction to Web Design

Develop a strong foundation and understanding of web design by learning HTML, CSS, and additional tools to help you develop your own website.

what I did what I have a all the user permissions searchs done in my globals.


public sub main()

connect to the database
query rights for a certain user
ex: select * from permissions where employee = '" & employee & "'"
then assign variable to the rights

end sub

so pretty much the user logs in then there login name is also in the database that has what they are allowed to do in it. so I take that name and query that. Then whatever they are allowed to do is pulled into variables and used throughout the program
put variables in the globals as public variablename as string, integer, etc

SlammingRumJosephAuthor Commented:
thanks for your help. I ended up using a <shared> class. I just need to ensure that I was doing this is in a good way.
Alright - let's see it then!
At least the very basic stuff, that is, depending on just how many lines your class actually contains. :-)

SlammingRumJosephAuthor Commented:
"I cant give you tab unless you order something."
Ahem - ?
Not being native to the English language I might just no have understood what you mean ..? :-)

I just interpreted your previous statement as in "OK, I got it now but am still uncertain whether it's actually OK". So, if you'd like us to check, we'll need the code.

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Visual Basic.NET

From novice to tech pro — start learning today.