I have been learning MVC and don't like a certain flaw that exists.
I understand that you create ModelViews that represent the data on the view.
I understand that you can create a model to mimic your domain objects, or not.
But how do you prevent someone from injecting form elements, updating properties on the model view that they should NOT be able to update?
Think of the following situation:
There are three users who have access to update a certain customer record.
They use three different views.
Person 1 has access to update FirstName, LastName
Person 2 has access to update FirstName, CompanyName
Person 3 has access to update LastName, CompanyName, AccessLevel
How do you properly build this so that you don't end up with an overwhelming amount of models mimicing domain objects, while still preventing them from updating objects they arn't supposed to have access to?
The best thing so far I can come up with is defining input models and map them to the domain object in the controller.
ActionResult (UpdateCustomer uc)
DomainCustomer c = _service.GetCustomer(c.CustomerID);