• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 222
  • Last Modified:

VB 2008 Manager application users permissions and roles design strategy

Hi All,

I'm doing a new application and need to be clear in my mind the options available in creating users,roles and permissions and assigning these to the users.

The application will be aa VB 2008 windows forms app with sql 2005 as the backend.

I'm planning to create a sql server login that will be used thrpught the application -and it will have the sysadmin role.
Then I will create tables for users,roles and permissions.
The permissions will be tagged to particular forms -for example Form1 has a Buttons to Add,Save,Delete and close.
Each of these buttons will be flagged in the permissions table together will all other controls in the applocation and if a user has permission to Save then the Save button will be active together with the other required controls.
Otherwise teh control is disabled.

I find this very manual and difficult to maintain.

Is there a more elegant way of doing this???

Thanks in advance.
0
Norman Maina
Asked:
Norman Maina
  • 3
  • 3
2 Solutions
 
CodeCruiserCommented:
That is how I did it in my app but my permissions were linked to objects. So if a user has the Create permission on Customer and we are on a new customer form then I would enable the save button.
0
 
CodeCruiserCommented:
There is an application which can do this for you but it costs money.
0
 
Norman MainaAuthor Commented:
Any other ideas?
0
Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

 
Norman MainaAuthor Commented:
No proper answer that answers the question asked.
0
 
CodeCruiserCommented:
What "answer" are you expecting? That is the way to do it. Sometimes things are harder to implement. If you do not want to do that then pay these guys

http://www.visual-guard.com/EN/net-powerbuilder-application-security-authentication-permission-access-control-rbac-articles/dotnet-security-article-ressources/role-based-access-control.php


And you still have not implemented it?
0
 
Norman MainaAuthor Commented:
Was actually looking of how to implement this using Code access security feature of the .net framework.

I did it the old fashioned way -not very impressive because it is very manual.(and to have to add licencing features to that is another nightmare)

But i have awarded points because your answer is also right.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Office 2010

This course will introduce you to the interfaces and features of Microsoft Office 2010 Word, Excel, PowerPoint, Outlook, and Access. You will learn about the features that are shared between all products in the Office suite, as well as the new features that are product specific.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now