In writing ASP.net projects often encounter the issue of Rights management, in general, is in every page to add permission control code, in fact, by writing a page base class (Pagebase), and then all the pages that need permission to inherit this class, in the pagebase ProcessRequest to add permission control code, then other child pages that inherit this class need not be written.
Since we can only get HttpContext information in the ProcessRequest method, how do we hook up with permissions? Each page is a class, and we can know the ID of the current lander (if the user logged in successfully, by User.Identity.Name ), then register the relationship between the user's ID and each page class that requires permission control to the database. In the verification of the time from the database to find whether there is permission, not once and for all!
Of course, you can also use the role and module functions, through the role of the user ID to determine whether the current user has the function of this module operation rights. (Design problem is not to say more, now only say principle)
Getting the class name for each child page is very simple, this. GetType (). The Basetype.fullname is done. To avoid duplication of class names, it is recommended that the class name be in full, that is, with the namespace.
The above treatment method is OK for the normal situation. But for a page is used by a number of different modules, but also need to determine whether the module has the right to the situation is another matter!
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
