Jasinski Technical Wiki

Navigation

Home Page
Index
All Pages

Quick Search
»
Advanced Search »

Contributor Links

Create a new Page
Administration
File Management
Login/Logout
Your Profile

Other Wiki Sections

Software

PoweredBy

MVC Template - ASP.NET MVC

RSS
Modified on Tue, Feb 19, 2013, 10:06 AM by Administrator Categorized as (drafts), ASP·NET MVC
This page is a Draft. Its content is not complete and might contain errors.

Table of Contents [Hide/Show]


Menu System

Menu Database Tables

Menu Database Tables


MenuItem Database Table

Column NameData TypeDescription
MenuItemIDint not null identity(1,1)Primary key for the table
DisplayTextvarchar(10) not nullText displayed to the user
Urlvarchar(300) nullThe URL to navigate to when the user clicks this menu item
ParentIDint nullMenuItemID of the parent menu item; if null, this item is a top-level item. Has foreign key against MenuItemID column.

MenuItemRole Database Table

A row exists in the MenuItemRole table for every MenuItem a specific role has access to.

Column NameData TypeDescription
MenuItemIDint not nullForeign key against MenuItem.MenuItemID
RoleIDuniqueidentifier not nullForeign key against aspnet_Roles.RoleID

Controller Inheritance Tree

Controller Inheritance Diagram

Controller Inheritance Diagram


BaseController Class

The BaseController class inherits from System.Web.Mvc.Controller class, and implements features common to all controllers in the site.

LoginController Class

The LoginController class inherits from BaseController and is used solely for security-related operations: logging in, logging out, changing your password, retrieving/resetting a forgotten password, impersonation, etc.

AuthorizedController Class

The AuthorizedController also inherits from the BaseController class and is used for all operations which the user needs to be authorized based solely on the URL requested. To this end, it is decorated with the AppAuthorize attribute.

DataAuthorizedController Class

The DataAuthorizedController class inherits from the AuthorizedController class. In additional to authorizing the user based on the URL requested, this class also implements a rudimentary data-driven authorization. For example, this could be used to prevent a sales manager from seeing an invoice from outside their sales region. This base class implements a single method: public abstract bool AuthorizeData(int), which is overridden in each derived class to indicate whether the current user has authorization to access the indicated data. For example, in an InvoiceController class, this might be implemented as public bool AuthorizeData(int invoiceID), which would implement whatever business rules are appropriate to determine whether the current user has authorization to accesss the indicated invoice.

AppAuthorizeAttribute Class

We use the AppAuthorizeAttribute class to implement authorization in two stages. Go here for details on implementing a custom AuthorizeAttribute class.

  • Knowing the URL requested and the identity of the current user, we query the MenuItem and MenuItemRole table via a stored procedure to determine whether the current user has access to the requested URL.

  • If the user has this authorization, and the controller in the current context inherits from DataAuthorizedController class, then the AuthorizeData method is called to determine if the user has data-driven authorization.

Other Features

  • Set landing page based on user role
  • Enable features based on user role
  • Enable/show page elements based on user role
  • Logging, including administration of logging level and viewing of system log
  • Exception handling
  Name Size
- InheritanceDiagram.png 6.67 KB
- MenuTables.png 4.61 KB

ScrewTurn Wiki version 3.0.1.400. Some of the icons created by FamFamFam. Except where noted, all contents Copyright © 1999-2018, Patrick Jasinski.