Best granular approach for right management

Feb 19, 2010 at 9:35 PM

Hi  Matt,

My JqGrid project is going to second phase.

I am trying to find the best approach to implement user rights on CRUD. I did previously override some methods and provided messaging. But, now I need to refine it to user type: super user ,table admin, table user.

Moreover, right now I provide error validation from the controllers. I could probably put some authorization tags on top of it, but I would certainly choose the an approach that would facilitate validation, right management and unit testing.

Thanks,

Claude

[AcceptVerbs(HttpVerbs.Post)]
        public override ActionResult Create(GlobalApproval item)
        {

            // Validation logic
            if (item.Product == "--Choose One--")
                ModelState.AddModelError("product", "Specify a Product.");
            if (item.Product == "--Choose One--")
                ModelState.AddModelError("Interface", "Specify an Interface type.");
            if (item.ApprovalDesignation.Trim().Length == 0)
                ModelState.AddModelError("ApprovalDesignation", "Specify an Approval Designation");

            if (!ModelState.IsValid)
                return View(item);

            // Database logic
            try
            {
                CreateItem(item);
                ViewData["Success"] = "<ul class='success'><li>Successfully Created</li></ul>";
                return View(item);
            }
            catch
            {
                return View();
            }
        }

public override ActionResult Delete(int id)
        {
            try
            {
                TempData["Message"] = "Delete not allowed";
                return RedirectToAction("Index");
            }
            catch
            {
                TempData["Message"] = "An error has occured";
                return Index();
            }
        }

[AcceptVerbs(HttpVerbs.Post)]
        public override ActionResult Create(GlobalApproval item)
        {

            // Validation logic
            if (item.Product == "--Choose One--")
                ModelState.AddModelError("product", "Specify a Product.");
            if (item.Product == "--Choose One--")
                ModelState.AddModelError("Interface", "Specify an Interface type.");
            if (item.ApprovalDesignation.Trim().Length == 0)
                ModelState.AddModelError("ApprovalDesignation", "Specify an Approval Designation");

            if (!ModelState.IsValid)
                return View(item);

            // Database logic
            try
            {
                CreateItem(item);
                ViewData["Success"] = "<ul class='success'><li>Successfully Created</li></ul>";
                return View(item);
            }
            catch
            {
                return View();
            }
        }