|
Subject:
|
Authentication and Role-Based Security
|
|
Posted By:
|
swandown
|
Post Date:
|
10/11/2004 4:07:49 PM
|
Hi,
I'm using Daniel Cazzulino's excellent book "Beginning C# Web Applications with Visual Studio .NET". In his example in chapter 10 he creates a GenericPrincipal containg the role of a user (which will later show or hide a link to an admin page). Here is a code snippet :
ConfigurationSettings.AppSettings["cnFriends.ConnectionString"]);
sql = "SELECT IsAdministrator FROM [User] WHERE UserId='{0}'";
sql = String.Format(sql, id);
cmd = new SqlCommand(sql, con);
con.Open();
object admin = cmd.ExecuteScalar();
// Was it a valid UserID?
if (admin != null)
{
GenericPrincipal ppal;
string[] roles;
// If IsAdministrator field is true, add both roles
if (((bool)admin) == true)
{
roles = new string[] {"User", "Admin"};
}
else
{
roles = new string[] {"User"};
........
his role is stored as a boolean and inspected as such. But I have several roles which are probably better stored as int. Has anybody got any advice how I might achieve this? Something like :
int admin = cmd.ExecuteScalar();
.....
if (admin == 1){roles = new string[] {"User", "Approver","Admin"};}
elsif (admin == 2){roles = new string[] {"User", "Approver"};}
else {roles = new string[] {"User"};}
Maybe??
|
|
