Structure for user Access Rights??
this is a general 'how to' question rather than needing a specific code related anwser, unless it is needed!!
I'm wondering how to code user access rights - striping this right back
I have a program which requires user to login.
Once they are logged in they may have full access (admin) or restrictive access to only certian menus / windows forms depending on their security profile.
the question is how is a security profile is implemented i.e. what is the commerical design structure for coding access rights?
I can think of a long way but there must be a quicker / more effective way than this.
create a table in a database which has lots of rows which contain boolean data i.e.
Access Rights Table
User_Id Main_Menu1 Main_Menu2 Win_Form1 Win_Form2 Win_Form3
Row 1 ADMIN TRUE TRUE TRUE TRUE TRUE
Row 2 001 TRUE FALSE TRUE FALSE FALSE
Row 3 002 TRUE TRUE FALSE TRUE TRUE
so when the program is loaded these values for the user are pulled into a class and held in variable which can then be check to display / load up particular items / win forms?
IF (UserSecProfiles.Win_Form1() == TRUE)
MessageBox.Show("You do not have sufficent Access Right to view this.");
As you can see this table will very quickly get very long with all the columns needed. is there a different way to do this but still using a database?
I would not really want to use an xml file becuase of security issue etc.