What's The Best Way To Implement Different Views For A Website Based On Role?

- 1 answer

In ASP.NET what's the best way to do the following:

  1. Show certain controls based on your rights?
  2. For a gridview control, how do you show certain columns based on your role?

I'm thinking for number 2, have the data come from a role specific view on the database.



Instead of actually using roles to hide/show certain controls, I would suggest having another layer of permissions for each role and show/hide based on those instead.

That way you can redefine what permissions a role has and won't have to change your code.

Also, this allows you to make new roles in the future and just assign a set of permissions to the role.

As for controls, yes... I would just set the Visible property on the control based on the user.IsInRole("permissionname") value.

For grids I would do the same... set the Visibility of the columns to the IsInRole boolean value.

//Delete Icon Column
gridViewContacts.Columns[0].Visible = user.IsInRole("DeleteAnyContact"); 

I would make create your permissions in a very granular nature.. such as

  • ViewAnyContact
  • ViewOwnContact
  • EditOwnContact
  • EditAnyContact
  • AddAnyContact
  • DeleteOwnContact
  • DeleteAnyContact
  • Etc...