How to check role of a user in different groups inside one application?

Mar 26, 2009 at 6:27 PM
In my website there are two types of registration, Individuals and Corporates.
Only Individuals are users and corporates are only contacts.
Now an Individual can have roles in one or more corporates.
My question is, how I can use NetSqlAzMan to check the access of the individual towards the corporate?

For example I would like when the user is authenticated, by calling some functions in NetSqlAzMan API, I know this user has admin role in corporate A and emploee role in corporate B.

Mar 27, 2009 at 8:27 AM


this is a typical profile info.

The fact that a user belongs to a Corporate A or B does not matter for the purposes of authorization in an application.

You could have 5 different applications.

What you have to do is ask what that user can do (as atomic operation) in the 5 different applications and then give that user permissions for the various operations.

The philosophy with which NetSqlAzMan works is based on which operations are authorized for a user and not the role of belonging, otherwise you are assuming that known the role, you already know what that role may take.

From that starting point, however if you need additional data profile, you can always use Attributes (in authorization, Store Groups, Application Groups, etc.).

For more info see the Guide (pdf) in attributes paragraph.