making a windowsapplication with different users with different privilegies, how can u do that? Lets say when exexuting the program a dialog box appears and asks for username and password. Depending on your priv you will be granted access only to spesific parts of the winapp. Any ideas?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
user auth and priv in a winapp
- Thread starter hedub
- Start date
You can assign each user a role, and then grant privleges to the role in your app.
If the user is an admin, they get full access. If they are a joe-schmoe user, they can't get into the more powerful areas.
Chip H.
If you want to get the best response to a question, please check out FAQ222-2244 first
If the user is an admin, they get full access. If they are a joe-schmoe user, they can't get into the more powerful areas.
Chip H.
If you want to get the best response to a question, please check out FAQ222-2244 first
The question you put here is not necessary related to C# or to .NET depending on what you mean by "be granted access only to spesific parts of the winapp".
Do you mean that depending on the user role:
- some forms are visible/invisible ?
- some menu items are disabled/enabled ?
- some controls on a form are enabled/disabled
-some data to be displayed in a DataGrid object , for example, is readonly ?
-some data from a given database could be viewed /modified by only some group of users ?
The solution is to define roles and profiles tables and also implement a way to identify at role /profile level the grants for each above item : forms, menus, controls , data etc.
Example: A form has three buttons: New, Delete, Close. When New is clicked a new record is added to a database. Before displaying the form , retrieve the role/profile of the user and make the New button invisible if the user is not granted with Insert.
-obislavu-
Do you mean that depending on the user role:
- some forms are visible/invisible ?
- some menu items are disabled/enabled ?
- some controls on a form are enabled/disabled
-some data to be displayed in a DataGrid object , for example, is readonly ?
-some data from a given database could be viewed /modified by only some group of users ?
The solution is to define roles and profiles tables and also implement a way to identify at role /profile level the grants for each above item : forms, menus, controls , data etc.
Example: A form has three buttons: New, Delete, Close. When New is clicked a new record is added to a database. Before displaying the form , retrieve the role/profile of the user and make the New button invisible if the user is not granted with Insert.
-obislavu-
- Thread starter
- #4
The thing is.. I have only one user with insert, update, delete etc on the sqlserver. So how can I implement 3 users with different privilegies? And yes I mean some forms are visible/unvisible, menu items which are enabled/disabled. Since I cant create more users on the db, then i have to implement them in the winapp.
First of all , the users of your winapp are not necessary the same users that could define define in the SQL Server.
You can add users in SQL as many as you want.
For example, you can define users that access only few objects of your database. This is a way to filter the access to the tables by only giving the access to a view object. The samething could be applied for stored procedures.
Secondly, the users of your application sign in using the Windows authentication user/password to access on their machine. Next , when they start your application, the first thing to do your app is to present a LogOnForm where an user is identified as user of your app by providing a name/password. You should have that stored in a database or somewhere else.
During the process identification , the user role and profile is also retrived from the Role table (table that you should design with users, rights etc...) and store its profile in the application for late use when the subsequent Forms and controls are displayed.
The connection string to access to the database is generally stored in the .exe.config and it could be the same for all the users that stats your app e.g. the one you said that already have and it is used as I said previously to connect to the databse and retrieve the user profile.
At this point the user profile is known and the application has to enable/disable/hide/notify controls depending on this profile.
-obislavu-
You can add users in SQL as many as you want.
For example, you can define users that access only few objects of your database. This is a way to filter the access to the tables by only giving the access to a view object. The samething could be applied for stored procedures.
Secondly, the users of your application sign in using the Windows authentication user/password to access on their machine. Next , when they start your application, the first thing to do your app is to present a LogOnForm where an user is identified as user of your app by providing a name/password. You should have that stored in a database or somewhere else.
During the process identification , the user role and profile is also retrived from the Role table (table that you should design with users, rights etc...) and store its profile in the application for late use when the subsequent Forms and controls are displayed.
The connection string to access to the database is generally stored in the .exe.config and it could be the same for all the users that stats your app e.g. the one you said that already have and it is used as I said previously to connect to the databse and retrieve the user profile.
At this point the user profile is known and the application has to enable/disable/hide/notify controls depending on this profile.
-obislavu-
- Status
Similar threads
- Locked
- Question
- Question
- Locked
- Question
- Locked
- Question
