通过将成员资格表链接到应用程序表来处理用户权限 [英] Handling User Permissions by Linking Membership tables to Application Tables

问题描述

我有一个简单的ASP.NET MVC 3应用程序.我有为该应用程序设计的数据库，该数据库与域模型相对应(在App.Domain程序集中).
我自动生成了Application Services Membership表，并将它们添加到了应用程序数据库中.成员资格创建工作正常.
我创建了一个权限"表，该表具有一个复合PK，它由UserId(来自自动生成的aspnet_Users表)和ContentId(来自包含应用程序内容的Content表)组成.
这个想法是允许用户为他们创建的内容分配权限给其他用户.
我的计划是将逻辑放入控制器中，例如:

I have a simple ASP.NET MVC 3 application. I have the database I designed for the application, which corresponds to a domain model (in an App.Domain assembly).
I auto-generated the Application Services Membership tables and added them to the application database. Membership creation is working fine.
I created a ''Permission'' table which has a composite PK made up of UserId (from the auto-generated aspnet_Users table) and ContentId (from the Content table holding the application content).
The idea is to allow users to allocate permissions to other users for the content they create.
My plan is to then place logic in the Controllers that goes something like:

Guid currentUser = (Guid)Membership.GetUser().ProviderUserKey;
int[] accessible = (from p in context.Permissions
                             where p.UserId == currentUser
                             select p.ContentId).toArray();

然后，获取当前用户的内容，如下所示:

Then to get the content for the current user, something like this:

IEnumerable<content> content = context.Content
                .Where(x => x.PublicAccess < 3 || accessible.Contains(x.ContentId));</content>

如果我有任何道理，谁能告诉我这是否是处理用户定义的权限的正常方法.
另外，此代码不起作用，因为它不会将linq强制转换为int [].

If I have made any sense, can anyone tell me if this is a normal way to handle user defined permissions.
Also, this code doesn''t work because it won''t cast the linq to an int[]. Any help with that?

推荐答案

我认为这是处理您要尝试执行的操作的可接受方法.尝试使用列表而不是数组可以解决您的问题.请参见下面的示例代码.

I think that is an acceptable way to handle what you are trying to do. Try using a list instead of an array it may fix your problem. See example code below.

List<int> accessible = (from p in context.Permissions
                             where p.UserId == currentUser
                             select p.ContentId).toList();</int>

这篇关于通过将成员资格表链接到应用程序表来处理用户权限的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！