如何保持客户数据的隔离 [英] How to keep customer data segregated
问题描述
作为简化示例,我有用户,产品和客户。允许用户访问某些产品和某些客户。
As a simplified example I have users, products and customers. Users are allowed access to certain products and to certain customers.
我使用edmx文件将我的SQL Server映射到我的代码,并使用linq获取数据。典型的查询可能如下所示:
I'm using an edmx-file to map my SQL Server to my code and get the data using linq. A typical query might look something like this:
from prod in ctx.Products
join userProduct in ctx.UserProduct
on prod.Id equals userProduct.ProductId
join user in ctx.UserProfile
on userProduct.UserId equals user.Id
where user.UserName == username // <-- username is a method parameter
select new Product
{
Id = prod.Id,
DisplayText = prod.UserFriendlyText
}
每当我需要数据库中的数据时,我必须将访问权限表加入EXCLUDE用户的数据无法访问。这意味着如果有人(最终会发生)会忘记加入访问表,用户将看到太多。有没有办法INCLUDE数据,所以如果我忘记访问表没有显示任何内容?
Every time I need data from the database I must join towards the access rights table to EXCLUDE data the user does not have access to. This means that if someone (and it will happen eventually) forget to join towards the access table a user will see too much. Is there a way to INCLUDE data instead so that if I forget the access tables nothing is shown?
我也一直在考虑将不同的客户分成不同的数据库他们的数据将永远不会相互关联,如果我在客户之间泄露数据,这将是一个小小的灾难。从同一客户的用户之间泄漏的产品是坏的,但并不重要。
I've also been thinking about separating the different customers into different databases as their data will never be related to each other and it will be a small disaster if I leak data between customers. Leaking products between users from the same customer is bad but not as critical.
如果重要的是我在C#MVC4 CQRS架构中,读写之间的最终一致性侧面。
If it matters I'm in a C# MVC4 CQRS architecture with eventual consistency between the read and write side.
我已经检查了堆栈溢出类似的问题,但我可以找到这是没有答案的:
I've checked stack overflow for similar questions but all I could find was this unanswered one:
- Access rules in CQRS read model
推荐答案
使用存储库模式,并强制您的Dev使用它来调用数据库?这将促进代码重用,并提高应用程序的可维护性。
How about using the Repository pattern, and forcing your Dev's to use it to make calls to the Database? This will promote code reuse and improve the maintainability of the app.
由于将从存储库中调用一个方法,您可以控制与数据库交互的代码,并强制执行一致性,以确保访问表为总是使用,并按照你的意愿使用。
Because a method will be called from the repository you can control the code that interacts with the database, and force consistency, that way you can make sure that the access table is always used, and used as you wish.
这篇关于如何保持客户数据的隔离的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
