Click here to Skip to main content
11,436,179 members (66,797 online)
Rate this: bad
good
Please Sign up or sign in to vote.
See more: ASP.NET VB.NET
i have some delete edit search update functions in my web application in asp.net using vb..
i want that only administrator can edit update add and delete user can only view and search ..
how i can do this ..
share info or link ..
thanks in advance
Posted 15-Nov-12 1:43am

1 solution

Rate this: bad
good
Please Sign up or sign in to vote.

Solution 1

I suggest you set up a user permissions table or add a column called sql permissions to your user table.

1. The column should be a string
2. The string should have all the right that the user has on the DB
3. The user rights should be loaded with the user login
4. The string shoul look like this "U" Update, "S" Select, "I" Insert, "D" Delete and you create combinations of these strings "SI" Select and Insert or "SU" Select and Update or "SUID" All roles

All it takes is for you to look up the string a do an if test before you run a query i.e. if( mypermisionsstring.Indexof("D")>0) or if( mypermisionsstring.Indexof("U")>0)to see if a user can delete or update before you run your query.
  Permalink  
v2

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



Advertise | Privacy | Mobile
Web03 | 2.8.150428.2 | Last Updated 15 Nov 2012
Copyright © CodeProject, 1999-2015
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100