Click here to Skip to main content
12,398,537 members (58,455 online)
Rate this:
 
Please Sign up or sign in to vote.
See more: VB ASP.NET VB.NET
i have some delete edit search update functions in my web application in asp.net using vb..
i want that only administrator can edit update add and delete user can only view and search ..
how i can do this ..
share info or link ..
thanks in advance
Posted 15-Nov-12 0:43am

1 solution

Rate this: bad
 
good
Please Sign up or sign in to vote.

Solution 1

I suggest you set up a user permissions table or add a column called sql permissions to your user table.

1. The column should be a string
2. The string should have all the right that the user has on the DB
3. The user rights should be loaded with the user login
4. The string shoul look like this "U" Update, "S" Select, "I" Insert, "D" Delete and you create combinations of these strings "SI" Select and Insert or "SU" Select and Update or "SUID" All roles

All it takes is for you to look up the string a do an if test before you run a query i.e. if( mypermisionsstring.Indexof("D")>0) or if( mypermisionsstring.Indexof("U")>0)to see if a user can delete or update before you run your query.
  Permalink  
v2

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month


Advertise | Privacy | Mobile
Web02 | 2.8.160721.1 | Last Updated 15 Nov 2012
Copyright © CodeProject, 1999-2016
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100