Jan 23rd, 2006, 05:37 PM
A unique approach to a unique problem. Need help with Acegi implementation.
I have a requirement for which I have a theoretical solution but need help using Acegi for the implementation. Here goes..
In my system Managers can manage a Seminar or an Exhibition.
There are many Seminars and Exhibitions managed in the System.
If you are managing a Seminar you may be allowed to do the following things with respect to that Seminar only:
S1. Invite a guest via email
S2. Cancel guests from guest list
If you are managing an Exhibition you may be allowed to do the following things with respect to that Exhibition only:
E1. Invite participant via email
E2.Cancel a participant from list
The MAJOR requirement of the System is to grant managers of Seminars the permission to perform tasks (i.e. S1, S2) on a per Seminar basis. Similarly managers of Exhibitions must be granted permission to perform tasks (E1 and E2) on a per Exhibition basis.
Let us assume that there are two people John and Bob. Here is a table explaining what they can do per Seminar or Exhibition.
Person Seminar/Exhibition Tasks the person can perform
Bob Seminar 1 S1, S2
Bob Seminar 2 S1
Bob Exhibition 1 E1
Bob Exhibition 2 E1, E2
John Seminar 1 S1
John Seminar 2 S1, S2
John Exhibition 1 E1, E2
John Exhibition 2 E1
I am introducing the concept of FeatureAccess as the ability to do something in a particular Seminar or Exhibition.
Therefore the following FeatureAccess instances exist:
Seminar1 – S1
Seminar1 – S2
Seminar2 – S1
Seminar2 – S2
Exhibition1 – E1
Exhibition1 – E2
Exhibition2 – E1
Exhibition2 – E2
For each of these there will be an Access List as follows:
Seminar1 – S1 --> Bob, John
Seminar1 – S2 --> Bob
Seminar2 – S1 --> Bob, John
Seminar2 – S2 --> John
Exhibition1 – E1 --> Bob, John
Exhibition1 – E2 --> John
Exhibition2 – E1 --> Bob, John
Exhibition2 – E2 --> Bob
QUESTION> How can I use Acegi to implement this? Please note that the list S1, S2 … Sn is likely to grow and the solution must be scalable.
I do have an approach in mind but I’m not particularly proud of it, and therefore will discuss it in the future if necessary. Currently looking for a best-practice if one exists.
Any feedback is most appreciated. Thank you in advance.
Jan 25th, 2006, 09:32 PM
Have you had a look at the Contacts sample, and the reference guide for a discussion on using the ACL capabilities of Acegi Security? The ACL functions will do what you need them to.