I have already asked similar question before
I have basic user Roles:
-Admin
-Super User
-User
For this roles I manage site permission. Like adding new users or changing their profiles.
Also i have bunch of pages in my app, like
-Evaluation.aspx
-Action.aspx
-Properties.aspx
and so on. I want to be able to grant access to each page individually for each user.
I think about roles.
I add User to Evaluationrole and he can browse Evaluation.aspx.
Each page in this approach has it's own role-based access model. So I will have more roles in my membership provider.
-Evaluation
-Action
-Properties
Then I can easy set page access policy in web.config.
<location path="Users.aspx">
<system.web>
<authorization>
<allow roles="Admin, Super User"/>
<deny users="*" />
</authorization>
</system.web>
</location>
The problem is that aspnet_Roles in Membership provider becomes quit messy.
And I have to filter roles whenever I deal with them.
For example I have List<string> with user type roles:
private readonly List<string> UserTypeRoles = new List<string> {"Users", "Super User", "Admin"};
And when I want to bind CheckBoxList control with PagePermissionRoles I have to do smth like this:
private IEnumerable<string> UserSectionRolesGet(string userName)
{
return Roles.GetRolesForUser(userName).Except(UserTypeRoles);
}
Is there way to create 2 type of roles: UserTypeRoles and PagePermissionRole to provide separate storage and handling.
I don't really want to override existing build-in asp.net membership provider.
