I am new to MVC ASP.Net. I need to create two admin roles in my MVC 5 EF 6 project. First role is Admin Role, which can able to access whole records. and another role is only to access the specific department records which the logged-in user belongs to. Please suggest the best way to accomplish this?
Asked
Active
Viewed 376 times
0
-
Are you using sql server as your database? – Scanner Nov 04 '15 at 09:48
1 Answers
0
In your database create a user table (i.e. named Users). Then insert staff details such as StaffNumber, WindowsLogon (if this is applicable), ForeName, Surname and AccessType (check the diagram below). Under AccessType declare your roles (i.e. AdminRole and AdminRole2). This allows your application to detect who the user is and what Admin Role they are.
StaffNumber WindowsLogon Forename Surename AccessType
12345 kesi_k kesi kesi AdminRole
In your controller is where you need to write your code for this all to take effect.
An alternative, depending on how many users you have, would be to get your system administrator to create ative directory groups, in your case you would need two. Then place users into one of the two groups. In your controller you would then make use of User.IsInRole in order to determine which user should see what you want. Hopefully the below links will be of some use to you.
