Hi Nikolay
This is how i implemented security on my company
managment system i currently develloping. I
enable/disable buttons , Main menus and Context menus
based the user at form load.
As you know there's a collections of controls in each
form, buttons and menus are controls BUT context menus
are components and are not listed in the controls
collection. So i had to use system.reflection to do it.
Below is the procedure i use to browse buttons
Imports System.Reflection
Public Sub BrowseButtons(ByVal f As Form)
Dim MyForm As Type = f.GetType()
Dim Fields As FieldInfo() = MyForm.GetFields
(BindingFlags.Instance Or BindingFlags.NonPublic)
For Each Field As FieldInfo In Fields
If Field.FieldType.Name = "Button" Then
Dim obj As Button = DirectCast(Field.GetValue(f),
Button)
WorkerID = 80 '' i am the admin and have access
to everything
NomeForm = f.Name
Button_ = obj
ControlName = obj.Name
SaveButton() '' saves the button the table
End If
Next
End Sub
The BrowseContextMenus and BrowseMainMenus are similar.
I have a table with a entry for each buttons/menus with
the worker id. By default i have acess to everything and
the other no acess, so when i browse the controls i save
a entry in the table with my worker id, this way if i had
an new button or contextmenu item it will be saved next
time i run the application.
When the form loads i do :
BrowseButtons(me)
BrowseContextMenus(me)
BrowseMainMenus(me)
EnableButtons(me)
EnableContextMenus(me)
EnableMainMenus(me)
And below is a line of the sql table i use
80 FormEnc System.Windows.Forms.MenuItem,
Items.Count: 0, Text: Tradução das Preconizações
System.Windows.Forms.ContextMenu, Items.Count: 23
3942
Kind Regards
Jorge
-----Original Message-----
Hi everyone!
I am developing app, which should be used by users,
which are members ofdifferent groups.
These users and groups are stored in my SQL database and
are custom for myapplication, they are not Windows users.
Every user can be member of many groups.
What I need is a some kind of baseline, how to implement
security in my app,based on these users and groups.
By security I mean enabling and disabling different
functionality of my app,mosltly disabling controls.
Should I use some kind of ACL, or on every Form load
event I should enableor disable controls, based on the group membership of
user.Because I am a newbie, some source code will be helpfull.
TIA
.