How should I handle this user authorization puzzle?
Posted: Tue Feb 27, 2007 4:22 pm
The project I am working on consists of product, orders, customers and the like.
Products, orders, and customers all belong to specific clients.
Clients all have logins, and there are also different levels of manager login. Administrators can have access to everything, plant managers can have access to only the clients in their warehouse, and clients can only have access to their own stuff.
So if someone tries to view order detail, edit customer record, or view a list of products, it should work like
If admin then show it to them
If they are a plant manager get all the clients at the warehouse and limit stuff to those clients
If they are a client then make sure the record(s) belongs to their clientID
So the logic above really isn't that hard. The question is at what spot in my code do I put it? I have everything represented by classes and there is a lot of querying and the like that goes on. I think I would like it to throw an exception if they are not allowed.
A. I could build this into my classes and pass a clientID or loginID to every method or object instantiation.
B. At the controller level I can check the access using an authorization object. But we are talking about putting this thing all over the place and then having to make sure we call it for any orderIDs, or productIDs, or whatever is passed in GET or POST. This would result in extra queries as well and probably missed checks.
C. Have the class methods retrieve the loginID or clientID from the framework.
D. Any other ideas?
Products, orders, and customers all belong to specific clients.
Clients all have logins, and there are also different levels of manager login. Administrators can have access to everything, plant managers can have access to only the clients in their warehouse, and clients can only have access to their own stuff.
So if someone tries to view order detail, edit customer record, or view a list of products, it should work like
If admin then show it to them
If they are a plant manager get all the clients at the warehouse and limit stuff to those clients
If they are a client then make sure the record(s) belongs to their clientID
So the logic above really isn't that hard. The question is at what spot in my code do I put it? I have everything represented by classes and there is a lot of querying and the like that goes on. I think I would like it to throw an exception if they are not allowed.
A. I could build this into my classes and pass a clientID or loginID to every method or object instantiation.
B. At the controller level I can check the access using an authorization object. But we are talking about putting this thing all over the place and then having to make sure we call it for any orderIDs, or productIDs, or whatever is passed in GET or POST. This would result in extra queries as well and probably missed checks.
C. Have the class methods retrieve the loginID or clientID from the framework.
D. Any other ideas?
