In part 1 of this series, we described a way to simplify our code to abstract some of the role-based implementation which the ASP.Net Memberships & Roles gives us.
In this part, we will explore the extensions needed in the SQL Server database to have additional table which will help store the data needed to implement this concept.
The Data Model Changes
The above diagram shows the extension needed to the data model to support the additional functionality.
This is a master table of all the access points defined in the application (by ApplicationId). The “Value” column can store any value associated with that Access Point.
We will see the use of this field in a future article where we will explore some of the advanced techniques of Access Points
This is a simple Role to Access Point mapping table. Using this table we will be able to link a Role to one or more Access Points.
The “Value” column is present here to override the default value in the aspnet_AccessPoints table with a different value for a specified Role
This is a table which maps the users to Access Points. We will use this table to grant special permissions to a single user.
For example: Consider a situation where all users in role “Editor” should be able to edit articles on your blog, but for use John Doe, who is in the Editor role, also need permission to approve comments.
Usually, we will create a different role for this & assign John Doe to that role.
But in the Access Point implementation, we will use this table & have an entry to map John to that Access Point.
The “Value” column in this table is used to override those of the aspnet_AccessPoints and aspnet_RoleHavingAccessPoints table values. In effect, you can give specific values to Access Points at a user, role or Access Point level with the same order of priority.
With these changes in place, we are now ready to start writing some code to expose this functionality & start seeing some benefits of this technique. We will cover this in part 3 of this series.
All articles of this series:
- Part 1 – an introduction to the Access Point concept
- Part 2 – database changes needed to enable Access Points
- Part 3 – code to enhance the ASP.Net Memberships and Roles
- Part 4 – some common usage patterns and advantages
- Part 5 – a simple UI implementation to show use of Access Points
- Part 6 – an admin console to manage Access Points