I have a ListItem (Sharepoint), but lets think of it as a simple class/entity. Now this entity has a property name Status and other properties.
I need to implement per property/role/status authorization.
Example:
Role = Manager, Field=RequestName, Status=01
Permissions: Read, Update
Role = Manager, Field=RequestName, Status=05
Permissions: Read
As you can see the authorization i basically based on 3 variables: Role, Status, Property
Now, i need in UI to disable/hide some controls based on the fact that a user can see it, or edit it. This can be done easily with a couple of sql tables and some joins.
Given that the entity could have 30-100 Properties, and i need to know whenever to disable/hide controls in UI.
What do you think it would be the best approach:
-
query the database 30 times and find if the user can read a
certain property -
load permissions for all fields given Role and Status, loop in
memory over the collection and get current field permissions.
I’m interested in performance/memory balance. I’m also opened to other authorization algorithms giving that the 3 variables (Role/Status/Property) decide permissions.
Thank you
Keeping 100 small objects in a simple in-memory list is easy and fast. If the property names are unique, you can use an indexed collection, which is even faster.
If they’re not being updated constantly there’s no reason to query the database.