I’m developing a .NET windows application (c#) to keep some financial accounts for our customers. The people in my company will be in charge of registering all customer data but they must have different level access. So my question is, what is the best way to grant privileges to users? Let’s say some people will have permissions to modify some parameters and others won’t. I’m thinking about disabling some controls in the windows forms depending on level privileges but I think this is hardcoding.
What do you think is the best way to achieve this in order to keep performance and scalability?
You could play with Control’s to set User Privileges ,which i think is fine(i used sometimes to control that),getting User Right’s from a DataBase Server or a Service(Web or WCF).
You can make 2 Similar forms where First one is for Administrator and the Second is for the user where user has 2 or 3 button’s less than the Administrator,or you it can be a single Form where you can Hide or Show buttons and other Control’s through code validator’s.
Another way i would prefer is ,Engineering the Software module based.
Build as many DLL Modules as it is possible(it takes more time to code) and than Load or Unload and Validate the Desired Module to a desired User.
And maybe Validating each Method with a Boolean ,would be nice.