Defining Roles in one place?

We are building a web site that use declaritive security at the business level. So we currently have attributes similiar to the following on our business methods:
[PrincipalPermissionAttribute( SecurityAction.Demand,Role="Save Customer" )]

I was worried about the hardcoded role strings throughout the app, so I defined a series of static strings that define all the Roles. These strings would then be used in the attributes so it would be impossible to make a typo.

Something like:

public sealed class Role

{

public const string SaveCustomer = "Save Customer";

// private constructor here

}

then you can do things like:

[PrincipalPermissionAttribute( SecurityAction.Demand,Role=Role.SaveCustomer )]

Without getting complicated (custom attributes) I couldn't find a way to enforce that our developers use the Role constants at compile time, but as long as we check that in code review this will be a better solution than the hardcoded strings.

Ted

Published 08 July 2003 09:43 AM by Ted_Graham

Filed under: .NET best practices

Comments

# Robert Hurlbut said on 08 July, 2003 02:12 PM: Just an idea/suggestion, but you may be able to set up a custom rule in FxCop to look for hard-coded strings assigned with this attribute.

Title (required)
Name (required)
Your URL (optional)
Comments (required)
Remember Me?

Search

This Blog

News

Does your software project need an expert code review? In addition to maintaining this blog, I'm one of the founders of CodeReviewers, a community of experts who believe in the power of peer reviews.

Ted Graham on .NET

Defining Roles in one place?

Comments

Leave a Comment

Search

This Blog

News

Tags

Navigation

Archives

Syndication