How should i organize authority code?

Posted by acidzombie24 on Stack Overflow See other posts from Stack Overflow or by acidzombie24
Published on 2010-03-15T03:01:27Z Indexed on 2010/03/15 3:09 UTC
Read the original article Hit count: 276

Filed under:

authorize

|

web-development

|

language-agnostic

|

design

I have users that fall into the following

Not logged in
Not Verified
Verified
Moderator
Admin

All code that only admin and moderators can access (like banning) is in ModeratorUser which inherits from verified which inherits from BaseUser. Some pages are accessible to all users such as public profiles. If a user is logged in he can leave a comment. To check this i use if (IsVerifiedUser). Now here is the problem. To avoid problems if a user is banned he is not recognized as a verified user. However in the rare case i need to know if he is verified i can use usertype & Verified.

Should i not be doing this? I have a bunch of code in my VerifiedUser class and find i am moving tons of it to BaseUser. Is this something i help because a not logged in user can access the page? Should i handle the ban user in a different way and allow IsVerifiedUser to be true even if the user is banned?

© Stack Overflow or respective owner

Related posts about authorize

Authorize.Net, Silent Posts, and URL Rewriting Don't Mix

as seen on Dot net Slackers - Search for 'Dot net Slackers'
The too long, didn't read synopsis: If you use Authorize.Net and its silent post feature and it stops working, make sure that if your website uses URL rewriting to strip or add a www to the domain name that the URL you specify for the silent post matches the URL rewriting rule because Authorize.Net's… >>> More
Magento - Authorize.net - Get Payment Update for expired transactions

as seen on Stack Overflow - Search for 'Stack Overflow'
Magento 1.6.1 I have set up Authorize.net (AIM) for the client's store. Previously they were using saved CC method and entering information manually in Authorize.net's merchant terminal. Most of it is working as expected, however for transactions that are flagged as 'Suspected Fraud' by Authorize… >>> More
Display action-specific authorisation message for [Authorize] attribute

as seen on Stack Overflow - Search for 'Stack Overflow'
Is there a way to display an action-specific authorisation message for when an [Authorize] or [Authorize(Roles="Administrator")] attribute redirects the user to the sign-in page? Ideally, [Authorize(Roles="Administrator", Message="I'm sorry Dave. I'm afraid I can't let you do that.")] public ActionResult… >>> More
CVV Code For Authorize.com using osCommerce

as seen on Pro Webmasters - Search for 'Pro Webmasters'
Hi I need to add a CVV code for verifying credit cards upon check out on my osCommerece shopping cart. I think this will involve a code for the authorize.net php and the checkout processing php but not sure. Found this great write up, but it is only for the authorize.net php and it doesn't create… >>> More
authorize.net SIM PCI compliance

as seen on Pro Webmasters - Search for 'Pro Webmasters'
Does anyone know if authorize.net's SIM rids you of having to be PCI compliant? The payment form is hosted on authorize.net's site and they're processing the payment. I know you can do a relay response which basically puts some of the transaction details in a url that goes back to your website(to… >>> More

Related posts about web-development

Web Development - How to Get Started in Web Development

as seen on Ezine Articles - Search for 'Ezine Articles'
11 years ago I purchased a book about basic HTML development. A purchase that would end up defining my entire professional career. I bought it because I wanted to create a web page for a school project. This was in the days of Geo city sites and it looked absolutely horrible. >>> More
PHP Web Development, Web Development Using PHP As an Open Source

as seen on Ezine Articles - Search for 'Ezine Articles'
PHP is a widely-used general-purpose scripting language that is especially suited for web development and can be embedded into HTML. PHP is the most famous language nowadays as it is an open source and web development requires no costs in implementation. >>> More
How to get full query string parameters not UrlDecoded

as seen on Developer IT - Search for 'Developer IT'
Introduction While developing Developer IT’s website, we came across a problem when the user search keywords containing special character like the plus ‘+’ char. We found it while looking for C++ in our search engine. The request parameter output in ASP.NET was “c “.… >>> More
Tracking download of non-html (like pdf) downloads with jQuery and Google Analytics

as seen on Developer IT - Search for 'Developer IT'
Hi folks, it’s been quite calm at Developer IT’s this summer since we were all involved in other projects, but we are slowly comming back. In this post, we will present a simple way of tracking files download with Google Analytics with the help of jQuery. We work for a client that offers… >>> More
What is the best .NET web development framework?

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm looking for a framework to simplify the creation of a website with social networking features and plenty of custom functionality. I'm quite keen to use an ORM like nHibernate or similar for data access. Would DotNetNuke be a good choice? Or are there other options which are better. Added: I'm… >>> More