Virtually any application working with database includes such a subsystem.
Well-known User-Role-Permission model is extended in DataObjects.Net to more comprehensive Principal (User or Role) — Object — ACL — Permission model allowing to define and check instance-level permissions (~equal to row-level permissions, but with ACL inheritance support).
Support for ACL inheritance and possibility of using ACL objects in queries (for example, to retrieve only the entities that user is allowed to read) are features that make this solution really attractive — as far as we know, currently there are no alternative solutions joining the same level of flexibility and genericity.
← Go back