Products

Solutions

Resources

Partners

Community

Blog

About

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen

HomeHomeOur CommunityOur CommunityGeneral Discuss...General Discuss...Security - Authorization ScopeSecurity - Authorization Scope
Previous
 
Next
New Post
12/28/2008 9:41 AM
 

I am new to DNN and am looking for how one sets up authorization scope (not page, module or resource-related authorization).  In the applications I have developed over the years I have found most security issues are related to limit different users to different instances of the same objects.  For example to limit sales people to customers within specific territories, or product managers to only products in their product lines or managers only to their employees, etc.  Other categories include limiting user editing rights only to content they have authoried or someone in their group has created, etc.

I can't imagine a framework without this functionality, but I can't find it (this is my first experience with a framework I didn't develop myself so maybe my expectations are naive, but I hope not - the open source idea sure beats doing everything yourself).

I am also looking for field-level authorization for forms and content presentation (e.g., certain roles can see salary or cost and others don't see this column, etc.).

If it is not built in, are there any commercial modules that cover these functionalities?  If not, are any others of you working on or interested in generic solutions to this issue?

I am also relatively new to .Net.  Is this perhaps a .Net thing?  Is anyone aware of other forums in the .Net world that disucss this issue?

Thanks in advance for any info.

 
New Post
12/29/2008 5:37 AM
 

if you need data-related permissions or field-level permissions, this needs to be implemented within the modules. As you already pointed out, this may be based on categories or regions, depending on the use case, and I am not aware of a general model for this.


Cheers from Germany,
Sebastian Leupold

dnnWerk - The DotNetNuke Experts   German Spoken DotNetNuke User Group

Speed up your DNN Websites with TurboDNN
 
Previous
 
Next
HomeHomeOur CommunityOur CommunityGeneral Discuss...General Discuss...Security - Authorization ScopeSecurity - Authorization Scope


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out