I am building a subscription based web site, which currently has three subscription levels, i.e. Horses, Soccer, and Horses and Soccer. I was thinking of implementing standard role based authorization, where a Horses subscriber would get roles including those to use the H开发者_如何学运维orses section, etc.
Should I use a standard role provider, and when a member subscribes to the site, assign roles for his subscription to him, or use a hierarchical role provider, that when asked for the roles for a member, only then uses the member's subscription level to 'calculate' a set of roles for the member.
Approach 1 is more controlled and deterministic as opposed to approach 2.
It will depend on how many 'public' areas you have.. If there are manu public areas and roles apply only to chosen few content, I would go with option 2 otherwise option 1.
Seems to be aspnet roles and assing the roles seems like a good solution to me that requires minimal amount of code
精彩评论