Non RBAC User Roles and Permissions System: checking the user's City_问答_开发者

Non RBAC User Roles and Permissions System: checking the user's City

开发者 https://www.devze.com 2022-12-30 22:46 出处：网络

We are currently designing a User Roles and Permissions System in our web application (ASP.NET), and it seems that we have several cases that do no fit within the classical Role-Based Access Control (

We are currently designing a User Roles and Permissions System in our web application (ASP.NET), and it seems that we have several cases that do no fit within the classical Role-Based Access Control (RBAC). I will post several questions, each devoted to a particular case, this being the first post.

We have the following case: not to allow a user view a certain page if the user lives in a particular city. This is a simple case that is coded in the following way:

if (User.City == “Moscow”)

// Allow the user to view the page.

else

// Do not allow the user to view this page.

Though this case is very simple and straightforward, it has nothing to do with the RBAC.

On StackOverflow, someone called this an Attribute-based Access Control.

开发者_JS百科

Under the classical RBAC, it seems that this case should be designed like this: introduce a permission “City where the person lives”, this permission will have a property City. Then create a role, add a permission of type “City = Moscow” to it and the assign the role to the user. Looks extremely cumbersome.

The question is whether it is acceptable to introduce such non-RBAC approaches to our permissions system – does that break the design or not?

This might seem a primitive question, but we found that most applications use pure RBAC, and we started to think that we might be doing something wrong.

Thank you.

This would be a nice case for an atribute based access control. However, if you don't mind looking at a PHP implementation, Zend Framework has a role based access control that uses assertions to solve more special cases:

http://framework.zend.com/manual/en/zend.acl.advanced.html

A standard rule would allow a role to do an action on a resource. A fourth parameter allows the rule only to apply when some condition is met. In pseudocode:

allow(member, view, page) // standard
allow(member, view, page, userLivesInMoscow) // assertion used

The assertion is an object that is passed the user. It has a method that checks whether the assertion is met:

interface Assertion
 bool public function assert()

class UserLivesIn implements Assertion
 public function UserLivesIn(User, City) ...
 // implementation of assert method comes here

This is a way of implementing what you need.