Create Custom Permission in Object Level

Download CustomPermission.zip

Introduction

This is a Custom permission control in object level that controls users access to object in pages!
In this project I use Linq to EntityFramework. 

You just need to add permissions to Roles and add Roles To users ,

And in your pages just use this class, this is a code sample of how it works:

btn1.Visible = PermissionControl.CheckPermission("Install");
btn2.Visible = PermissionControl.CheckPermission("UnInstall");

Custom Permission Tables:

In Custom Permission DataBase we Have 5 Table: 

 1-Users: Store user info. 

 2-Roles : Store Roles.

 3-Permission: Store permissions and have 2two name for permission  first is Permission Title For Showing to The users and second is Constant name for Use in Coding Like preview code snippet. 

 4-Users Roles: Store The Roles Of users Because each user can have more than one Role.

 5-Role Permissions:Store Permissions For every Roles.   

Using the code

In this chapter I will Explain How It works:  

First Of All You Create two instance of these collections:

private static readonly HttpSessionState Session = HttpContext.Current.Session;
private static readonly HttpApplicationState Application = HttpContext.Current.Application;

Session is for each user and application is for all current users.
We go forward and you will understand The reason of This code snippet.

Then you make a method Named CheckPermission that only you need to pass
PermissionConstantName of Permissions to this Method:

public static bool CheckPermission(string PermissionConstantName)
<pre>{ 
    bool result = false; 
    // Is current visitor logged in?
    if (!HttpContext.Current.User.Identity.IsAuthenticated)
    { 
        return false;
    } 
    string Username = HttpContext.Current.User.Identity.Name; 
    //if in user permissions you make changes, you have to clear his permission list
    if (Application["AffectedUsers"] != null)
    { 
        var AffectedUsers = (List<string>) Application["AffectedUsers"];
        if (AffectedUsers.Contains(Username))
        {
            Session["PermissionList"] = null;
            AffectedUsers.Remove(Username);
            Application["AffectedUsers"] = AffectedUsers;
        } 
    } 
    Users CurrentUser = 
        (from user in DataContext.Context.Users where user.Username == Username select user).
            SingleOrDefault(); 
    //return True because SuperAdmin has all the permissions!
    if (CurrentUser.IsSuperAdmin)
    { 
        return true;
    } 
    if (Session["PermissionList"] == null)
    {
        List<string> PermissionList = (from p in DataContext.Context.Permissions
                                       join rp in DataContext.Context.RolePermissions on 
                                       p.PermissionID
                                           equals
                                           rp.PermissionID
                                       join r in DataContext.Context.Roles on rp.RoleID 
                                       equals r.RoleID
                                       join ur in DataContext.Context.UserRoles on r.RoleID 
                                           ur.RoleID
                                       where ur.UserID == CurrentUser.UserID
                                       select p.PermissionConstantName).Distinct().ToList(); 
        Session["PermissionList"] = PermissionList; 
        result = PermissionList.Contains(PermissionConstantName);
    } 
    else 
    { 
        var PermissionList = (List<string>) Session["PermissionList"]; 
        result = PermissionList.Contains(PermissionConstantName); 
    } 
    return result; 
} 

When You Call This Method in your Code , method use HttpContext to find Current User and check That user Has Permission or not.

Permissions for current user collect in a list into a session.

And Affected User list is for:

When you change Role Permissions means current user don't have permission to access that object any more, and if the user exist on that list , check permission return false.
and this is The good point of my Custom Permission Control That don't need to Sign out and sign in
again to affect the current user.

If user Is SuperAdmin this means Has access to All objects and don't need to check with permissions Table in DB so method returns true for Super Admins.

Manage Roles Permissions:

You just Need A gridview control To Show The Roles , And a checkbox list for permissions.

And I don't write code Here because I include it in project for download and its Enough clear to understand.

Manage Users:

You need A grid view to show User Details and some text box with some check box for existing Roles and add Roles To Users.
I Already Do it for You that include in my project.

How Can I Use This In My Current Project?

My User Table Isn't enough good because I focus Only on Permissions, You can improve My User table and use it in your Project and you Only need using this class and To Call CheckPermissionand pass a string to this method.

In this way use This Class:

<asp:LinkButton ID="lbConfigure" runat="server" CommandName="Configure" CommandArgument='<%# Eval("AdminFilePath") %>' Visible='<%#PortalCommon.PermissionControl.CheckPermission("ModuleConfig") %>'>Install module</asp:LinkButton>    

Or in code behind:

btn1.Visible = PermissionControl.CheckPermission("Install");
LinkButton1.Visible = PermissionControl.CheckPermission("UnInstall");

If you want to test my project , change the connection string and open cp.edmx in Model folder right click on white space between table and choose Generate database from model and execute the script in your database ,add permission with constname: Install and UnIstall in database , then use PermissionManager page to make new Roles ,then make user with roles and Use Login Form, Then Go to default.aspx page And see How Roles Affect Object on the Page!

I will include a Folder For Database For people who don't familiar whit Entity FrameWork.