I'm trying to understand how to implement some kind of restrictions on user's actions. The application where I need these restrictions is about managing documents.
This application is written in ASP.NET Core and uses ASP.NET Core Identity.
Application requirements:
- There are four types of users: GuestUser, User, VipUser, Admin.
System allows its users the following actions:
- Create a new virtual folder for the documents.
- Create a new document.
- Edit the document.
- Delete the document.
- Get a list of documents contained by the folder.
It's enough to draw a picture. In reality I have way more actions. Each of these actions has some restrictions that depend on the type of the user.
"Create new document" and "Create folder" actions have the following restrictions:
- Guest can create only 5 folders and load up to 10 documents.
- User can create only 10 folders and load up to 20 documents.
- VipUser has no restrictions on these actions.
"Edit the document" action:
- Guest cannot edit the document since 5 minutes after creation.
- User cannot edit the document since 30 minutes.
- VipUser has no restrictions on this action.
Hope you got it. The main point of it is that the application has very complex rules. It's very easy to imagine that there are other restrictions like: allowed formats of the file, allowed size of the file and so on. Each of these restrictions also must be based on the role.
Could you recommend me some existing design approaches to this problem?
Aucun commentaire:
Enregistrer un commentaire