In a windows forms payroll application employing MVP
pattern (for a small scale client) I'm planing user permission handling as follows (permission based) as basically its implementation should be less complicated and straight forward.
NOTE : System could be simultaneously used by few users (maximum 3) and the database is at the server side.
This is my UserModel
. Each user has a list of permissions given for them.
class User
{
string UserID { get; set; }
string Name { get; set; }
string NIC {get;set;}
string Designation { get; set; }
string PassWord { get; set; }
List <string> PermissionList = new List<string>();
bool status { get; set; }
DateTime EnteredDate { get; set; }
}
When user log in to the system it will keep the current user in memory.
For example in BankAccountDetailEntering
view, I can control the permission to access command button as follows.
public partial class BankAccountDetailEntering : Form
{
bool AccountEditable {get; set;}
public BankAccountDetailEntering ()
{
InitializeComponent();
}
private void BankAccountDetailEntering_Load(object sender, EventArgs e)
{
cmdEditAccount.enabled = false;
OnLoadForm (sender, e); // Event fires...
If (AccountEditable )
{
cmdEditAccount.enabled=true;
}
}
}
In this purpose my all relevant presenters (like BankAccountDetailPresenter) should aware of UserModel
as well in addition to the corresponding business Model
it is presenting to the View
.
class BankAccountDetailPresenter
{
BankAccountDetailEntering _View;
BankAccount _Model;
User _UserModel;
DataService _DataService;
BankAccountDetailPresenter( BankAccountDetailEntering view, BankAccount model, User userModel, DataService dataService )
{
_View=view;
_Model = model;
_UserModel = userModel;
_DataService = dataService;
WireUpEvents();
}
private void WireUpEvents()
{
_View.OnLoadForm += new EventHandler(_View_OnLoadForm);
}
private void _View_OnLoadForm(Object sender, EventArgs e)
{
foreach(string s in _UserModel.PermissionList)
{
If( s =="CanEditAccount")
{
_View.AccountEditable =true;
return;
}
}
}
public Show()
{
_View.ShowDialog();
}
}
So I'm handling the user permissions in the presenter iterating through the list. Should this be performed in the Presenter
or View
? Any other more promising ways to do this?
Thanks.
"The presenter acts upon the model and the view. It retrieves data from repositories (the model), and formats it for display in the view." - MVP
So the presenter formats the data, but for me it looks like presenter contains kind of business logic - it really checks if user can modify account. What if you forget this check in one of the forms? So it should be in the underlying layer (probably, service).