I'm creating my first site in ASP.NET MVC and I'd like to know how I can setup access rights or roles based on a specific item for a specific user.
My site has projects and users where each user can be a member of one or more projects. Each user that is a member of a project will be assigned to some number of roles in relation to that project. But each user may be assigned different roles for each project they are a member of.
Is there anyway I can take advantage of the built in membership roles to do something like this? From what I see a user's assigment to a role applied to the entire site, not a specific item like a project.
I was thinking of creating roles by concatenating the ProjectId and the project role into a single combined role such as 3213ProjectEditor. So then later I could use User.IsInRole(currentProject.ID+"ProjectEditor") to determine if as user is an editor in currentProject. This seems like a hack to me though.
The in-built Authorization provider that uses the existing Role and User classes, is too tied up to Request and Response and the underlying Http connection. So it's not a good idea to use these classes for your case.
However you can get the inbuilt classes source here for reference, and build your own domain models.