In my company we're currently working in our portal. It will be something like a social network.
I'm working on the "profile" part of the portal.
I was wondering, as I'm new to C#, how can I implement a "see-only-what-i-let-you" functionality.
Take for instance Facebook. There you can show only parts of your profile to some people, other parts to other people, you have full acess as others may have no acess at all.
That's precisely what I need to implement.
We're working with MVC3/jQuery1.5/WCF.
One option would be to split your view up in to child actions:
@{Layout = "~/Views/Shared/Layouts/MasterLayout.cshtml";}
<div class="splitter">
<div class="left-column">
@Html.Action("Navigator")
@Html.Action("MyPosts")
</div>
<div class="main-content">
@Html.Action("RecentStories")
@Html.Action("Adverts")
</div>
</div>
Then in your controller each action decides if the current user can see this piece of content, e.g.
[AcceptVerbs(HttpVerbs.Get)]
public ActionResult RecentStories()
{
if(current_user_cannot_access_this_content())
return View("BlankView"); // Might want to render some place holder content
// Setup necessary view data by pulling back content from the database.....
return View(); // Render the /Views/<controller>/RecentStories.cshtml view
}
Try to cache user permission data across child actions if possible (depends on how your calculation of what a user can see works).
This code is assuming all your actions are running off the same controller. You can hit a different controller for a child action just by passing the name of the controller as the second parameter.