How to implement a Reputation-based User Permissions Like SO?
you may think that this question should be on Meta SO but it should not, since it is basically about ASP.Net MVC but the technique I want to implement is already implemented in SO.
I want the users to have power while they gain more reputation just like the way we do in StackOverflow, and my question is how to design the user authentication system? Can we rely on the built-in Forms Authentication? and how to manage what links (depending on the reputation) to be shown for the user and what is not?
I think we can't use Roles here so we don't end up with 1000 roles, right? but we may use 2 Roles (Admin, User) only.
[Edit]:
I think it is better to create my own Users table rather than depending on the Forms Authentication, and so I can add reputation field (and other fields) to the users table and track it like you said. BTW @MartinHN, I know about theif
you talked about, but my question is there a开发者_StackOverflow社区 smarter way to handle such matters?You could create a simple rule system. Each user has a reputation score associated with them. Then, using an action filter you could control access to functions in your system:
public class SomeController : IController
{
...
[ReputationNeeded(Reputations.CanVoteDown)] // your custom action filter
[HttpPost]
public ActionResult VoteDown(...)
{ /* */ }
}
Good luck!
Management of a user's reputation, and what he/she has access to (measured by reputation), should not be part of the authentication mechanism itself, IMHO.
On the web you primarily use Forms Authentication, and once authenticated it is up to you to apply reputation to a user and close off areas if a user doesn't have enough reputation.
I wouldn't make this feature part of the authentication system. I'd just let users authenticate and then render appropriate views for any given user.
Say your main navigation changes depending on reputation. You wrap items of the navigation bar that requires more than 1000 rep. with a if
statement, and don't show it if a user has less than 1000.
精彩评论