Restricting certain pages -- redirect on every page? Or on master page by viewing current page in url?
Per different user mode, some pages should not be accessible by users unless they have a valid session key.
In your opinions -- would it be better to have a list of 开发者_如何学JAVAacceptable pages in the master page, and check if the current page is valid for the current user? Or handle this on every child page?
I'm thinking master page, just want to hear what your input would be.
Thanks
The master page, or a defined base page, is the best place to put this kind of logic. The reason for this is that you are putting your filtering logic in one place. Copying cookie cutter code for each page will lead to problems down the road.
You should also make this logic as generic as possible, and store data that's going to change (your list of pages, your permissions, etc...) in the database. This will minimize code changes down the road when you want to add pages.
Finally, you need to define some sort of default behavior for pages that are not defined. Ideally, you would lock down pages that don't have permission data. This will ensure that you don't accidentally allow access to a page that needs to be restricted.
There are at least two cases that I see:
If there is one master page for all pages that you go to redirect, then use master page.
If there is one master page but the pages are not the same and not all pages of this master page are redirect but only some of them its is better to check this on current page and not on master page.
The reason is that if you place it on muster page, then you need to go throw a case list, and check on the master page in witch page you are. This takes more time and more memory and contain more risk to make errors if you create a page, then you change it etc. Also is difficult on the master page to know what page is the children and identified it.
On the current page you only need to check if your user can see it or not.
精彩评论