Application Security, Part 31

Now that we have considered how to use Windows Server 2003 Authorization Manager to authorize actions at the presentation tier, you may be wondering about its application to another common scenario. It is often the case that users in different roles within an organization have different privileges for accessing given sets of data. So, for example, ordinary users may only be allowed to see the data for their own branch, but district managers may be permitted to see the data for all of the branches within their district. Evidently, those sorts of rules would naturally be operationalized as permissions to access given sets of rows within a database table, and, hence, architects may find themselves scratching their heads about how best to implement those rules within the stored procedures that work with the table data. To accomplish that, they may be inclined to ship information about users’ roles and identities back to the data tier. My general approach to those sorts of problems is to route the same action taken by users in different roles within the presentation tier to role-specific methods for processing within the middle tier and data tier.