0

I am about to create my first proper application in ASP.NET MVC3.

It is basically a jobs site with 3 levels:

1) Users - No registration and can view all jobs posted on the website 2) Posters - Need to register and login to post adverts 3) Admin - Need to register and login to post adverts and review postings before they go live

Would you suggest I use the same Jobs controller for the three levels I mention above? With a LIST action to show jobs to "Users" and a CREATE & EDIT action for the "Posters" & "Admin"?

Thanks Paul

Improve this question

2 Answers 2

Reset to default
1

You should enable roles in your application and define 2 of them: 'Admin', 'RegisteredUser'.

You then create 3 controllers. 1 for regular users 1 for Admins 1 for RegisteredUsers.

You can then secure your controllers as follows:

[Authorize(Roles = "Admin")]
public class AdminController : Controller
{
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

I'd suggest you create a separate Area for Admin with all the functionalities you want for this role and for Users and Posters set different permissions for the Create/Edit actions in your Jobs Controller. You might specify something like this

[Authorization(Roles = UserRoles.Poster)]
    public ActionResult Create()
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.