Defining Roles in one place?

We are building a web site that use declaritive security at the business level.  So we currently have attributes similiar to the following on our business methods:
[PrincipalPermissionAttribute( SecurityAction.Demand,Role="Save Customer" )]

I was worried about the hardcoded role strings throughout the app, so I defined a series of static strings that define all the Roles.  These strings would then be used in the attributes so it would be impossible to make a typo.

Something like:

public sealed class Role

{

     public const string SaveCustomer = "Save Customer";

     // private constructor here

}

then you can do things like:

[PrincipalPermissionAttribute( SecurityAction.Demand,Role=Role.SaveCustomer )]

Without getting complicated (custom attributes) I couldn't find a way to enforce that our developers use the Role constants at compile time, but as long as we check that in code review this will be a better solution than the hardcoded strings.

Ted

1 Comment

Comments have been disabled for this content.