Help get this topic noticed by sharing it on Twitter, Facebook, or email.

Implementing dynamic access control rules

I'm just wondering how to accomplish the following scenario and if this process will change with the upcoming changes to dynamic access control rules;

I have a table of Agents and another table Prospects and there is a many to many relationship between the two.

I need to create a relationship between the Agents table (my database table of people) and the ASP.NET users table somehow.

Then when I am looking at a table of Orders (which has the Prospect field) I want to view the current logged in user, look them up in the Agents table and see what prospects they are allowed to see. So the end result is filter the Orders table to only show Prospects the Agent has a many to many relationship with.

Is this the best way to go about organizing this? Is there a better method with the upcoming dynamic access control rules? I need managers to be able to create the joins between agents and prospects, and I don't trust managers to have access to a page of creating dynamic access control rules for everyone. Thoughts?
1 person has
this question