Joseph has accepted the challenge and so “Iron Coder” begins. Lets start things off simple – I’ve posted a starter application up on Project Distributor for us to use so that we have a reasonable basis for comparison. When the application starts it displays a login dialog – thats because in this first round we are going to look at extender providers vs. sub-classing for addressing UI security.
The user can select the “type of user” in the username drop down list, at the moment only User and Power User are supported. When that happens and the user presses OK the dialog will disappear and a principal that represents the type of user created will be associated with the main thread – in other words – standard .NET role-based security.
When the main application form is displayed there are a number of tabs in a tab control – these are what we are going to be securing in this initial round.
Both User and Power User can access the General, Contacts and Notes tabs, but only the Power User can access the Transactions tab (it should be invisible to User). The objective of this round is to write the code that achieves this effect – I’ll do it by using extender providers and Joseph will do it via a sub-classing approach.
Since both Joseph and I have families and are both working full-time on client engagements we’ll wait until Wednesday evening for each of us to submit code – if we submit early thats great and we can move onto the next phase. When we submit our entry we should each post to our resepective blogs with a link to download the source – in the post we should also outline the approach that we each took.
We can then post a critique of the other persons code – this is where the blogosphere can chime in as well, just post up on your own blog and link back to ours – hopefully the track backs work the way they should.