I am writing a C#.net windows desktop/windows form application in 2008 or 2010. When the application basically starts in program.cs in the main method., I am going to check to see if a user has access to this new desktop at all. I am also going to check to see what parts of the application the user has access to by looking at the active directory. When a user clicks on various tabs in the application there is going to be read only or read-write access. When there is read-write access, I going going to display the extra buttons only to those users only.
I have the following questions to ask:
1. Would you put this kind of logic in program.cs? If not, where would you suggest I put this logic and can you point me to a code reference I can use?
2. For the parts of the application where a user clicks on a tab that have either read-only or read-write access:
a. I was thinking of of storing the active directory groups that user has access to in global variables. However this is generally not a good idea due to not following good object oriented design princicples. if you were going to keep these values stored in variables, how would you accomplish this task?
b. Another option would be to do the same kind of basic ldap lookup everytime a user clicks on that tab on the desktop. How would you accomplish this option?
c. Do you have other options to suggest? if so, what are they? Can you explain your alternative option to me and/or point me to a url that will explain how you accomplish your optiuon?