Document Rights Mangement

[engr]

I am uploading documents/files to sql server 2005 db using asp.net.I would like to give each group of users a different set of rights for accessing these documents - One set should be able to save,modify the document while the other set of users can only view the document.

Is it possible with the .NET technology?

[Orjan]

you can of course build such a system on your own, that is absolutely possible. if there is a built in way, I don't know.

[cdg10620]

You can set permission on each table explicitly in SQL server. When .NET goes to the SQL server to read information SQL server will check to see if .NET has permissions to access the information. You will want to have .NET grab the current user's information and check to see the permissions when accessing the SQL database.

You can also do validation on the front end before it ever gets to SQL. How would you allow users to change information? If it is some kind of form, you can check the users permissions as they come to the page and make it to where they either don't have edit capabilities on the page or they cannot access the page at all.

[engr]

I am uploading pdf,word,autocad files to the database. I want that only some users can download the file while others can only view.The document details are going to one table while the user info is stored in another table.Where do i set the permission - do I set it at the database level or at the programming level?

[WingedPanther]

I would set it at the programming level.

[engr]

How do I go about it?
If you have ever come across WSS 3.0,you might be able to catch what I am getting at. There is a technology in WSS called Informations Right Management (IRM) - Here each file / document has permissions assigned to it so that only those users who have write permissions can save/download the file while others can only view it-it is non-ediatable for the latter.
Can something like this be achieved here?

[WingedPanther]

There are literally dozens of ways you could do this. The easiest is to give each user a permission level, and only expose the upload interface to users with sufficient permissions.

[engr]

I am not having an issue with upload - I have already set permissions for that.
I want to control the downloading part. Whenever you open any file - doc, pdf, etc. you must have noticed that we are able to download it to our harddisk. How do I prevent that???

[cdg10620]

Quote:

Originally Posted by engr

I am not having an issue with upload - I have already set permissions for that.
I want to control the downloading part. Whenever you open any file - doc, pdf, etc. you must have noticed that we are able to download it to our harddisk. How do I prevent that???

How did you set permissions on the upload? Do you have some code that you can post? I'm not understanding why you can't block the download option with your code if they do not have permission to do so.

[WingedPanther]

Wait, you mean you want them to be able to view, but not download, a document? In that case, you're out of luck. To view the document, it's already downloaded.