Hi everyone!
I'm currently developing an application where users can upload files to the server. The files that are uploaded is "downloadable" by the administrator and the user that uploaded the file. It should also be possible to let more users get access to the file later.
The question is: How do I implement this in a Good way? I have come up with two alternatives so far:
1. Add <location><authorization>.. tags in the web.config file that sets the authorization to the current logged in user (which uploaded the file) and the administrator. Problem with this solution is that I need to add this <location> tags at runtime to the config file which will, what I've read, trigger a recompile of the application. The web.config file will also end up with hundreds of location tags which will probably affect performance in some way.
2. Let the database handle the mapping to which files ...
Go to the complete details ...