Overview The Usuario class represents a system user with authentication credentials, personal information, organizational assignment, and address details. It supports role-based access control and maintains user profile data for the SMAF application.
namespace InapescaWeb . Entidades { public class Usuario { // User authentication and profile properties private string lsUsuario ; private string lsPassword ; // ... 30+ properties } }
Source: InapescaWeb.Entidades/Usuario.csConstructor The constructor initializes all string fields to string.Empty for safe null handling:
public Usuario () { lsUsuario = string . Empty ; lsPassword = string . Empty ; lsNivel = string . Empty ; lsPlaza = string . Empty ; lsNombre = string . Empty ; lsRFC = string . Empty ; lsCURP = string . Empty ; lsEmail = string . Empty ; // ... all properties initialized to empty string }
Authentication Login Credentials Username for system authentication (login ID)
User password (should be hashed/encrypted in production)
Passwords should never be stored in plain text. Implement proper hashing (bcrypt, PBKDF2) in the business logic layer before storing.
Security Field Security encryption field (possibly for additional authentication data or token)
Name Components First name(s) of the user
Paternal surname (apellido paterno)
Maternal surname (apellido materno)
Abbreviated name or initials
Government Identifiers RFC (Registro Federal de Contribuyentes) - Mexican federal tax ID (13 characters)
CURP (Clave Única de Registro de Población) - Mexican national ID (18 characters)
Employee number (número de empleado)
Birth Date Date of birth (fecha de nacimiento)
Street Address External number (número exterior)
Internal number or apartment/suite (número interior)
Neighborhood or colony (colonia)
Municipality or borough (delegación/municipio)
Geographic Location City code (código de ciudad)
Organizational Assignment Institutional Hierarchy Secretariat (top-level government ministry)
Organization or agency (e.g., INAPESCA)
Specific organizational unit or office location code
Department or area code within the organization
Position code or plaza number (official employment position)
Job title or position name
Official charge or responsibility level
Organizational level or hierarchy level
Access Control Role-Based Authorization User role for access control (e.g., “Administrador”, “Comisionado”, “Autorizador”, “Consulta”)
Roles determine which features and data the user can access. Common roles include:
Administrador - Full system accessComisionado - Submit travel requestsResponsable - Approve as project managerAutorizador - Final authorization authorityConsulta - Read-only accessFinanciero - Financial operations Email address for notifications and communication
Usage Examples Creating a New User using InapescaWeb . Entidades ; // Create new user account var usuario = new Usuario { // Authentication Usser = "maria.gonzalez" , Password = "hashed_password_here" , // Should be hashed before storage // Personal information Nombre = "María Elena" , ApPat = "González" , ApMat = "Pérez" , RFC = "GOPM850315ABC" , CURP = "GOPM850315MOCSRR01" , NUM_EMP = "12345" , fech_nac = "1985-03-15" , // Address calle = "Avenida Juárez" , numext = "123" , num_int = "4-B" , colonia = "Centro" , delegacion = "Salina Cruz" , Estado = "Oaxaca" , CD = "OAX001" , // Organization Secretaria = "SADER" , Organismo = "INAPESCA" , Ubicacion = "CRIP-SC" , Area = "Investigación" , Plaza = "PL-2024-045" , Puesto = "Investigador Titular" , Nivel = "N3" , Cargo = "Jefe de Proyecto" , // Access control Rol = "Comisionado" , // Contact Email = "[email protected] " }; // The entity can now be validated and persisted
Authentication Check public class AuthenticationService { public bool ValidateCredentials ( string username , string password , Usuario usuario ) { // In production, compare hashed passwords if ( usuario . Usser != username ) return false ; // Use proper password hashing library // Example: BCrypt.Net.BCrypt.Verify(password, usuario.Password) return VerifyPasswordHash ( password , usuario . Password ); } private bool VerifyPasswordHash ( string password , string storedHash ) { // Implement secure password verification // Never compare plain text passwords return BCrypt . Net . BCrypt . Verify ( password , storedHash ); } }
Role-Based Authorization public class AuthorizationService { public bool CanAuthorizeTravel ( Usuario usuario ) { // Check if user has authorization role return usuario . Rol == "Autorizador" || usuario . Rol == "Administrador" ; } public bool CanViewFinancialData ( Usuario usuario ) { return usuario . Rol == "Financiero" || usuario . Rol == "Administrador" || usuario . Rol == "Autorizador" ; } public bool CanSubmitTravelRequest ( Usuario usuario ) { // Most roles can submit except read-only return usuario . Rol != "Consulta" ; } }
Display Full Name public static class UsuarioExtensions { public static string GetFullName ( this Usuario usuario ) { return $" { usuario . Nombre } { usuario . ApPat } { usuario . ApMat } " . Trim (); } public static string GetFormattedName ( this Usuario usuario ) { // Formal format: LastName, FirstName return $" { usuario . ApPat } { usuario . ApMat } , { usuario . Nombre } " . Trim (); } } // Usage var fullName = usuario . GetFullName (); // "María Elena González Pérez" var formalName = usuario . GetFormattedName (); // "González Pérez, María Elena"
Validation Rules Implement validation in the business logic layer, not in the entity.
Required Fields public class UsuarioValidator { public List < string > Validate ( Usuario usuario ) { var errors = new List < string >(); // Authentication required if ( string . IsNullOrWhiteSpace ( usuario . Usser )) errors . Add ( "Username is required" ); if ( string . IsNullOrWhiteSpace ( usuario . Password )) errors . Add ( "Password is required" ); // Personal information required if ( string . IsNullOrWhiteSpace ( usuario . Nombre )) errors . Add ( "First name is required" ); if ( string . IsNullOrWhiteSpace ( usuario . ApPat )) errors . Add ( "Paternal surname is required" ); if ( string . IsNullOrWhiteSpace ( usuario . RFC )) errors . Add ( "RFC is required" ); // Organization required if ( string . IsNullOrWhiteSpace ( usuario . Organismo )) errors . Add ( "Organization is required" ); if ( string . IsNullOrWhiteSpace ( usuario . Ubicacion )) errors . Add ( "Location is required" ); // Role required if ( string . IsNullOrWhiteSpace ( usuario . Rol )) errors . Add ( "Role is required" ); return errors ; } }
public class UsuarioFormatValidator { public bool ValidateRFC ( string rfc ) { // RFC format: 13 characters (AAAA######XXX) if ( string . IsNullOrWhiteSpace ( rfc )) return false ; rfc = rfc . Trim (). ToUpper (); // Basic length check if ( rfc . Length != 13 ) return false ; // First 4 characters should be letters // Next 6 should be numbers (YYMMDD) // Last 3 should be alphanumeric // Implement full RFC validation algorithm return true ; } public bool ValidateCURP ( string curp ) { // CURP format: 18 characters if ( string . IsNullOrWhiteSpace ( curp )) return false ; curp = curp . Trim (). ToUpper (); if ( curp . Length != 18 ) return false ; // Implement CURP validation algorithm // including check digit verification return true ; } public bool ValidateEmail ( string email ) { if ( string . IsNullOrWhiteSpace ( email )) return false ; try { var addr = new System . Net . Mail . MailAddress ( email ); return addr . Address == email ; } catch { return false ; } } }
Security Considerations Password Management public class PasswordManager { public string HashPassword ( string password ) { // Use BCrypt with work factor of 12 return BCrypt . Net . BCrypt . HashPassword ( password , 12 ); } public bool VerifyPassword ( string password , string hash ) { return BCrypt . Net . BCrypt . Verify ( password , hash ); } public bool IsStrongPassword ( string password ) { // Minimum 8 characters if ( password . Length < 8 ) return false ; // Require uppercase, lowercase, digit, special char bool hasUpper = password . Any ( char . IsUpper ); bool hasLower = password . Any ( char . IsLower ); bool hasDigit = password . Any ( char . IsDigit ); bool hasSpecial = password . Any ( ch => ! char . IsLetterOrDigit ( ch )); return hasUpper && hasLower && hasDigit && hasSpecial ; } }
Session Management public class UserSession { public string SessionId { get ; set ; } public Usuario Usuario { get ; set ; } public DateTime LoginTime { get ; set ; } public DateTime LastActivity { get ; set ; } public bool IsActive => ( DateTime . Now - LastActivity ). TotalMinutes < 30 ; }
Ubicacion Organizational unit details for the user’s location
Comision Travel assignments submitted or approved by the user
Login Login session and audit trail information
Mail Email notifications sent to the user
Database Considerations Indexing Recommended database indexes:
-- Primary key CREATE INDEX IX_Usuario_Usser ON Usuario(Usser); -- Frequently queried fields CREATE INDEX IX_Usuario_RFC ON Usuario(RFC); CREATE INDEX IX_Usuario_Email ON Usuario(Email); CREATE INDEX IX_Usuario_Ubicacion ON Usuario(Ubicacion); CREATE INDEX IX_Usuario_Rol ON Usuario(Rol);
Sensitive Data Ensure proper encryption for sensitive fields:
Password - Always hashed, never plain textSEC_EFF - Encrypted security fieldPersonal identifiers (RFC, CURP) - Consider encryption at rest
See Also