这听起来好像权限方面是***的使用建模的访问控制列表（访问控制列表）。每个资源只是有一个相关联的访问控制列表，默认情况下，只有原来的主人有权限的资源。

当你发出邀请函code，你录制code与它一起重新presents的权限。您将需要记录在耐用商店协会（如数据库）。

当被邀请用户激活邀请code，你提拔你记录到一个真正的权限的潜在权限。

我写了更多关于基于ACL的安全here和here.

We want to be able to share resources inside our web application with new or other users. We want to do this by implementing an invitation code. I have seen this implemented many times before in other applications (google docs for example), where you send an invitation code to another user and that other user will have whatever access the first user agreed.

I am sure there has to be a pattern, or best approach already documented somewhere, I just need the right words to look for it. Will someone be able to point me in the right direction? Below is the use case:

1. User one (user1) has an account with multiple spaces.
2. User1 wants to share a specific space (space9) with User2 (which is or not on the user table).
3. User1 sends an invitation code to the email of user2.
4. User2 registers and enters the invitation code or clicks on the link to register with the invitation code.
5. User2 has access to space9 and only to space9, not to any other space register for user1.

Edit 1: (Possible Algorithm to Use based on Mark Answer):

In my domain model I have User and Account and each user has 0 or more accounts. Then we also have SharedSpace, each user has 0 or more share space and each account may have 0 or more sharespace. Now Sharespace will contain (inviationCode, spaceCode, active (yes), expiration, email (share with).

Any user who has an account (acct1) is able to share space with

acct1.shareSpace("spaceCodeToShare","Emailofusertosharewith");

The method shareSpace(string,string) will do the following:

1. Create and send invitation Code to email
2. If user is registered, he activates his code either clicking or entering it (using authorize or customAuthorize attribute and IPrincipal to prevent unauthorized access).
3. IF user is not registered then he logs in and after a user entry for this user is created then he activates the code.
4. If user never activates the code the the code expires and the active status toggles to false.

Do you think I am missing anything, it looks more simple than I thought it would be?

It sounds to me like the permissions aspect would be best modeled using Access Control Lists (ACLs). Each resource simply has a an associated ACL, and by default, only the original owner has a permission to the resource.

When you send out an invitation code, you record that code along with the permission it represents. You will need to record that association in a durable store such as a database.

When the invited user activates the invitation code, you promote the potential permission you recorded into a real permission.

I wrote more about ACL-based security here and here.