I’m thinking of developing a new application using nHibernate. I want to be able to restrict permissions to an Entity down to the Property level and I want this to be configurable.

So for example say I had a Employee entity with Name, Position and Salary properties:
• Admin users can View\Edit all properties of an Employee object.
• Custom user can View\Edit Name, Position but not view\edit Salary.
• ViewOnly user can only view Employee object.

I want these permissions to be configurable by the application user so I’m building a Entity\Permissions model in my database. Then when I display a specific Entity I ask HasPermission() for every property before I display it on screen. I guess this seems like overkill and quite an overhead so...

Is this the correct approach?
Are there any tools or existing frameworks that will allow me to do this easily?