. Net (C #) users, roles, Permissions

We use user permission management when developing many projects, and I have also done permission control in many projects. Therefore, I have also summarized a clear role permission control system. This article uses the basic concept of Role-Based Access Control (RBAC). The basic idea of Role-Based Access Control can be expressed simply by user-role-permission, the entire access control process is divided into two steps: the access permission is associated with the role, and the role is associated with the user, thus realizing the logical separation of the user and access permission.
RBAC achieves logical separation between users and access permissions, which greatly facilitates permission management. For example, if a user's position changes, you only need to remove the current role of the user and add the role representing the new position or new task, changes Between roles and permissions are much slower than changes between roles and user relationships. Assigning a user to a role does not require many techniques and can be performed by administrative staff, however, configuring permissions to roles is complicated and requires some technical skills, which can be undertaken by dedicated technical personnel, but users are not assigned permissions, this is exactly the same as in reality. Exploitation. the basic idea of implementing permission control in. NET is to assign a role to the user based on the basic principle of role access control (RBAC). Each role corresponds to different permissions of different modules, the same user can belong to different roles, and the highest permissions of the user's roles are obtained for the Operation permissions of the module.
Next, let's look at the system:
1. system permission diagram:

The role maintenance corresponds to the addition, deletion, modification, and other functions of the role, which does not need to be discussed. The menu maintenance corresponds to the assignment of page permissions for the role; the system authorizes the role to assign operation permissions on a specific page.
2. Menu authorization page:

On the Role Assignment page, select a role and assign corresponding page permissions to the role.
3. System Menu authorization page:

Authorize the role on the page that has been assigned, select the role, and select the corresponding page. In the displayed dialog box, select the corresponding page operation permission. The subsequent permissions include the previous permissions, for example, if you have the modification permission, you will naturally have the permission to view, query, and Add. This completes the page authorization and Page Operation permissions for the role. Allow different roles to have different operations on different pages, and allow different roles to have different operation permissions on the same page. This allows for refined permission management. Next, assign the role permissions to the user;
4. Assign roles to users:

A user can have multiple roles. Different roles have the maximum page operation permissions on the same page. For example, when a tester maintains this page, the tester has the modification permission, tester 2 has the added permission on the personnel maintenance page, so this user has the modification permission on the personnel maintenance page.
The permission design of the entire system is complete. The system adopts multi-user and multi-role management methods, allowing users to access the system with different roles and identities for different operations.

The code for role permission is as follows:
Permission Design Code