[02] WebService-Based authorization system

Front, already introduced, how to use CXF to build WebService. Then let's go on to the table structure of this permission system.

This rights management system is divided into departmental management, employee management, role management, rights management, personnel authorization and business management (not covered here)

Role management includes role definitions and role authorizations. The process of role authorization is to give the specified role a permission to complete the authorization;

Rights Management is the definition and setting of permissions, and the process of rights management is to give a certain permission to the Operation table of an object to complete the management;

The process of authorizing a person is to give a person a role to complete the authorization.

These three words, I hope that we carefully taste, this is the core of the Authority management system, if not very good understanding, you can connect with me under the permission table, role authorization form and the authorization form to understand, will be more image.

The first is the department table T_depart

Some explanations:

1.f_departparentno represents the parent department name number for this department

2. This table establishes a unique index based on F_departno and F_departid, and the benefits speed up the query.

Then the user table T_user

1. Three types of users, system administrators, departmental administrators, and general employees are defined here.

2. A unique index is also established on F_userno and F_userid.

Object Table (contains a series of definitions of menus) T_object

1. It contains a series of operations on the menu;

2.f_parentno is the menu corresponding to the parent menu, F_sort to indicate the order of the menu;

3. The unique index is located above F_objectno.

Action table (contains a series of actions on the menu) t_operator

1. Two states, with this permission to display; otherwise, not displayed.

2. Unique index F_operatorno

Permission table (gives the specified permission a menu action) t_permission

1. If the permission table is not well understood above, you can simply interpret it as giving a permission to operate on a menu item;

2.f_objectno reference T_object (object table) foreign key, F_operatorno reference t_operator (action table) foreign key;

3. Build a unique index on F_permissionno and F_permissionname.

Role Authorization Form T_rolegrant

1.f_roleno the primary key of the corresponding role table, F_permissionno the primary key of the corresponding permission table

2. To the role authorization process, at a glance, give the role to the corresponding permission number , (here, to the system administrator all rights)

Personnel Authorization Form T_roletouser

1.f_userno corresponding to the primary key of the user table, F_roleno corresponding to the role table primary key

2. The process of personnel authorization, at a glance, is to give a user a role.

3. Unique index only F_userno above.

The above is based on the webservice of the Rights Management system database design part, if there is inappropriate, forget everyone to correct.

In the next article, I will continue my journey through my WebService-based rights management system.

[02] WebService-Based authorization system