At the end of one of my projects, I found that many system module permissions were missing. Some module permissions are missing because the development speed is too fast in the early stage. Developers did not grant permissions to the module before writing the module functions.Code. It takes a long time (too many functional modules) to check whether the permissions of each module are missing ). I wrote a console permission synchronization tool. The overall idea is as follows:
In fact, every actionresult in MVC can be regarded as a new module. Because of this, we can manage all modules in a unified manner. The permission tree in the current system is relatively simple: multiple sub-accounts under a parent level. Therefore, you only need to specify the father of each actionresult. The Code is as follows:
Here, parentmodule is a custom feature similar to MVC's [authorize]. The Code is as follows:
1 [Parentmoduleattribute (parentsystemmodules. customermanage, " Common customers " )]
2 Public Actionresult ordinarycustomer ()
3 {
4 Return View ();
5 }
6
7 [Parentmoduleattribute (parentsystemmodules. customermanage, " VIP customers " )]
8 Public Actionresult vipcustomer ()
9 {
10 Return View ();
11 }
12
13 [Parentmoduleattribute (parentsystemmodules. technicalmanage, " Sqlserver " )]
14 Public Actionresult sqlservermanager ()
15 {
16 Return View ();
17 }
18
19 [Parentmoduleattribute (parentsystemmodules. technicalmanage, " ASP. netmvc " )]
20 Public Actionresult mvcmanager ()
21 {
22 Return View ();
23 }
Parentmodule custom features:
1 [Attributeusage (attributetargets. method, inherited = False , Allowmultiple = False )]
2 Public Class Parentmoduleattribute: attribute
3 {
4
5 Private Parentsystemmodules _ mtype;
6 Private String _ Moduletitle;
7
8 Public Parentmoduleattribute (parentsystemmodules mtype, String Moduletitle)
9 {
10 _ Mtype = Mtype;
11 _ Moduletitle = Moduletitle;
12 }
13
14 Public Parentsystemmodules moduletype
15 {
16 Get
17 {
18 Return _ Mtype;
19 }
20 }
21
22 Public String Moduletitle
23 {
24 Get
25 {
26 Return _ Moduletitle;
27 }
28 }
29
30 }
Parentsystemmodules is an enumeration of all parent modules, and moduletitle is the name of the current module (it can be transformed into a resource source file for future extension ).
After each actionresult is created, the parentmoduleattribute feature is added. To facilitate the following synchronization tools
Generate xml permission structure.
As follows:
View the automatically generated second-level XML permission structure:
The whole idea mainly depends on the characteristics of MVC, and also applies to. NET features, reflection, LINQ and other technologies.
At the same time, it also adds errors detected by different actionresult (modules) for the same permission multiple times.
Download the example in this article from here.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
