I used to write something during permission management. Today I happened to see it and paste it above. ========================================================== ============== Implementation purpose: 1: enables system users (administrators) to better allocate system resources to users (non-administrators. 2: Provides developers with access permissions (read-only ). Summary design: 1. administrator interface: After the resource is created by the creator (add customer, proxy, etc.), the administrator can manage the resource in a unified manner as follows: (1) Create permission-create Administrator (add operation) --> (2) Assign permissions-Administrator assignment (operation, role, user) --> (3) Use permissions-user (non-Administrator ), that is, whether or not the corresponding functions of each specific function module can be used. 2. Provides the permission interface: (1) Checks user logon. (2) load the navigation bar based on the user. (3) users can access the function module and provide the owner of the user's permission set for this function module (developers can load the page ). Detailed Design: 1. administrator interface: (1) create custom permissions: provides an interface for adding, deleting, and modifying the query of the operation object (ACO. Adding, deleting, or modifying an operation level query does not provide an interface. Adding, deleting, or modifying an operation type query does not provide an interface. Permission assignment: (categorized by function module) provides an interface for adding, deleting, and modifying operations (acpermission. (2) custom role assignment: provides an interface for adding, deleting, and modifying roles for query. User Management: assign a custom role to the user (acuser, acuserrole) (3) permission: Combined with various functional modules. 2. Permission interface (1) after checking the identity, read the permission list from the user's role and permission list. (2) Find the corresponding module with the corresponding permissions and load the navigation bar. (3) Each function module can load pages from the loaded permission list. Summary: Scope of batch customization target association for permission customization ------------------ object scope: (entity: Sales Department) ----- (Level: department) ----- (Level: Sales Manager) ------- (Object: Hou Kewei) // a slight note: for example, "adding, deleting, modifying, or deleting operations in a query does not provide an interface." In the table.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
