WisDom. Net -- permission Design
1. Requirement Analysis
Permission management is essential to all management systems. In this case, permission management is the core of the management system. To put it bluntly, what can be done and what cannot be done by everyone. It can be said to be a set of rules. Next, let's talk about the permissions in wisdom.net.
1. Control the user's modification and deletion of data. That is, you can edit and delete data created by yourself. However, you can only edit and delete data created by people with lower permissions.
2. module control. Users can only access authorized modules, but cannot access other modules.
3. Users are assigned different roles with different permissions and access modules.
4. the built-in account administrator has the highest permissions. You can delete and modify all data and access all modules.
2. Specific design
1. Determine the User Module
(Figure 1)
Figure 1 shows the modules that users can access. Is this enough? Assume that user A knows that the page address of business B is B. aspx, then user A directly enters the address through IE. does not exceed the above limit. How can we avoid this situation? See figure 2.
(Figure 2)
This prevents users from entering the unauthorized page.
2. Determine the User Module
Here we make the following Conventions to divide the permissions into query, add, edit, and delete, job permissions Category 5 mask 1 indicates that you have permissions 0 tables do not have permissions. For example, 1111 indicates that you have the permission to add, edit, and delete the data query. Grant different permissions to the role when you select the role menu. The job permissions are based on the organizational structure. If the general manager is 10, the manager is 5, etc.
(Figure 3)
As mentioned in figure 3, the data deletion and reading processes, data addition and editing are very similar to Figure 3 above, not to mention adminstrator, you only need to load the relevant deletion and perform the deletion operation, which is simple.