ASP. NETIt provides powerful design functions for the network system design, which is easy to use and easy to use. It is a good choice for developing network systems. In network system design, user permission management is an indispensable part. The design method is a complicated problem for many new users. Through the development practice, the author provides a general method for page permission management based on the role-user relationship, which is also some practical experience, hoping to play a role in attracting others.
Ii. Database Design
In order to implement the permission management function, the system development has referencedWindowsUser role management method. Used in Database Design5Tables. There are three information tables:Usercode,Rolecode,Modulecode, Representing the user information table, user group information table, and module page information table. To express the relationship between the three, create two Relational Tables:UserroleAndRolemoduleRepresents the relationship between users and user groups, and between user groups and modules. Specific database relationships1As shown in:
| 1Database Relationship Diagram |
The specific idea is: after the user completes the system registration, the system administrator can manage the user and assign different user groups to the user, that is, to customize their permissions as needed. A user can belong to different user groups. The user group has the maximum permissions granted to the user group, and the user group has the set of user permissions. It establishes a relationship with the module page, different roles can access different page sets. The entire system authorization process can be completed by users with System Management permissions.
Iii. permission management
The system permission management function provides six functions: Adding users, managing users, adding user groups, managing user groups, adding modules, and managing modules. Add a user, add a user group, and add a module to the data table.Usercode,Rolecode,ModulecodeThe insert operation is simple. We will not describe it here. Next we will focus on user management, user group management, module management, and the relationship between them.
1. User Management
User management is mainly used to delete and authorize users. Its management interface2Click authorize to bring up all user groups and select the user group to be added. The following describes how to implement authorization.
Figure 2 System User Management Interface
First, you must display the user group to which the current user belongs:
Public sqldatareader selectbyuserrole (INT userid, int roleid)
}
Database is the basic class for data access and provides basic functions for running SQL commands and stored procedures. Stored Procedure userrole_selectbyuserroleCodeAs follows:
}
The stored procedure userrole_create code is as follows:
Figure3User Group Management Interface
Display the information of the modules that are accessible to the current user group:
Public sqldatareader selectbyrolemodule (INT roleid, int moduleid)
{
Database Data = new database ();
Sqldatareader reader = NULL;
Sqlparameter [] prams = {
Data. makeinparam ("@ roleid", system. Data. sqldbtype. Int, 4, roleid ),
Data. makeinparam ("@ moduleid", system. Data. sqldbtype. Int, 4, moduleid )};
Data. runproc ("rolemodule_selectbyrolemodule", prams, out reader );
Return reader;
}
The stored procedure rolemodule_selectbyrolemodule is defined:
Create procedure DBO. rolemodule_selectbyrolemodule
@ Roleid int, @ moduleid int
As
Select * From rolemodule where roleid = @ roleid and moduleid = @ moduleid
After obtaining the authorization module information of the current user group, you can initialize the checkbox in the DataGrid. The current user group module information is set as follows.
Int roleid = int. parse (request. querystring ["roleid"]);
Crolemodule Rm = new crolemodule ();
Rm. deletebyroleid (roleid );
// Start to add the selected items
Int I;
Int rowcount = maid. count;
For (I = 0; I <rowcount; I ++)
{
// Check whether the table exists in the relational table
Int moduleid = (INT) datagrid1.datakeys;
Checkbox cb = (checkbox) datagrid1.items. cells [1]. controls [1];
If (CB. Checked = true)
{
Rm. Create (roleid, moduleid );
}
}
The methods and basic types of user authorization methods are not described here.
3. Page permission Analysis
Load the following functions in the page_load () event for permission Analysis
Private void checkright (string loginid, string pagename)
{
Ccheckrightview Cr = new ccheckrightview ();
Sqldatareader DR = NULL;
Dr = Cr. Select (loginid, pagename );
If (dr. Read () = false)
{
Response. Write ("<script language = JavaScript> ");
Response. Write ("alert ('you are not authorized to access this module ');");
Response. Write ("document. Location. href = 'login. aspx ';");
Response. Write ("</SCRIPT> ");
Return;
}
}
// Select function event of ccheckrightview
Public sqldatareader select (string loginid, string modulepage)
{
Database Data = new database ();
Sqldatareader reader = NULL;
Sqlparameter [] prams = {
Data. makeinparam ("@ loginid", system. Data. sqldbtype. varchar, 20, loginid ),
Data. makeinparam ("@ modulepage", system. Data. sqldbtype. nvarchar, 100, modulepage)
};
Data. runproc ("checkrightview_selectinfo", prams, out reader );
Return reader;
}
// The View checkrightview code is as follows:
Create view DBO. checkrightview
As
Select DBO. usercode. loginid, DBO. modulecode. modulepage
From DBO. usercode inner join DBO. modulecode inner join DBO. rolecode inner join
DBO. rolemodule on DBO. rolecode. roleid = DBO. rolemodule. roleid on
DBO. modulecode. moduleid = DBO. rolemodule. moduleid inner join
DBO. userrole on DBO. rolecode. roleid = DBO. userrole. roleid on
DBO. usercode. userid = DBO. userrole. userid
The code for the stored procedure checkrightview_selectinfo is as follows:
Create procedure DBO. checkrightview_selectinfo
@ Loginid varchar (20), @ modulepage nvarchar (100)
As
Select * From checkrightview where loginid = @ loginid and modulepage = @ modulepage
Iv. Conclusion
This article designs a method based on page permission management, in ASP.. NET is implemented using C #, including user addition, deletion, modification, user group addition, deletion and modification, and module addition, deletion and modification, management of the relationship between users and user groups, management of the relationship between user groups and modules, which has a strong application value for the design of network systems.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
