Home > Others

Lightweight Implementation of permission Design

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >
Lightweight Implementation of permission Design

In a variety of systems, permission design is essential. Now, it is basically based on the concept of a role, that is, a user may belong to a role or multiple roles, then, confirm the corresponding permissions based on the role to further verify its validity and finally perform the operation. many people may perform permission verification before a user enters a module of the system. Later, they know that the SPS of Microsoft are not like this, and all users can perform operations, for example, when you submit an application for approval, you can verify whether the application has been submitted successfully. I think this is advantageous because it is fast and does not need to be verified once the user enters the system, of course, the user experience is not good. the following is a reference article. I will repeat it myself. It mainly refers to the database design. below is the database diagram, which is designed with PD.
In fact, after I posted the figure, you can see it clearly. For a brief description, I didn't add additional fields to the table, such as the address in the User table, in the field User Role table such as email, the role value in the role table corresponds to the function number field in the function list to determine whether a role has this function (operation) the key issue is that the preceding module table is used to determine a function set between modules. For example, the document upload function in the document management module and the document attribute modification function. the following is an example of the relationship between them. Let's take document management to illustrate it. Recently, J is also being developed. Module table(, Document management, doclibmanage, 3); // specify the database. Note that the first database ID is automatically generated. Menu(0, 0, new directory, createfloder, 0); // same as above Menu(0, 1, upload file, uploadfile, 0); // same as above Menu(, Modify attributes, modiattr, 0); // Let's take a look at the same time. The role corresponds to the function principle. Role table(0, operator, 010, routine maintenance) the key is the role value 010 in the role table, which represents the following meaning:
         
Role Value 010 Description   Description
0th bits 0 Corresponding to the function number 0 in the menu, that is, creating a directory 0 indicates no permission This role cannot create a directory
1st bits 1 Corresponding to function 1 in the function list, that is, uploading files 1 indicates that you have permissions. This role can upload files
2nd bits 0 Corresponds to function 2 in the function list, that is, modifying attributes. 0 indicates no permission This role cannot modify attributes.
 

In this way, a lightweight permission design system can be implemented.

 

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
implementation of ajax in php comparison of master data management implementation styles partial implementation of interface in java change permission of folder in linux how to change permission of file ask for forgiveness instead of permission change permission of folder in windows

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More