In the design article, we have already explained the database design for the permission management system. In this article, we will focus on its implementation.Code. To enable you to see code for all actions more directly and effectively, we use the action breakdown list to describe each action and related resources.
Actions to implement permission management
| Action breakdown | Action name | Related table name | Operation set type (S, U, I, D, SQL) |
Form | Module | Character Resource | Paging? | Return prompt? | Permission Detection |
| Permission initialization and Installation | Setup | None | None | None | Setup | Setupok | No | No | No |
| Show add management group page | Addnewgroup | None | None | Addgroup | Checkuserpurview | None | No | No | Yes |
| Execute the Add administrator action | Addnewgroup_ex | Gorupmanager, gorupmanager, and mastergroup | S, I, I | None | Checkuserpurview | Addok |
No | Yes | Yes |
| Display the list of all management groups for permission setting | Setgroupinfo | None | None | None | Checkuserpurview | Viewtitle |
Yes | No | Yes |
| Display the manage Group permission setting page | Setgroupinfo_input | None | None | None | Checkuserpurview | Viewtitle |
No | No | Yes |
| Execute the action of Setting Administrative Group Permissions | Setgroupinfo_ex | Actiongroup, action, Actiongroup | D, S, I | None | Checkuserpurview | Setgrouppurview |
No | No | Yes |
| Delete A Management Group | Delgroup_ex | Groupmaster, Actiongroup | D, D | None | Checkuserpurview checkpointid |
Viewtitle |
Yes | Yes | Yes |
| Display the list of all management groups to view the actions of members of the Management Group | Viewgroupmaster | None | None | None | Checkuserpurview | Viewtitle |
Yes | No | Yes |
View all members in the selected Management Group |
Viewmaster | None | None | None | Checkuserpurview | Viewtitle |
Yes | No | Yes |
The add administrator page is displayed. |
Addnewmaster | None | None | Addnewmaster | Checkuserpurview | None | No | No | Yes |
| Execute the Add administrator action | Addnewmaster_ex | Master, master, mastergroup | S, I, I | None | Checkuserpurview | Addok |
No | Yes | Yes |
| Display the list of all administrators for setting administrator permissions | Setmasterpurview | None | None | None | Checkuserpurview | Viewtitle |
Yes | No | Yes |
| View the Management Group of the selected Administrator | Setmasterpurview_input | None | None | None | Checkuserpurview | Viewtitle |
Yes | No | Yes |
Run the following command to set the selected administrator permissions: |
Setmasterpurview_ex | Mastergroup, mastergroup | D, I | None | Checkuserpurview | Viewtitle Do_ OK Loginjumpframe |
No | Yes | Yes |
| Display the list of all administrators for setting the Administrator Password | Setmasterpass | None | None | None | Checkuserpurview | Viewtitle |
Yes | No | Yes |
Display password modification page |
Setmasterpass_input | None | None | Masterpassword | Checkuserpurview | None | No | No | Yes |
Execute the change administrator password action |
Setmasterpass_ex | Master | SQL | None | Checkuserpurview | Viewtitle Do_ OK |
No | Yes | Yes |
Display the list of all administrators to modify administrator Information |
Setmasterinfo | None | None | None | Checkuserpurview | Viewtitle |
Yes | No | Yes |
Display the selected administrator Information Modification page |
Setmasterinfo_input | Master | S | Editmasterinfo | Checkuserpurview | Del_confirm | No | No | Yes |
Modify administrator Information |
Setmasterinfo_ex | Master | U | None | Checkuserpurview | Viewtitle Do_ OK List_allmaster |
Yes | Yes | Yes |
| Delete A Management Group | Delmaster_ex | Master, Actiongroup | D, D | None | Checkuserpurview checkpointid |
Viewtitle |
No | Yes | Yes |
| Execute the action to change the current Administrator Password | Setmyinfo_ex | Master | U | None | None | Viewtitle |
No | Yes | Yes |
| Displays the current Administrator Information Modification page. | Setmyinfo | Master | S | Editmasterinfo | None | None | No | Yes | Yes |
| Execute the action to change the current Administrator Password | Setmypass_ex | Master | SQL | None | None | Viewtitle |
No | Yes | Yes |
| The current administrator password modification page is displayed. | Setmypass | None | None | Masterpassword | None | None | No | No | Yes |
System action
| Action breakdown | Action name | Related table name | Operation set type (S, U, I, D, SQL) |
Form | Module | Character Resource | Paging? | Return prompt? | Permission Detection |
| This action is used when the Administrator first enters the management system. | * | None | None | Login | None | None | No | No | No |
| System logon action. This action is used when the Administrator logs on to the system. | Login | Master | SQL | None | None | Loginok |
No | Yes | No |
| Display window title information | Viewtoolstitle | None | None | None | None | Managertitle | No | Yes | No |
| Show left Toolbar | List_tools | None | None | None | None | None | No | Yes | No |
| Task System (Reserved) | Autoviewtask | ||||||||
| This action is triggered when the user does not log on. | Nosession | None | None | None | None | Nosession |
No | Yes | No |
| This action is triggered when the user does not click OK during the delete operation. | Nopointid | None | None | None | None | Nopointid | No | Yes | No |
| This action is triggered when you attempt to execute an action that you do not have the permission to execute. | Nopurview | None | None | None | None | Nopurview | No | Yes | No |
| Exit System | Outlogin | None | None | None | None | Loginout |
No | Yes | No |
Modules:
1.Setup (Database initialization and permission setting module)
After a new system is deployed, we can execute an action Setup to install the database and some initial values. By executing this action, the system can run normally. When the setup action is executed, a module named setup is called. This module initializes the database used by the system and sets the action permission in the system, otherwise, the database and permitted actions cannot be executed. Next let's take a look at the code of the setup module. Click here to view the code. Here we will split the code and take a look at it. Because the setup module contains a lot of similar code, here we will only find the code for different functions for a brief introduction:
Section 1: Database Installation
In the module, a datebase_ SQL _setup database operation set is called. This database operation set is used to initialize the database tables in the system (delete or create according to the situation.
Section 2: Add permission information
The Code calls the action_ I _newone database operation set and adds the permission name and other information to the operation set.
Section 3: add an administrator
In this Code, the master_ I _newone database operation set is called to add an administrator information to the database. This information can be left blank and can be directly added to the database, however, a default Administrator is added here to reduce unnecessary troubles.
Section 4: add an Administrator Group
By calling groupmanager_ I _newmaster, a new Administrator group is created for the database operation set and detailed Administrator group information is added. You can add new users to this Administrator group.
Section 5: Add a new tool column
By calling actioncolumn_ I _newone, add a toolbar column option to the toolbar.
Section 6: specify a Management Group
Call the mastergroup_ I _newone database operation set to add the admin user to the first management group so that the user becomes a member of the first management group.
Last section: Specify the permissions of the Management Group.
This code first calls the action_s_all database action set and uses the loop statement to list all actions. Then, it calls the actiongroup_ I _newone database action set and Adds all actions to the first management group, grant all permissions to the first management group.
The reason why we put the installation and permission settings of the database in the module is to make it easier for users to use the database. We do not need to re-create the database manually to avoid errors in the database, make the system simpler and smoother. If other systems also need permission management, you can directly use the module after slight modifications, which also reflects the reusability of the Code.
2. checkuserpurview (module that checks whether the current user can perform this action)
In the permission management system, the module checkuserpurview is used repeatedly. This module is responsible for detecting user permissions, this module is called at the beginning of all the actions that require access control. Therefore, it is difficult to understand the code of this module. Next, let's take a look at the code of this module.
Let's split the entire code segment. First, let's look at the first section, for example:
Judge whether the value of _ session. myloginid is null. If it is null, execute nosession on the current page. In the user login action, login records the user's ID for the login user using the session variable of myloginid. Therefore, if the user logs on normally and is within the session validity period, then _ Session. the value of myloginid cannot be empty. Use this code to check whether the user has successfully logged in and obtained a valid access identity.
Then read the following code, such:
Call the database operation set mastergroup_s_bymasterid, use the loop of the logic layer, use the currently executed action and the groupid returned by the query as the condition, and call the actiongroup_s_byactionandgroupid of the database operation set for cyclic query, if the query return value is greater than 0 (zero), set the value of the local variable purview to 1.
The focus of this Code is to use loop for loop. Because the Actiongroup table records the permissions that can be executed by the user's management group, and a user may belong to multiple groups at the same time, therefore, we need to check whether the user has the permission to execute the action in multiple groups. Therefore, we use the action to be executed and the groupid of the user's management group for loop query, the current user can execute this action as long as one group has the permission to execute this action.
The last part of the code is as follows:
If the value of purview is not 1, The nopurview action is executed on the current page.
In the previous Code, if the user has the permission to execute the action, the purview value of the local variable is set to 1. Therefore, if the variable value is not 1, this indicates that the user has no permission to execute the action, so the user executes the nopurview action.
Summary
From design to implementation, the permission management system tutorials are all over. In the design phase, the most important and difficult to understand is the role of the two ing tables. After understanding the two ing tables, we basically understand the design of the entire database. In the implementation phase, the module checkuserpurview mentioned above is hard to understand. To understand this module, You need to design a joint database. The Actiongroup table records the permissions that can be executed by the user group. The action field and the groupid field are used for query. The number of returned results is greater than 1, indicates that the user's group has the permission to execute this action.
Appendix
Download MySQL version permission management system source code
MSSQL version permission management system source code download
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
