Java Web Custom Label button level permission control perfect Interpretation (Jplogic rapid development Platform)

            Let's talk about Javaweb permissions control, In the big direction, you can talk about permissions control in an integrated application system. Talk about permission control before you talk to everyone rbac. So what is rbac (role-based access control, role-based access controls),

            So how do we express our rights? So in my theory system, the permissions can be divided into many categories, such as in the application of functional modules of action operations, such as the business table CRUD Operations, open a view (window), upload files, etc., the application interface (UI) visual control, such as the interface menu display, the interface of a button display/enable control , these are the domain of privilege control in application system. In the process of making application system, we need to abstract the permission control things involved in your application so as to make the logic judgment in the system easy. Then, based on RBAC, let the stated permission relate to the feature role of our application. A simple sentence is actually to put your application involved in the Permissions control abstraction (description of permissions) The role of the associated system. Of course, your access system is complex enough to adapt to the various rights control requirements. We can extend other underlying support on the basis of the RBAC mainline. such as role groups, user groups, permission resource extension sub-information.

            Plainly, the main line of authority control is: "People---user-----" Permissions-> permission resource extension". So what does the B/s Schema application permission resource extension contain? In fact, the above has been said some. For example, the UI has a page menu, buttons, etc., functional, such as the user's one action action. This action action contains all possible business operations, such as uploading, crud, and so on, as above, and not mentioned above, such as we want to control the application of Service resources (SOA) \ WebService. This section deals with distributed permissions control, and of course, the application's database access (which is what we typically call access to data).

            Start talking about permission control in the Java Web. See a lot of this application or platform. The control of authority among them was not satisfactory. I've seen the authority of an architect's design platform, which I'm not sure I can compliment. He writes specific characters to the page in the design of permission controls on the button level. But what I want to say is that if the character is written dead on the page, the role changes or is deleted by the administrator. Then the permissions control that the role involves is invalidated. A little bit inflexible.

            In fact, the Java Web Rights control to do a very flexible extension is also very good, It's not easy! It's much more involved than the. NET WinForm permissions Control! The most common way to control the page-level permissions in the Java Web is to use a custom tag! The traditional universal label has not been able to meet the flexible permission control! In fact, in the Java Web Domain page button level of permission control needs to be based on the application of the corresponding features of the front-end technology design. Most of the current management application foreground is not a zero-based interface design, but instead uses some front-end technology to design the backend UI design for the management application system. This gives us easy access to the button-level control.

            Then we only need permission values to set the state of a particular UI resource!" such as the visibility of buttons, enabling, and so on.

            So the following is a jplogic of the permission control of the button level of permission control. Talking about button-level permissions, we can run into a problem that is how we describe the permissions button on the page! How do I associate a page button resource with permissions and how can I initialize these button permissions to be more flexible? These are all needed to be dealt with! Some people may say that the button permission initialization on the page can be added to the Administration page or written to a business operation during the initialization of the system. I do not think it is very flexible to do such a thing. This is not the way jplogic is. First, the permissions of each button resource permission record is not in the development process manually add the corresponding resource rights record in the database, nor in the background of the function management of the new page button corresponding to the resource permission value record, of course, is not in a business "action" to perform the Insert Interface button resource permission value record. Jplogic Button Permission value record initialization simply by clicking the mouse, the platform automatically gets every page access from the context temporarily stored in the UI resource permissions above the excitation! The grantee can find the button resource permissions he wants to authorize through a friendly authorization interface. This will bring great convenience to the implementation of the project in the future. This is more accurate, simpler, and more efficient than the right initialization process for the so-called rapid development Platform,

              Let's start by talking about the Jplogic permission control button level permission control. Jplogic button-level permission control is implemented based on the Java EE Custom label technology. Custom Label usage You can specify some label specifications based on the needs of the platform. Everyone is welcome to enter the group " 376447127 "Communicate with me about RAD content.

  First, the first step: defines the permission resource definition for the button level on the page. ( Define page button permissions The resource first requires aspects of a later permission resource search, as well as authorization "

            First you need to know the position of the button on the page (this position is not the so-called" physical "position, and the location of a path, but the logical position, that is, This button belongs to a module, " that is, the application administrator can find the rights resource in this location, and then it is convenient to grant a role

The management interface makes it easy to change the status of a permission button on a page of a role, such as visibility, enablement, or removing a picture from a button.

The practice in Jplogic is to specify that, according to the Jplogic specification, just add the following label on the page:

<jb:componentbase id= "Bomponentbase"  isjudgesession= "true" pagetoformmapping= " Org.jplogic.system.web.view.webform.SystemParamConfigMngForm "disablecontextmenu=" false "isloadinglistener=" true "></JB:ComponentBase>

where pagetoformmapping= "Org.jplogic.system.web.view.webform.SystemParamConfigMngForm" property specifies the module to which all the buttons on the page belong. Here it may be assumed that after specifying this property, is not every time you visit the page would like to request the server to update or add the page button resource permissions? Not really. Specifies that the property is provided with context support only for late initialization of the page button permission resource. Does not affect page access performance.

Once this attribute is specified, the platform automatically stores the button permission resource information on the page to the platform above. When initializing the button permissions only need to remove the corresponding UI permission resource information from this above, then persist to the database! In this way we can easily retrieve the page's button permission resources on the management side, and it is very convenient for this permission resource to be granted to a role.

Step Two: Page button permission validation (control)

When we need to verify the permissions on the button on the page, we just need to add the following permissions to verify the label on the page, of course, can not add. If not added, the button in the region will be authenticated (that is, we do not need permission validation for a public service button in some business scenarios, then we can specify a button permission resource that does not require permission validation), the following tag code:

<jb:uipermissioncontrol limitbytoolbarid= "Sys_param_toolbar" id= "Uipermissioncontrolid" > <JB: Toolbarcellcomponent id= "Sys_param_toolbar" celltype= "button" Btnselectname= "Dictionary management Tool" imgdisabled= "Tool.gif" Imgenabled= "Tool.gif" itemid= "0" optionitems= "" ></JB:ToolBarCellComponent> <jb:toolbarcellcomponent ID = "Sys_param_toolbar" celltype= "separator" imgdisabled= "" imgenabled= "" itemid= "1" optionitems= "" &GT;&LT;/JB: toolbarcellcomponent> <jb:toolbarcellcomponent id= "Sys_param_toolbar" celltype= "button" BtnSelectName= " Base parameter Set "Imgdisabled=" Sysset.gif "imgenabled=" Sysset.gif "itemid=" 2 "optionitems=" "></jb:toolbarcellcomponent > <jb:toolbarcellcomponent id= "sys_param_toolbar" celltype= "separator" imgdisabled= "" imgenabled= "" itemId= "3" Optionitems= "" ></JB:ToolBarCellComponent> <jb:toolbarcellcomponent id= "Sys_param_toolbar" celltype= " Button "Btnselectname=" Platform metadata Information "imgdisabled=" Wb.gif "imgenabled=" Wb.gif "itemid=" 4 "optionitems="" ></JB:ToolBarCellComponent> <jb:toolbarcellcomponent id= "Sys_param_toolbar" celltype= "separator" Imgdisabled= "" imgenabled= "" itemid= "5" optionitems= "" ></JB:ToolBarCellComponent> &LT;JB: Toolbarcellcomponent id= "Sys_param_toolbar" celltype= "button" btnselectname= "Mail Test" imgdisabled= "Mail.gif" Imgenabled= "Mail.gif" itemid= "6" optionitems= "" ></JB:ToolBarCellComponent> <jb:toolbarcellcomponent ID = "Sys_param_toolbar" celltype= "separator" imgdisabled= "" imgenabled= "" itemid= "7" optionitems= "" &GT;&LT;/JB: toolbarcellcomponent> <jb:toolbarcellcomponent id= "Sys_param_toolbar" celltype= "button" btnSelectName= "Adjust Skin" Imgdisabled= "Model.gif" imgenabled= "Model.gif" itemid= "8" optionitems= "" ></JB:ToolBarCellComponent> < Jb:toolbarcellcomponent id= "Sys_param_toolbar" celltype= "separator" imgdisabled= "" imgenabled= "" itemId= "9" Optionitems= "" ></JB:ToolBarCellComponent> <jb:toolbarcellcomponent id= "Sys_param_toolbar" ceLltype= "button" btnselectname= "Change parameter Properties" imgdisabled= "Execute.gif" imgenabled= "Execute.gif" itemid= "optionitems=" "></JB:ToolBarCellComponent> <jb:toolbarcellcomponent id=" Sys_param_toolbar "celltype=" separator " Imgdisabled= "" imgenabled= "" itemid= "one" optionitems= "" ></JB:ToolBarCellComponent> &LT;JB: Toolbarcellcomponent id= "Sys_param_toolbar" celltype= "button" btnselectname= "Refresh Parameters" imgdisabled= "Refresh.gif" Imgenabled= "Refresh.gif" itemid= "optionitems=" "></JB:ToolBarCellComponent> &LT;JB: Toolbarcellcomponent id= "Sys_param_toolbar" celltype= "separator" imgdisabled= "" imgenabled= "" itemid= "13" Optionitems= "" ></JB:ToolBarCellComponent> <jb:toolbarcellcomponent id= "Sys_param_toolbar" celltype= " Button "Btnselectname=" register buttons permission "imgdisabled=" Engine.gif "imgenabled=" Engine.gif "itemid=" "optionitems=" "></" Jb:toolbarcellcomponent> </JB:UiPermissionControl>

From the above <jb:uipermissioncontrol limitbytoolbarid= "Sys_param_toolbar" id= "Uipermissioncontrolid" > Specifies permission validation for the button permission resource on the page. This allows you to adapt to complex button-level permission controls on the page. Where the imgdisabled and Imgenabled properties specify the display picture of the button in different enabled states. Developers have the flexibility to specify.
The following is a demonstration of the button permission control on the page:

The preferred administrator user admin to the demo test user authorization, access to the Role Authorization Management page authorization, click the Role Action permission Authorization action:(give the user the corresponding function module and the corresponding operation rights), such as:

Then go to the Click Role UI Resource View permission to access the UI resource authorization interface and grant appropriate UI resource permissions to the appropriate role, such as:

After you grant the appropriate permissions to a role, you can grant the role that has the permission to the appropriate user, that is, the role-bound user, such as:

Then the user demo user logs on to the system to verify the authorization results, such as:

The above content is only part of the Jplogic permission control. Thank you for your attention, I hope that the above content to explain to you to help.  

Java Web Custom Label button level permission control perfect Interpretation (Jplogic rapid development Platform)