Simple design of system Permissions

Work time is not long, but I always want to write my own gains. The technology used by the company is also relatively simple. asp.net and js do not need to be used very much. The only thing to write is SQL statements.

Well, I don't need to talk much about it. I started to talk about some of my gains on system permissions in projects, but many of them are seen in projects. I just want to repeat them myself. There may be

A lot of questions and incomplete considerations, but I still want to write them out as a learning method.

Design Concept

(1) User table

Permissions vary depending on the login user. The user table is relatively simple. The simple table design is as follows:

    [user_no] [nvarchar]() NOT NULL,     [user_name] [nvarchar]() NULL,

 

    [action_id] [nvarchar]() NULL

(3) menu

The system functions exist in the Database. Some functions are obtained and displayed based on the permissions. The table is designed as follows:

 

    [function_id] [nvarchar]() NOT NULL,    [function_brother_id] [] NOT NULL,    [function_name] [nvarchar](

Why is there [function_brother_id]? One function in a menu may have multiple pages. For example, a user page may be called user information in the function, but multiple pages are involved. Each page requires permissions.
[Function_inmenu] is used to determine which page (only one) is linked to the menu in the same function ).

[Function_action] grants permissions to each function based on the permission list.

(4) Permission Group

Our permissions are differentiated by groups .. This is the core of our system permissions, but it is relatively simple.

    [group_id] [nvarchar]() NULL,

The basic information of the permission group is stored here. By default, system administrators and general users are used.

(5) user permission Group

Set the group in which the user is located. Our current system is designed to allow a user to have multiple groups, but I think it is okay for a user to set a group. If a user is not set to a group, the default value is normal.

    [group_id] [nvarchar]() NOT NULL,

(6) group functions

Set the functions in each group and the permissions of each function.

Note: The permissions in the menu are different from those in the list. A function may have the query and deletion permissions, but this function in this group only has the query permission.

 

    [group_id] [nvarchar]() NULL,

 

The table design is OK, which is relatively simple.

 

 

 

Procedure

(1) Login

When the verification is passed,

> Obtain the group corresponding to this user from the user permission table based on the user ID.

> Find the corresponding functions in the menu according to all functions of the group. Here, you can combine xml to form a function list,

In this way, you can implement some functions in the menu, while some do not have the permission, you can also find the permissions of this function (such as only the query permission, or new permissions)

Processing when entering the page

If this page function is not available in the group function, access is denied even if you directly enter the connection.

Find the function id on the page, and find the permissions of the group to which the login belongs. Hide and display the page elements based on the permissions. (If you do not have the new permissions, hide the new button)

In this way, the permissions of the login user, the permissions for accessing the page and the permissions for some operations on the page are realized.