The idea of "permission management" is best achieved through "role" + "permission ".
Source: Internet
Author: User
The idea of "permission management" is best achieved through "role" + "permission... In the face of complicated permission settings, I think if and else can't be written directly. I want to ask for advice on permission management, preferably through roles and permissions.
Such as Question...
In the face of complicated permission settings, I think it should be okay to write if and else directly.
Tutorial ideas permission roles:
------ Solution --------------------
The permission table should be created when the table is created. a role's attribute foreign key is associated with the table.
------ Solution --------------------
Generally, after identity recognition (logon), the role is introduced to the session, and the permissions are obtained based on the role table.
------ Solution --------------------
Table design: role Association menu (Level-1 menu ~ Level 2 menu ......), Role Association operations (view, delete, search, and modify)
------ Solution --------------------
Determine the expression and storage of permission words first
The integer type of php is logn and has 64 binary bits.
Therefore, it is sufficient to meet the needs of most applications. (Each binary represents an action)
Each role has one permission word, and each user can have multiple roles.
Each user can also have an exception
The combined permissions are obtained using bitwise operations:
User permission = role permission xor exception
Where: role permission = user's role permission or user's role permission...
------ Solution --------------------
Role <-> permission; permission <-> menu
------ Solution --------------------
Find out the RBAC design mode.
------ Solution --------------------
A user table is associated with a user group table and a user group table is associated with a permission table. when a user enters the table, the user first determines which group the user belongs to and then sets permissions based on the group. many open-source products are designed like this.
------ Solution --------------------
A simple role stores every method and uses this method to determine whether the user role has this method permission.
------ Solution --------------------
The RBAC permission mode allows you to view a large number of permissions on the Internet.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
A Free Trial That Lets You Build Big!
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
