Three levels of gossip permission Design

Transferred from:

Http://www.cnblogs.com/tsoukw/archive/2010/09/27/1836485.html

 

I like Jin Yong's martial arts, and I am happy with his novels.

For example, his sword, from the unsung sword, the Xuan iron sword, to the wooden sword and even the final no sword, does not know how many xuanjicang will be broken in the world.

The software design is similar to the sword.

Let's take the familiar permission design as an example. Let's talk about three levels of permission design.

Level 1: a sword in the hand and a sword in the heart

When I was young, I thought that as long as I had this powerful weapon in my hand, I would be the only one in the world.

"XX, how can anyone check your salary inquiry system? "

"Ah ?... "

"Only the General Manager and his assistant can check! "

"Oh ..."

If (session ["userid"] = NULL)

Throw new permissionexception ("Logon required ");

String userid = session ["userid"]. tostring ();

If (! (Userid = "88.00" | userid = "888.00") // The General Manager's user ID 88, the general manager's assistant user ID: 888

Throw new permissionexception ("You are not authorized to access this page ");

Permission is actually very simple at the beginning. Who can not?

Then I heard that most pages should be controlled, and soon:

Public class permissionhelper

{

Public static bool checkpermission (string pageid );

}

Encapsulate that part in one wayCode.

Create another table and enter which pages can be accessed by users.

Pageid userid

---------------

Salary query 88.00

Salary query 888.00

Salary input: 99.00-Personnel Supervisor

----------------------------------

In this way, you only need to checkpermission in pageload.

Next, you can inherit a class from the page for permission control, and then only call checkpermission once in this base class.

Public class permissionpage: system. Web. UI. Page {

Override pageload (){

Permissionhelper. checkpermission (pageid );

}

Protected abstract string pageid {Get ;}

}

The permission page inherits this class and override pageid can complete the permission control on the current page.

Of course, there are other methods in Asp.net, such as using Asp.net's httpmodule, you can complete permission control before accessing the page. This method has lower coupling and higher flexibility, however, it may take some time to record the request URL and pageid.

URL pageid

------------------

Salaryquery. aspx salary Query

Salaryedit. aspx salary Input

------------------------------------

The west wind withered green trees last night. A tall building exclusive to the sky

Attach, work hard, and finally give the sword out of the sheath.

Of course, everything in the world is different.

You can control the permissions by controlling the status of various controls of webform (such as enable and visible of the button ).

Also, in MVC, attributes are set in controller.

Control Menu

Control the column spaces of tables in the database and add, delete, modify, and query

It can be said that the Eight Immortals have crossed the sea, and they have all made achievements under their own sphere of influence.

A sword can also be used to kill people.

But I don't know where this sword works?

So today we are still using Qinglong sword, but tomorrow we will find the yundun knife is sharp, and it may turn into a knife.

Stay in this realm, that is, there is no sword in the heart, and eventually it is just a swordsman

To be a swordsman, you must also really study different swords, understand the essence of the sword, and forge a perfect sword suitable for your own style-xuan tie

This is also the second level of realm: the sword in the hand, and the sword in the heart

With a sword in mind, the sword in the hand can direct to the target, more sharp, more direct, killing invisible, truly arrogant world.

To reach this level, in addition to the courage and perseverance to "let everyone go for Iraq and never regret it,

Wuzhi

What are permissions?

It is nothing more than preventing unauthorized people from accessing unauthorized things.

Who has the right, who has the right

This is the expression of permissions.

Whether it's 01 or table record, the file configuration is fine.

Always tell

The correspondence between people and things can only be achieved. Our permission control is what things have.

Of course, most of the time these two do not correspond directly,

For some reason, such as easier management, easier program writing, and easier interface provision, some intermediate processes are often designed.

If a person is added to a group, the group will

Things can also form a group

However, no matter how many layers are in the middle, they eventually correspond to people and things.

Eventually, a similar

Haspermission (userid, resourceid) (with or without permissions ),

Permissionresource (userid) (user permission resource ),

Permissionuser (resourceid) and other methods.

With permissions, access to unauthorized resources cannot be blocked. It is just a dead thing and needs to be used somewhere.

This is the control of permissions, including

1. Select the control location, that is, where to start and where to control

Through pageload, httpmodule, and cross-cutting control before method calling through AOP, etc.

If it is a resource permission, the resource permission may be filtered in the resource drop-down box, and the resource permission can be determined based on parameters during submission.

In the end, as long as you remember, this is the place of control

How to make the system simpler and easier to manage depends on the system architecture. Its flexibility also makes the selection of control locations smooth and simple.

2. the control process is divided into four steps.

A. identify a person

Cookie, session, or the userid variable in C/S, or the user ID of the WebService SOAP header after logon, or the IP address or mobile phone number.

B. Recognition

URL, all variables in the parameter are required, and the Object ID in the permission expression is converted

C. Call haspermission to determine the permission

This is determined by the permission representation.

D. Implement control policies

If you do not have permission, you can switch to the logon page without permission, or throw an exception, or click button. Visible = false to control permissions.

After the identification of this essence, we can forge the true Xuan iron sword.

Design a general scheme for permission Representation

That is, the simplest abstraction that can be used in general.

---------------------------------

Don't speak fast. Just intercept it.

In the process of system architecture, how to quickly implement a system that can be tested and used by users is the most important. As for some underlying service frameworks, such as data access, AOP cross-cutting, IOC, and logs, the more perfect, the better, the simpler it is. You must use it on the basis of your understanding. With this foundation, Even if you cannot meet certain requirements, it can also be easily implemented through self-modification.

Let's talk about logs. For some new users, there is no need to use log4net to directly use TXT lines of code to record the logs. Otherwise, when a program error occurs, in addition to searching for programs for errors, you may also need to find out why there are no logs.

Another example is AOP. Let's first think about the overall architecture. Why does it need AOP and when to use AOP? If spring.net and caslte are used, only one wheel will appear, and the whole car warehouse will be moved, it is not difficult to use, but it cannot be used. If you don't use the best things, it is equal to zero. The key is for people who are not familiar with it. Once a problem occurs, maintenance is quite troublesome.

Of course, the above is only applicable to unfamiliar people. If you are familiar with Castle or log4net, just like what moles your wife has and where you know it, then let's talk about it separately.

Okay, pull it back. It's no longer running.

--------------------------------------

1: object, corresponding to group

2: corresponding to user and group

Basically, this simple abstraction can be used to represent the vast majority of permissions. (If you are lucky enough to have a permission representation that cannot be completed by the remaining 5%, You can abstract it again, the final permission representation method is)

You only need to write the permission method once to use it in any permission category.

Copy several permission configuration fragments.

Ajax Permissions

--------------------------

Role, Object

--------------------------
Admin ,*

?, Pciweb. programshelper. Programs

?, Clienttool .*

?, Webfilebrowser_cifiles .*
?, Webfilebrowser_pqm .*
?, Webfilebrowser_iso .*

?, MRB. bookingservice. roombooking
?, MRB. bookingservice. roombookingafternow
*, MRB. bookingservice. Cancel
*, MRB. bookingservice. Booking

-- PQM System
Pqm_exced, PQM. excedservice .*
-- 7 s, lean, Kaizen
Pqm_ci, PQM. Ci

This is the permission to directly access the DB service.

--------------------------

Role, Object

--------------------------
Admin ,*

?, MRB/room_query
?, MRB/borrow_query2

-- Anyone can query the daily supermark returned to the orders table.
?, PQM/exced_query
?, PQM/excem_query
?, PQM/excedd_query
?, PQM/excem_query2

This is the correspondence between user and role.

------------------------------

User, role

------------------------------
850.00, admin

850.00, pqm_exced
206.00, pqm_exced

54.00, admin
54.00, pqm_exced

Second, different people may have different system architectures for different control locations.

The author's system architecture adopts the RIA architecture + SOA service,

Therefore, the service layer uses the AOP Cross-Cutting Method to Control Service permissions.

The data permission also abstracts several UI controls and uses the permissionresource method to filter the drop-down list box and pop-up grid. During service calling, the haspermission method is called directly in a specific program for control.

The powerful Xuan iron integrated with the essence of the sword has been released, so it is invincible.

This sword is no different from the old nameless sword, but his forging process is more standard, and it also requires internal force support.

For example,

URL control may only apply to Web applications.

However, although the visible of the control button can control winform, what can be done with WebService permissions?

After clarifying the essence of permissions, the permissions are implemented in a unified or independent manner for different parts, so as to be specific and not blindly follow.

In particular, if your system is specific to a specific range, you can implement a general permission architecture.

With the implementation of this layer, the realm of the third layer is actually a matter of course. This is

There is no sword in your hands and a sword in your heart

After all, the sword is tangible. No matter how light or versatile it is, it will always be very tired to carry it everywhere.

As long as there is a sword in your heart, it means the wooden sword in your hand can also be used to kill people.

The departments I serve have many old systems with various permissions. In addition, the systems of Brother companies also have independent permissions. For this part, I wanted to rewrite it all, and then I finally put it down.

Whatever means can be used to achieve the goal

It's just different from the beginning. At this time, we can be very clear about how these additional permissions are implemented, whether they have vulnerabilities, and so on.

It's also a good trip.

In fact, the Controller Control of MVC is also very good. No one has made a blind spot here.

In fact, the control of webform is also running stably, so far it has been running smoothly

Existence is reasonable

Why do we need to change them? Why do we need to spend so much time repairing and restructuring?

There are too many things to do in your life, and there are many things that are more important than permission control. How to make it easier for users to check and make information more comfortable, how to make the screen smoother...

The best way to manage resources is to manage the methods used.

For example, a WebService

The system has such a WebService in total.

Only Local access is allowed (data exchange between the same host and different systems)

Then write it directly in the method.

If (httpcontext. Current. Request. userhostaddress! = "127.0.0.1 ")

Throw new permissionexception ("sorry, you are not authorized to access this Web Service ");

This does not include

Permission representation: in the code, hardcode has the permission only when the user is 127.0.0.1.

Management location: before the main code of the execution Method

Identified by: httpcontext. Current. Request. userhostaddress

Identifier: it is the method call currently under control (which is implicit here)

The call permission indicates method verification: httpcontext. Current. Request. userhostaddress! = "127.0.0.1"

Action in case of no permission: Throw new permissionexception ("sorry, you are not authorized to access this Web Service ")

It is also a standard permission control solution.

The secret is the sword

Check whether any vulnerability exists according to the permission principle.

Without a sword

While searching for her, she looked back, but the man was in the dark