User permission management and dynamic menu implementation

Recently, I have been developing an operation system. After completing the preliminary requirements, I decided to use both the B/S and C/S modes at the same time, mainly considering their respective advantages and disadvantages, b/S is mainly used for operators and engineering groups of scattered users, and C/S for some management users.

Let's write down your work on permission management. please correct me if you have any shortcomings.

Roles and user groups are mainly used in the design. However, the role here is odd, and it is also a controversial part of the general design. He insisted on a direct user authorization, the concept of role is roughly divided into several categories according to the user nature in specific authorization operations to facilitate authorization operations. It is called a virtual role. I still prefer the user-> role-> Role authorization-> module.

The above is a function authorization, and the user group is used to restrict data access. It is divided into operator group and engineering group, which is used to specify the group's jurisdiction, which also involves cross-region issues. Another group is the Management Group, which specifies Group 1. This solves the problem of data access domains.

The presentation capability is not good, and it may be unclear. The model Diagram for my database below is in a hurry and some tables are omitted. Useful user tables: acount_users; Tables group1 and group2 are mainly used to control data access permissions. In tables rolepermission and table modules, they are mainly used to manage functional permissions, to put it bluntly, it is the menu that controls user access. In the upper-right corner, a category is created for authorization convenience. As mentioned above, this design does not use a real role concept.

Dynamic menus are mainly divided into B/S and C/S.

Let's talk about the B/S mode first. This is super simple. I used the framework and Treeview, and listed all the allowed menu items in the Treeview after the user logs on, you only need to create a link for each menu item. However, this is not all. A class method is called on each page to check the function permissions. Verify the data access permission when necessary.

The C/S mode is similar to the B/S mode. It uses the MDI sub-form Loading Method for each module of the MDI container. After a user logs on, the menustrip control is used to dynamically load menu items according to the user's authorization, and add each menu item to a click event Delegate, this delegate is used to determine the subform ID when you click to load the subform.

Here we only briefly describe our methods and omit the class design. I have tried it myself. Some designs may not be scientific and there are some problems. I hope you can correct them more and hope they will be helpful. If you have a good solution, please kindly advise.