I. Rights Management
(Refer to "Rights Management-Baidu encyclopedia")
Definition: Generally refers to the security rules set by the system or security policy, the user can access and only access to their own authorized resources, not many.
Classification: From the point of view of control, it is usually divided into functional level rights management and data level rights management
The system only considers the function level permission management temporarily.
Implementation technology: Functional Rights Management, general use of role-based access control technology RBAC(role Based access controls). The technology is widely used in various systems and is very easy to master. The technical model is as follows:
Permission settings
1) Role (POST) management page: Set permissions
2) User Management page: Set up roles
Permission control
1) Menu Permissions
2) Hyperlink Permissions
Features of permissions in Web apps:
1) Each function has a corresponding URL address
2) Access control of the function is the access control of the URL address
3) One function may correspond to one or two URL addresses (for example: New page and new submission)
Permission validation
The key of permission control in Web application: Intercept the URL address, define a filter to
Specific features:
1) Initialize the data
A. Permission data
B. Super Admin
2) Assigning Permissions
A. Assigning permissions to Roles
3) Permission to use
A. Login, logout, Main page
B. Navigation menus are displayed according to permissions
C. Hyperlinks are displayed according to permissions
D. Intercept each request to verify that the user has permission to access
II. Management of the Department
Slightly
Third, the general code
Slightly
Four, the System Management module entity design
(Pending completion)
WEBWMS Development process Record (iv)-detailed design of the system management