客服电话
APP下载
迪恩网络APP
随时随地掌握行业动态
官方微信
扫描二维码
关注迪恩网络微信公众号
|
偶然看到博客园里 JadePeng 的 一篇关于ASP.NET MVC下的权限设计的旧文 http://www.cnblogs.com/xiaoqi/archive/2010/01/07/1641570.html,该权限设计中用到5个数据表,利用数据库中的Controller和action记录进行权限判断。 多年前我在一个web form的 web项目里用过类似的方式,当然那里没有controller和action, 主要是将判断函数放在基类里,在页面.cs里调用此函数作为权限判断。 这里提出一个使用XML+数据库+ session(cookie) 的权限方案,旨在简单易懂易用,设计粗劣,大家有兴趣改进。 因为个人觉得在普通的小系统里,角色role是有限的,一个系统里的controller和action总归也是有限的(1K以内?呵呵)。所以我用XML而不是数据库来记录这些。 几点说明:1、该权限系统是个网站用的,用户简单,因此不涉及到部门这些信息 2、基于将角色与controller、action相关联来判断用户是否有权 3、通过重载AuthorizeAttribute实现 ----- 前3项COPY自http://www.cnblogs.com/xiaoqi/archive/2010/01/07/1641570.html 4. 权限的设定保存于XML之中,权限在用户登录后存储于session(理论上cookie也可以),用户登录后判断权限无需查询数据库。 数据库设计:2个数据表,User 和 UserRole,字段简单,不多做解释了。
相关XML1. Role.xml --- 记录系统的所有角色,比如
Role.xml
<?xml version="1.0" encoding="utf-8"?> <role> <item> <name>Guest</name> <desciption></desciption> </item> <item> <name>Admin1</name> <desciption></desciption> </item> <item> <name>RegisterUser</name> <desciption>注册用户</desciption> </item> </role>
2. Permission.xml ---- 记录系统所有的操作权限 --- 在MVC里的权限是用Controller和action来判定的,此XML的作用在于提供给UI界面添加、管理系统的所有权限。 节点说明 -- module 节点为controller的名称,一个controller下的action 和 controller本身组成 permission节点 1 <?xml version="1.0" encoding="utf-8"?> 2 <permissionRoot> 3 <module name="Home"> 4 <permission> 5 <controller>Home</controller> 6 <action>Index</action> 7 </permission> 8 <permission> 9 <controller>Home</controller> 10 <action>KeepAlive</action> 11 </permission> 12 <permission> 13 <controller>Home</controller> 14 <action>About</action> 15 </permission> 16 </module> 17 <module name="Account"> 18 <permission> 19 <controller>Account</controller> 20 <action>LogOn</action> 21 </permission> 22 <permission> 23 <controller>Account</controller> 24 <action>LogOff</action> 25 </permission> 26 <permission> 27 <controller>Account</controller> 28 <action>Register</action> 29 </permission> 30 <permission> 31 <controller>Account</controller> 32 <action>Lock</action> 33 </permission> 34 </module> 35 <module name="General"> 36 <permission> 37 <controller>General</controller> 38 <action>SearchResults</action> 39 </permission> 40 </module> 41 <module name="Book"> 42 <permission> 43 <controller>Book</controller> 44 <action>Update</action> 45 </permission> 46 <permission> 47 <controller>Book</controller> 48 <action>Novel</action> 49 </permission> 50 <permission> 51 <controller>Book</controller> 52 <action>History</action> 53 </permission> 54 <permission> 55 <controller>Book</controller> 56 <action>Live</action> 57 </permission> 58 <permission> 59 <controller>Book</controller> 60 <action>Blog</action> 61 </permission> 62 <permission> 63 <controller>Book</controller> 64 <action>Military</action> 65 </permission> 66 <permission> 67 <controller>Book</controller> 68 <action>Other</action> 69 </permission> 70 <permission> 71 <controller>Book</controller> 72 <action>Detail</action> 73 </permission> 74 <permission> 75 <controller>Book</controller> 76 <action>HotBook</action> 77 </permission> 78 <permission> 79 <controller>Book</controller> 80 <action>LatestUpdateBook</action> 81 </permission> 82 <permission> 83 <controller>Book</controller> 84 <action>Index</action> 85 </permission> 86 <permission> 87 <controller>Book</controller> 88 <action>GetData</action> 89 </permission> 90 <permission> 91 <controller>Book</controller> 92 <action>GetBooks</action> 93 </permission> 94 </module> 95 <module name="Books"> 96 <permission> 97 <controller>Books</controller> 98 <action>Management</action> 99 </permission> 100 <permission> 101 <controller>Books</controller> 102 <action>CreateBook</action> 103 </permission> 104 <permission> 105 <controller>Books</controller> 106 <action>Edit</action> 107 </permission> 108 <permission> 109 <controller>Books</controller> 110 <action>Lock</action> 111 </permission> 112 <permission> 113 <controller>Books</controller> 114 <action>Delete</action> 115 </permission> 116 </module> 117 <module name="Role"> 118 <permission> 119 <controller>Role</controller> 120 <action>Management</action> 121 </permission> 122 <permission> 123 <controller>Role</controller> 124 <action>AddRole</action> 125 </permission> 126 <permission> 127 <controller>Role</controller> 128 <action>EditRolePermission</action> 129 </permission> 130 <permission> 131 <controller>Role</controller> 132 <action>Delete</action> 133 </permission> 134 </module> 135 <module name="User"> 136 <permission> 137 <controller>User</controller> 138 <action>Management</action> 139 </permission> 140 <permission> 141 <controller>User</controller> 142 <action>CreateUser</action> 143 </permission> 144 <permission> 145 <controller>User</controller> 146 <action>Edit</action> 147 </permission> 148 <permission> 149 <controller>User</controller> 150 <action>Delete</action> 151 </permission> 152 <permission> 153 <controller>User</controller> 154 <action>AddToRole</action> 155 </permission> 156 <permission> 157 <controller>User</controller> 158 <action>RemoveFromRole</action> 159 </permission> 160 <permission> 161 <controller>User</controller> 162 <action>CheckUserName</action> 163 </permission> 164 </module> 165 <module name="Config"> 166 <permission> 167 <controller>Config</controller> 168 <action>Category</action> 169 </permission> 170 <permission> 171 <controller>Config</controller> 172 <action>Property</action> 173 </permission> 174 <permission> 175 <controller>Config</controller> 176 <action>LinkFrom</action> 177 </permission> 178 <permission> 179 <controller>Config</controller> 180 <action>AddCategoryItem</action> 181 </permission> 182 <permission> 183 <controller>Config</controller> 184 <action>DeleteCategoryItem</action> 185 </permission> 186 <permission> 187 <controller>Config</controller> 188 <action>AddPropertyItem</action> 189 </permission> 190 <permission> 191 <controller>Config</controller> 192 <action>DeletePropertyItem</action> 193 </permission> 194 <permission> 195 <controller>Config</controller> 196 <action>AddLinkFromItem</action> 197 </permission> 198 <permission> 199 <controller>Config</controller> 200 <action>DeleteLinkFromItem</action> 201 </permission> 202 &l |
请发表评论