The authority system design my implementation of MVC4 + WebAPI + EasyUI + Knocko
One, foreword
Before blog has not write implementation and system framework, today write permission of my system, I have done before the project basically all have permission to manage this module, but each system has not the same, some simple, some is a bit more complicated, in a word, the system we do all cannot do without the permission system. So a lot of people on the Internet to do a general permission system, not to comment on what they do, just say to find on the Internet can be used directly should not, applicable and can be integrated into the project is less, so still consider doing a himself, not necessarily very general, but sufficient permissions system for my own use.
Two, demand analysis
On the permissions system innumerable articles online, many of them are role based access control (RBAC) design. But the full realization of RBAC theory is not necessarily good, I want to be a suitable for their own. So first we need to clarify what we want to achieve.
1,To access the resources
The A. menu permissions; manager and clerk login function menu system have is not the same
The B. button permissions; managers to examination and approval, and the clerk can not
C. data access A salesman B does not see sales documents
The D. field permissions; some people query customer information can not see the customer's mobile phone number or other fields
2,The user , the operator application system, I design the user cannot be directly assigned, must be assigned a role, the role of redistribution, if a user is special, for he built a role to solve, because if the user can also assign permissions system will be more complex.
3,The role of , in order to carry on the classified management of many have similar users, defined the role concept, above all the right resource can be assigned to roles, role and user N:N.
4,Mechanism of , the corporate sector structure tree, Domestic Company are more used, it is actually a group of users, the relationship between institutions and the role of N:N, mechanism and the user is also designed to N:N, that is sometimes a user can belong to two departments, in this case our customer needs really are too.
Of course, in addition to the main objects mentioned above also includes the following objects
5,Menu
6,Button
7,Before the authorization code I do project control data access has the following two:
A. department code to control, can only query to their subordinate departments data
B. project code to control the query, only to their own project data.
So there is a problem, I really want to control data access with what field, so we design an authorization code, if you are using a mechanism to control data access, so you can put the authorization code built with institutions like the tree, if the project code control, could build project tree, with other field control are the same, so it is more flexible, the institutions or projects liberated.
8,Data dictionary
9,System parameters
10,Log log log, log (XX XX time to do XX operation to customize the XX object), system log (system error record such as log4net output)
Three, design and Implementation
1,The table structure design
2 program design
I still use mvc4.0 + web API + easyUI + knockout to realize. I actually almost realized before, have been trying to spend time updating.
This system is too big, this article is certainly not say, I am here to say on the whole. The design ideas, then every piece of writing implement, a piece of a function, we look forward to my next article.
3,UI design
Not much to say, first, I posted the previous version in the first blog, recently there are some updates, then paste it again, this time. More detailed points, also with some text descriptions.
Function 1: menu navigation
[Menu navigation] 1: including new modify delete function, edit directly in Grid
[Menu navigation] 2: select the icon
[Menu navigation] 3: choose the page button to define this function has only a few buttons
[Menu navigation] 4: management button library CRUD
Function 2: organizational structure
[Organizational structure:] 1 tree structured graphical, can add edit delete nodes
[Organization structure] 2: edit node
[Organizational structure:] 3 set role
Function 3: authorization code
[Authorization code] tree grid can add edit delete
Function 4: role management
[Role management] 1: directly in the grid to add edit delete
[Role management] 2: permission to edit popup window click on the select menu character limit, permission
[Role management] 3: editing permissions, select the menu appears authority of the line only grid, each function has been defined which button in the menu, just click the button.
[Role management] 4: editing data permissions can choose, but only a default value, business documents the role authorization code added to the default authorization code.
[Role management] 5: editor appears selected menu authority of the bank will only field permissions grid, directly in the input field names to allow or deny, multiple fields are separated by commas
[Role management] 6: click on the members of the management, open the window
[Role management] 7: member management click on the Add button
Function 5: user management
[User management] 1: left mechanism can be directly in the grid filter, to check the user
[User management] 2: setting mechanism can be selected, the mechanism of entry of too many, the scroll bar, less would look good.
[User management] 3: set role can be selected
[User management] 4: user settings configuration information user, such as specifying the user's desktop, the default project, different systems may have different needs, so this design can add and delete, upper right corner drop out of the [personal settings page can also refer to the data here
Function 6: Data Dictionary
[Data dictionary] 1: left category tree can be filtered, the left is a tree grid, can have a hierarchical relationship, edit directly in Grid
[Data dictionary] 2: click the management category, category can pop in the grid CRUD
Function 7: system parameters
[Edit] system parameters directly in grid, one can edit field design, can only edit is editable true parameters
Function 8: operation log
[The operation log] 1: log log
[The operation log] 2: business operation record
[The operation log] 3: the system log
[The operation log] 4: the system log for system log
Four, the
If you are interested, you can help me [recommended] in the lower right corner of it, thank you. I then in accordance with the list of features an article to write, a write on the start menu management.
The whole system is developed using my zephyr.net framework, using mvc4.0 webapi easyUI knockoutjs development of the implementation of the.
Many friends because of some questions for me, so I simply created a technology exchange QQ group: group A: 328510073 (full), two group: 167813846, welcome to communicate.
Posted by Tony at November 13, 2013 - 1:45 AM