Role submodule
This part describes the author authorization module role in the sub-modules [flea-frame-auth].
Related table
Table Name | Chinese description |
---|---|
flea_role | Roles |
flea_role_rel | Role association (role, permission, permission group) |
flea_role_group | Role group (not involved in authorization) |
flea_role_group_rel | Role group association (role) |
1. Role
The table provided by the authorization module can be understood as a type of user with certain permissions.
Field name | Chinese description |
---|---|
role_id | Role number |
role_name | Role Name |
role_desc | Role description |
group_id | Role group number |
role_state | Role status (0: deleted 1: normal) |
create_date | Creation date |
done_date | Modified date |
remarks | Menu description |
2. Role association
Table authorization module, the current may be associated with roles , rights , privileges group ;
association type [ relat_type ] can define.
Field name | Chinese description |
---|---|
role_rel_id | Role association number |
role_id | Role number |
rel_id | Association number |
rel_type | Association type |
rel_state | Association status (0: deleted 1: normal) |
create_date | Creation date |
done_date | Modified date |
remarks | Menu description |
rel_ext_a | Associated extension field A |
rel_ext_b | Associated extension field B |
rel_ext_c | Associated extension field C |
rel_ext_x | Associated extension field X |
rel_ext_y | Associated extension field Y |
rel_ext_z | Associated extension field Z |
Roles are associated with roles , and the following concepts are introduced:
- Role inheritance , the associated role (child role) can inherit all the permissions of the associated role (parent role);
- Roles are mutually exclusive , and the associated role and the associated role have mutual restrictions on the permissions. When user authorization is performed, the two cannot be granted to the same user at the same time;
- Role cardinality constraint , the number of users that can have this role in the system is limited;
Role-associated authority records the authority information actually bound to the role.
The role-associated permission group records the permission information in the permission group actually bound to the role.
3. Role Group
The table provided by the authorization module can be understood as a collection of users with certain permissions;
it does not participate in the authorization itself, and the permissions under it are determined by its role members.
Field name | Chinese description |
---|---|
role_group_id | Role group number |
role_group_name | Role group name |
role_group_desc | Role group description |
role_group_state | Role group status (0: deleted 1: normal) |
create_date | Creation date |
done_date | Modified date |
remarks | Menu description |
4. Role Group Association
Table module provides authorization, currently associated with the role .
Field name | Chinese description |
---|---|
role_group_rel_id | Role group association number |
role_group_id | Role group number |
rel_id | Association number |
rel_type | Association type |
rel_state | Association status (0: deleted 1: normal) |
create_date | Creation date |
done_date | Modified date |
remarks | Menu description |
rel_ext_a | Associated extension field A |
rel_ext_b | Associated extension field B |
rel_ext_c | Associated extension field C |
rel_ext_x | Associated extension field X |
rel_ext_y | Associated extension field Y |
rel_ext_z | Associated extension field Z |
The role group association role introduces the following concepts:
- The groups are mutually exclusive , and the roles in the role group have mutual restrictions on permissions. When user authorization is performed, only one role in the group can be selected to grant the user or user group;