Project target deployment environment: CentOS 7+
Project technical points: .netcore2.0 + Autofac + webAPI + NHibernate5.1 + mysql5.6 + nginx
Open source address: https://github.com/wmowm/nh.core
Haha, this chapter actually has nothing to do with .net core. For the convenience of explaining .net core later, we will use this function as the entry point. This function point is also what many small partners expect.
Permission, in layman's terms, is the system to determine whether a user can perform an operation
Let's first simulate a business scenario: a listed company holds multiple groups in multiple regions, and each group has multiple subsidiaries
Analysis 1. This company is so big, at least there are thousands of people, the problem of data loading
Analysis 2. There must be many positions, and there will be overlaps, such as subsidiary A and subsidiary B, their organizational structure may be 80% the same
Analysis 3. A single responsibility, a certain role, in a certain field, it only has certain functions, otherwise it will be confused in the later stage, and cross-functional everywhere
Analysis 4. OOP ideas, decoupling from each other, because these operations may be coordinated by multiple people, it is impossible to get stuck at a function point and wait all the time
Analysis N. It will be supplemented by gardeners later.
Here are a few basic tables, I drew a prototype diagram here, and explained according to the prototype diagram
user table
Enter basic user information, each user is an independent object
menu table
Create a menu, the permission group is a configuration file, which contains all the permissions, we can check which permissions it has according to the menu
role table
Create a role, check some permissions of the menu permission group, the list here can be done without being so complicated, you can add a view button separately to view all permissions of a role
Organization table
It is also easier to understand here, that is, CRUD a treeview, we do not have a position yet, so we will not operate the position
job list
Here is the CRUD position table. When the position table has data, in the organization table, these positions can be mounted
The tables described above can be operated independently, and the operation is very simple. We need to associate them now. Here I will explain it in combination with the database structure.
1. Organization mount/remove positions
Here we introduce a relationship table, OrganizationPosition
id oid pid
primary key institution id job id
1 1 1
2 1 2
3 2 1
4 2 2
------------------------------------------------------------------------------------
Their relationship oid one-to-one pid
Note: 1. When mounting, determine whether the position exists
2. User authorization
Expand the organization, click on the position, two tables will be displayed, a user and a role, we are here to authorize the role for the user
According to oid and pid, the opid can be queried
Here we introduce a relationship table, PositionUserRole
id opid uid rid
primary key institution position id user id role id
1 1 1,2,3,4 1,2,3,4
2 2 5,6 1,2,3,4
3 3 11,111 1,2
------------------------------------------------------------------------------------
opid and uid one-to-many
opid and rid one-to-many
uid and rid many-to-many
Here you may ask questions about the query, such as wanting to know which roles uid=1 has
Use the more common methods of fuzzy query uid like '1,' or uid like ',1,'
Because my ORM is using NHibernate, the query does not have to worry about these problems, I fill the queryer like this
in (object1, object2)
Note 1. A user can only have one position. If the position has cross-departmental permissions, the corresponding role can be added to the position
Let's simulate the login process
User login --> get the user object --> query the PositionUserRole table, [get multiple roles, get the opid] --> get the user's organization information and position information according to the opid
If you think it is helpful to you, you can give me a star for the open source project
Open source address: https://github.com/wmowm/nh.core