[Open Atom Training Camp (Season 3)] InBuilder Low Code Development Lab Permission Control Analysis

Hello everyone, I am Liu Ming, a ten-year entrepreneurial veteran and open source technology enthusiast.
I published an article before, introducing inBuilder, a low-code platform launched by Inspur Haiyue. This article will continue to introduce inBuilder’s permission management system. Before reading this article, it is recommended to understand the product functions and features of inBuilder. For details, please refer to the previous article:
[Open Atom Training Camp (Season 3)] InBuilder low-code development laboratory hands-on experience

Basic Theory of Authority Control

There is a model called RBAC model in the authority control, I believe that children's shoes who have developed the background should have heard of it more or less. The full name of RBAC is Role-Based Access Control, and Chinese is a role-based access control model. Under this model, each user has one or more roles, and obtains corresponding access rights by playing different roles.
For example, a company has two roles: manager and ordinary employee. The manager has the approval authority, and the ordinary employee only has the permission to view and report. User A's role is a manager, and he has the approval authority; User B's role is an ordinary employee, and he only has the authority to view and report.
In this example, what is easily overlooked by us is that in a management system, the role of the manager does not naturally have approval authority, and the role of ordinary employees does not naturally have the authority to view and report. These authorities are granted by the board of directors. Similarly, in the management system we developed, there must also be a super administrator who grants different permissions to the roles of managers and ordinary employees.

inBuilder permission management

In the permission management of inBuilder, we must focus on the following three concepts:

1. staff
2. post
3. functional group

Each employee has his or her own position, which is in line with our daily experience. The [position] here is actually the [role] in RBAC.
What is difficult to understand is the concept of [function group].
Functional groups are the permissions mentioned in our example. The manager's approval authority is a functional group, and the general employee's viewing and reporting authority is also a functional group. Some children's shoes will ask, why not call it a function but a function group? In fact, this is for the convenience of authorization. For example, viewing and reporting permissions are two functions. After we group them into one group, each time you authorize, you only need to select this function group, instead of checking and reporting separately.

Grouping is for the convenience of operation.

In a large company, there are especially many employees, many positions, and many functions. In authority management, functions that are often used together can be grouped according to business needs, employees can also be grouped according to different job contents, and related positions can also be grouped, so inBuilder has [User grouping] and 【Position grouping】. Further grouping 【Functional Group】, there will be 【Functional Grouping】.
Forehead. . . Grouping of functional groups. . . Sound awkward?
It's okay to feel awkward, because in developing small systems, it doesn't need to be so complicated at all.

How to manage rights in inBuilder

Follow the steps below to set it up:

1. Add functional groups (if you do not set functional groups, you cannot add functional groups (灬ꈍ ꈍ灬))
2. Add function group
3. Add job grouping (if you don’t set job grouping, you can’t add jobs (灬ꈍ ꈍ灬))
4. Add a position (if you don’t set a position, you can’t add a user (灬ꈍ ꈍ灬))
5. Add user group
6. Add user

see it? Before adding functional groups, positions and users, be sure to add a group first.

Then it's time to authorize.

Functional Group Authorization

After entering the function group, click [Function Permission] in the upper right corner to enter the function check page, and check all the functions.

Post authorization

Enter the post setting page, select the post that needs to be authorized, click the [Edit] button in the upper right corner, and then select the corresponding function group in the [Authorized Function Group] at the bottom of the page.

user authorization

User authorization is quite simple, you only need to set the corresponding position when adding users.

After several steps of authorization, the user has a corresponding position, and the position has a corresponding function group, and the authority management is basically completed.

Some children's shoes said that the application development was completed and the menu was released, but the corresponding menu was not viewed. In this case, there must be a problem with the rights management. It is recommended that you check the following aspects:

1. Do not use the super administrator account to view the menu. You should add a new user and authorize it, and use the new user's account to view it.
2. View the list of functional permissions for a functional group. There is a high probability that newly developed applications are not added to the default function group.

If the above 2 items have been checked, the problem has not been solved. Then according to the introduction of this article, set up new function groups, positions and users from the beginning again, and then take a look.

I am Ming Liu, a ten-year entrepreneurial veteran and open source technology enthusiast. Whether you are communicating and learning, or have development needs, welcome to contact us by private message.
If you have any questions, please contact Lao Liu.