Obsessions .NET rights component - field access (access to data table fields) can be solved by rights data columns control requirements ...

Why 80% of the code can not do farming architect? >>>  

Access control client agreed to write a program to control data column, having been to the middle of the night more than 1 point, or bite the bullet and adjust the programs, documents are written, clients go to work tomorrow, you can see an example of a program, hoping to meet the actual needs of customers.

 

 In fact, store permissions, see through, is a very simple thing, is, " What is the object what rights to what resources? " This logic can save ok, you like this design, others can easily read your program, easy to understand your database design, and will easily maintain some.

   With a thought around not contradictory, to achieve out of the whole system, but some is not easy, a lot of links will appear contradictory, ideas, confusion, so the time to remind themselves, their rights system is based on "what objects to what resources What rights? "the guiding ideology of the design, if contrary to this idea, it would be careful to think deeply, re-organize your thoughts.

 

What objects : determining various objects in the system is unique, and requires two parameters, a class object is a primary key object, like ERP in the Receipt (order number).

What Resources : What resources is the same, but also need a classification, a unique primary keys to identify resources.

What authority : The easiest way is to have a permission form, only the primary key to identify the uniqueness, instead of "Which + module which features" permission to identify, as it is too cumbersome, and future extensibility, maintainability Some are poor, we can not be flexible to adapt to complex situations.

 

That control table columns, is the same reason, there should be a definition of authority, the authority called "table columns Access Control", what the object is a user or role, what resources are listed for each table.

 

That there is a problem to be solved: so many tables, what are the fields? If all rely on manual input, it really is out of the dead, do not say is not accurate, you end up typing, repeatedly maintained unless there is super patient, otherwise difficult to achieve accuracy and efficiency; the idea is to solve the problem: " We do not design detailed PowerDesigner data model it? take this not only generate code, can also generate documentation data table field "

 

1: First you need to define a privilege, this privilege is called "table columns Access Control."

 

2: We designed the PowerDesigner in the hard structure of the tables, notes and other various fields, first, that the design principles to achieve, what are the database table, what fields should be automatically generated from this design, rather than to manually re-enter data.

 

3: Then we reuse this well-designed, improve the code generated, so that the code generator to automatically generate these tables, field descriptions.

 

4: then we run at these automatically generated by the program good table structure described, then we set the contents of the can have been.

Code

         ///   <summary>
         ///  自动生成设置表字段
         ///   </summary>
         private   void  SetTableColumns()
        {
             this .UserCenterDbHelper.Open();
            BaseRoleManager roleManager  =   new  BaseRoleManager( this .UserCenterDbHelper,  this .UserInfo);
            roleManager.SetTableColumns();

            BaseUserManager userManager  =   new  BaseUserManager( this .UserCenterDbHelper,  this .UserInfo);
            userManager.SetTableColumns();

            BaseStaffManager staffManager  =   new  BaseStaffManager( this .UserCenterDbHelper,  this .UserInfo);
            staffManager.SetTableColumns();

            BaseModuleManager moduleManager  =   new  BaseModuleManager( this .UserCenterDbHelper,  this .UserInfo);
            moduleManager.SetTableColumns();

             this .UserCenterDbHelper.Close();
        }

 

5：那运行好后，数据库里，就会有表结构的字段说明数据（这些都是代码自动生成的，靠人工输入会搞死人的，表结构有变化了，重新运行一次就OK了，省事了，彻底可以做到全自动化了，爽啊）。

 

6：在运行权限设置页面，用户、角色的字段访问权限可以进行设置了。

 

7：设置用户的字段访问权限效果图如下：

 

8：在没控制表格列的访问控制时，运行效果如下：

 

9：按权限控制后，显示出来的表格为，没有允许访问的字段，不是公开的字段，就无法看到了，都被隐藏掉了：

 

10：数据列的权限控制代码如下参考：

代码

// ------------------------------------------------------------
//  All Rights Reserved , Copyright (C) 2010 , Jirisoft , Ltd. 
// ------------------------------------------------------------

using  System;
using  System.Data;
using  System.Web.UI.WebControls;

namespace  DotNet.Web.Permission
{
     using  DotNet.Business;
     using  DotNet.Manager;
     using  DotNet.Utilities;

     ///   <remarks>
     ///  TableColumns
     ///  表字段权限的例子
     ///  
     ///  修改纪录
     ///  
     ///     版本：1.0 2010.07.13    JiRiGaLa    写好例子程序方便别人学习。
     ///     
     ///  版本：1.0
     ///  
     ///   <author>
     ///          <name> JiRiGaLa </name>
     ///          <date> 2010.07.13 </date>
     ///   </author>  
     ///   </remarks>
     public   partial   class  TableColumns : BasePage
    {
         protected   void  Page_Load( object  sender, EventArgs e)
        {
             //  当然是用户需要登录，否则哪里能知道，现在是判断谁的权限啊？
             this .UserInfo  =  Utilities.Login( " [email protected] " , String.Empty);
             //  设置表字段
             //  this.SetTableColumns();

             //  先设置表格的字段状态
             this .CheckUserTableColumnsPermission();
             //  显示用户
             this .GeUserList();
        }

         ///   <summary>
         ///  自动生成设置表字段
         ///   </summary>
         private   void  SetTableColumns()
        {
             this .UserCenterDbHelper.Open();
            BaseRoleManager roleManager  =   new  BaseRoleManager( this .UserCenterDbHelper,  this .UserInfo);
            roleManager.SetTableColumns();

            BaseUserManager userManager  =   new  BaseUserManager( this .UserCenterDbHelper,  this .UserInfo);
            userManager.SetTableColumns();

            BaseStaffManager staffManager  =   new  BaseStaffManager( this .UserCenterDbHelper,  this .UserInfo);
            staffManager.SetTableColumns();

            BaseModuleManager moduleManager  =   new  BaseModuleManager( this .UserCenterDbHelper,  this .UserInfo);
            moduleManager.SetTableColumns();

             this .UserCenterDbHelper.Close();
        }

         private   void  GeUserList()
        {
             //  获取用户列表
            BaseUserManager userManager  =   new  BaseUserManager();
            DataTable dataTable  =  userManager.GetDT();
             this .grvUser.DataSource  =  dataTable;
             this .grvUser.DataBind();
        }

         private   void  CheckUserTableColumnsPermission()
        {
             //  当前用户能访问那些字段？
             this .UserCenterDbHelper.Open();
            BaseTableColumnsManager tableColumnsManager  =   new  BaseTableColumnsManager( this .UserCenterDbHelper, UserInfo);
            DataTable dataTable  =  tableColumnsManager.GetTableColumns( this .UserInfo.Id,  " Base_User " );
             this .UserCenterDbHelper.Close();

             for  ( int  i  =   0 ; i  <   this .grvUser.Columns.Count; i ++ )
            {
                 if  ( this .grvUser.Columns[i]  is  BoundField)
                {
                    BoundField boundField  =  (BoundField) this .grvUser.Columns [i];
                     //  whether the field can be viewed?                     boundField.Visible  =  BaseBusinessLogic.Exists (the dataTable, BaseTableColumnsTable.FieldColumnCode, boundField.DataField);                 }             }         }     } }

 

 

 

Reproduced in: https: //my.oschina.net/iwenr/blog/227624