Stage 5 3. Micro Services [online] studies _day18 user authorization _14- fine-grained authorization - I of course fine-grained authorization - needs analysis

3.3 My courses fine-grained authorization
3.3.1 needs analysis
1, my course queries, fine-grained authorization process is as follows:
1) Get the current logged in user Id
2) get the user belongs educational institutions Id
3) query this teaching institutions course information
and ultimately the user only allowed to check their institutions curriculum information.
2, modify the course management service "My Courses" feature, according to the company Id queries course, ideas are as follows:
1) Modify Dao, support queries courses according to the company Id.
2) modify the Service, the company Id incoming Dao.
3) Modify Controller, to get the current user's company Id, passed Service.
3, the data model as follows:
1) curriculum
to add company_id field course_base table xc_course database to indicate ownership of this program



2) user business table
records the user's home company information xc_company_user table xc_user database

by xc_company_user table available user belongs company Id.
How to check a user's course?
1, determine the user's Id
2, Id according to the user's query user ownership of the company.
3, according to the company Id query information in the course of the company
is an example:
/ * Determine the user the above mentioned id: 49 * /
/ * Find affiliates based on user Id * /
Company_id the FROM xc_user.xc_company_user the WHERE user_id the SELECT = '49'
/ * Query based on course company owned by * /
the SELECT * the FROM xc_course.course_base the WHERE company_id = '1'