Author: BALLOONMAN2002 2004 Nian 6 Yue 26 Ri
This article intends to combine the PowerBuilder language, briefly describes how to effectively establish a permission management system in traditional C / S application systems.
What is the authority management system? That is to control all aspects of operating users to access software features and system data. Traditional C / S application system, most of the "front desk background database table" two parts, which determine that we must consider two aspects of the authority management system:
1. The user's function permission in the front desk: which menu or window function can be used, for example: Zhang San can only use the data entry function, and cannot use management approval function;
2, the user is in the background function: that is, the user can read, access access to the library, for example: Zhang San is only read permissions for the X_Table table, without writing permissions;
Is the above-mentioned two authority management is enough? The answer is negative, because from the application perspective, it is necessary to control the user's data access, such as: Zhang San belongs to the A branch, Li Si belongs to the B-Branch, Zhang San, Li Si entry a data, then inquiry Obviously Zhang San can only query the data records you entered into yourself, without allowing it to query the data records entered by Li, or only queries and not allowed to modify, so this will lead to the third aspect of authority management content:
3. Users access to data access: which is accessible to which data is available;
Below we will learn about how to implement the above three aspects:
1, front desk function permission:
Talking about the front desk function permission, we have to build the following concepts:
Post: refers to the user's specific work classification, such as: data entry, instrument approval, system maintenance, etc .;
Function: means that the software function that the user can use can be controlled by a menu or window, but because the window usually has a large amount of data in a system, the control user uses which windows do not actually, so we usually have menu control;
Work ID: refers to the user ID used in the specific user login system;
The interrelationships of the above three concepts are as follows:
A job can correspond to multiple function menus;
A function menu can also correspond to multiple positions;
A work number can only belong to a post;
Furthermore, we can design the following user login processes:
(1) After reading the user table after logging in to the system;
(2) Find which menus can be used for this position;
(3) Compare the menus and system actual menus that users can use one by one, the mask does not allow the menu to use;
This is required for the use of some PB usage techniques for the use of menus. Seeing another article "Talking about how to use PB implementation Dynamic Add Menu", this is no longer described here.
In this way, through the above three relationships, it is created which menus can be used to use, which menus cannot be used. Why is it so complicated, why not directly define which menus can be used? In that case, it is obvious that the system is redundant, resulting in waste, and does not meet the standardization requirements.
2, background library table authority:
The background library table authority is mainly based on the front desk working number to establish a corresponding account (login), user (user), and generate a corresponding password according to certain rules, and given different roles (Role), different library tables Read, write permissions, since this part is closely related to the background specific database used, this article is no longer detailed. 3, apply data privilege:
Implementation of data privileges, mainly entered or generate unit code and operation employee IDs in various data sheets, when the user accesses the corresponding record, first compare the current user ID and its unit, whether or not data record The resulting operator ID and its unit code are consistent, this problem is simple, but actually uses the PB language to pay attention to certain skills, fully utilize the "inheritance", try to efficiently and universally.
For further information, please contact QQ: 27855043, MSN: weiyin2001@msn.com
If you have something wrong, you respect your guidance.
