Implementation Based on User Security Strategy in BS (2)

zhaozj2021-02-08  204

2 menu management

Menu management mainly includes two parts of content, and the editing maintenance of menu items is generated with the menu based on the privileges of the current login user.

The editing maintenance of the menu refers to the maintenance of the menu table. Because it is relatively simple, don't make a detailed description here, just pay attention to the following three issues:

First, the menu number is generated by the number of authority bits. Because the menu item is deleted, if the new menu item gets the number and the permissions, only the maximum number is increased, it must cause waste of the coded resource, especially the permission bit, only 100, if due to The jump has led to the waste of coding resources, inevitably causes the new functional module without coding resources. So, adding a new menu item is a problem that you must solve the jump number. Please see the following number and authority bits:

SELECT MIN (CDBH) 1 from CDB WHERE CDBH 1 Not in (SELECT CDBH from CDB)

SELECT MIN (QXWS) 1 from CDB WHERE QXWS 1 Not in (SELECT QXWS from CDB)

As long as we guarantee that this functional module is assigned to the menu, we assign a menu number to 1. If the permission bit is 1, it will ensure that the menu number and the permission bit will not jump, encoding in any case. Resources can be fully utilized. Because the menu maintenance itself is usually not deleted in general.

Second, the inlet path refers to the connection address of the first page of this function module, please pay attention to the relativity problem of the path.

Third, the relevant file refers to the page combination of this function module. In general, connect a functional module under a menu item to complete the function module. You may need a number of ASP pages. For example, the entrance path of the menu item 1 is ../Menu1.asp, the following three pages, menu11.asp, menu12.asp, menu13.asp, the content of the related files refers to meunu1.asp, menu11.asp, Menu12.asp, menu13.asp This string order. The main role of this is to set up for security checks, that is, the registration process of the page in the system.

According to the current login user, there is a critical session variable when generating menu: Session ("yhqx"), which is generated during the security checking process of the description, and has been saved to the user to exit the system or timeout failure . The content inside is the 100-bit privilege string of the current login user. The process of generating a menu based on this variable is as follows:

<% SQL = "SELECT * from cdb where fcdbh = 0 Order by CDBH"

SET RS = Conn.execute (SQL)

'Parent menu in obtaining all the submenu in the menu table

'Traversing the parent menu

Do While Not Rs.eof

SubMenunum = 0

SQL = "SELECT QXWS from CDB WHERE FCDBH =" & RS ("CDBH") & "Order By CDBH"

SET RS1 = Conn.execute (SQL)

'Get all submenus under the current parent menu

'Traversing the submenu under the current parent menu

Do While Not Rs1.eof

IF MID (SESSION ("YHQX"), RS1 ("QXWS"), 1) = 1 THEN

Submenunum = SubMenunum 1

'If the current user has the permissions of the current submenu, the number of submenu plus 1

END IF

RS1.MOVENEXT

loop

Rs1.close

SET RS1 = Nothing

If SubMenunum> 0 Then 'Generates the parent menu if the number of down the current user's current parent menu is greater than zero

IF = rs ("cdbh") endiff

Menunum = RS ("CDBH")

Parentname = rs ("cdmc")

Response.write ""

%>

URL = <% = rs ("rklj")%> target = mainframe>

The form and style of the 'menu are adjusted as needed, here you use pan

<%

Response.write ""

SQL = "SELECT * from cdb where fcdbh =" & menunum & "order by cdbh"

SET RS1 = Conn.execute (SQL)

'Find all submenus under the parent menu

Do While Not Rs1.eof

IF MID (SESSION ("YHQX"), RS1 ("YHQX"), 1) = 1 THEN

%>

URL = <% = rs ("rklj")%> target = mainframe>

The form and style of the 'menu are adjusted as needed, here you use pan

<%

END IF

RS1.MOVENEXT

loop

Rs1.close

SET RS1 = Nothing

END IF

Rs.movenext

loop

Rs.close

SET RS = Nothing

%>

Since there is only two menu in this system, there is no problem involving menu recursive call generation. If you want to implement, you must define a menu generation process into a functional form to conduct recursive calls, which will not be discussed in detail here.

3 permission distribution

The allocation of permissions is allocated by the user group permissions allocation with the user's permissions. It is the process of associating the specific menu with the user group or user.

First, see the interface of the user group is as follows:

Add user group

User Group Name:

Set user group permissions: