如何为Angular中的某些角色动态分配组件/字段权限? [英] How to assign dynamically components/fields permissions to certain roles in Angular?
问题描述
我正在研究Angular 7项目,并开发了角色/权限管理仪表板,超级管理员可以通过单击复选框来分别分配和管理Rolex及其权限。我专门负责做的事情是实现类似于VtigerCRM中实现的功能
I am working on an Angular 7 project and developing a role/permission management dashboard where a super-admin can assign and manage rolesx and their permissions respectively by clicking the check boxes. What I was specifically tasked to do is implement something similar to what is implemented in VtigerCRM
因此,当超级用户分配权限时,应为用户分配对该特定组件和/或该组件中特定字段的访问权限。我想知道是否可以通过Angular这样的UI动态管理角色及其权限?如果是,我们该怎么做?否则任何与此相关的链接都将有很大帮助!
So when the super user assigns permission, the user should be assigned access to that particular component and/or that particular field in the component. I'm wondering is there a way to manage roles and their permissions dynamically from an UI like Angular? If yes, how do we do it? Or any links that relates this would be of great help !!
推荐答案
我做了一下谷歌搜索,发现了这两个项目可能有趣:
I did a quick bit of Googling and found these 2 projects which may be interesting:
- ngx-permissions
- Akita
我与这两个都不隶属。
也就是说,您要问自己一个更大的问题:角色和权限是否有逻辑?换句话说,您是否要手动为角色/用户分配权限,还是可以编写一个策略来确定用户可以根据属性执行的操作?
That said, there is a bigger question you want to ask yourself: is there any logic to the roles and permissions? In other words, do you want to have to manually assign permissions to roles / users or could you possibly write a policy that would determine what users can do based on attributes?
如果是这样,则需要研究基于属性的访问控制( abac 的问题,这将简化您的授权管理。与其创建然后需要手动分配给用户的数百个角色和数千个权限(并进行治理-即重新认证,删除...),您只需按照以下方式创建策略:
If so, you need to look into Attribute-Based Access Control (abac) which will simplify your authorization management. Rather than creating hundreds of roles and thousands of permissions which you then need to manually assign to users (and do the governance thereof - i.e. recertify, remove...), you could just create policies along the lines of:
- 如果...
,助理可以创建报告编写这些策略的语言称为ALFA,是授权的缩写语言。这是OASIS的标准。它将转换为XACML,然后您可以将其提供给授权服务,例如AuthZForce(开源)或Axiomatics(商业)。
The language to write these policies is called ALFA, the abbreviated language for authorization. It's a standard by OASIS. It gets converted to XACML which you can then feed to an authorization service e.g. AuthZForce (open source) or Axiomatics (commercial).
我希望这会有所帮助。
这篇关于如何为Angular中的某些角色动态分配组件/字段权限?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
