如何为 Angular 中的某些角色动态分配组件/字段权限? [英] How to assign dynamically components/fields permissions to certain roles in Angular?
问题描述
我正在处理一个 Angular 7 项目并开发一个角色/权限管理仪表板,超级管理员可以通过单击复选框来分别分配和管理 rolesx 及其权限.我的具体任务是实施类似于 VtigerCRM
I am working on an Angular 7 project and developing a role/permission management dashboard where a super-admin can assign and manage rolesx and their permissions respectively by clicking the check boxes. What I was specifically tasked to do is implement something similar to what is implemented in VtigerCRM
因此,当超级用户分配权限时,应该为用户分配对该特定组件和/或该组件中该特定字段的访问权限.我想知道有没有办法从像 Angular 这样的 UI 动态管理角色及其权限?如果是,我们该怎么做?或者任何与此相关的链接都会有很大帮助!!
So when the super user assigns permission, the user should be assigned access to that particular component and/or that particular field in the component. I'm wondering is there a way to manage roles and their permissions dynamically from an UI like Angular? If yes, how do we do it? Or any links that relates this would be of great help !!
推荐答案
我在谷歌上快速搜索了一下,发现这两个项目可能很有趣:
I did a quick bit of Googling and found these 2 projects which may be interesting:
我也没有隶属关系.
也就是说,您要问自己一个更大的问题:角色和权限是否有任何逻辑?换句话说,您是否希望手动为角色/用户分配权限,或者您是否可以编写一个策略来根据属性确定用户可以做什么?
That said, there is a bigger question you want to ask yourself: is there any logic to the roles and permissions? In other words, do you want to have to manually assign permissions to roles / users or could you possibly write a policy that would determine what users can do based on attributes?
如果是这样,您需要查看基于属性的访问控制(abac) 这将简化您的授权管理.与其创建数百个角色和数千个权限,然后您需要手动分配给用户(并对其进行管理 - 即重新认证、删除...),您只需按照以下方式创建策略:
If so, you need to look into Attribute-Based Access Control (abac) which will simplify your authorization management. Rather than creating hundreds of roles and thousands of permissions which you then need to manually assign to users (and do the governance thereof - i.e. recertify, remove...), you could just create policies along the lines of:
- 助理可以创建报告,如果...
编写这些政策的语言称为 ALFA,即授权的缩写语言.这是 OASIS 的标准.它会转换为 XACML,然后您可以将其提供给授权服务,例如AuthZForce(开源)或 Axiomatics(商业).
The language to write these policies is called ALFA, the abbreviated language for authorization. It's a standard by OASIS. It gets converted to XACML which you can then feed to an authorization service e.g. AuthZForce (open source) or Axiomatics (commercial).
我希望这会有所帮助.
这篇关于如何为 Angular 中的某些角色动态分配组件/字段权限?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
