设计用户角色和权限系统的最佳实践? [英] Best Practice for Designing User Roles and Permission System?
问题描述
我需要将用户角色和权限系统添加到使用PHP / MySQL构建的Web应用程序中。我想要拥有此功能:
I need to add user roles and permission system into my web application built using PHP/MySQL. I want to have this functionality:
- 一个root用户可以创建子根,组,规则和普通用户(所有权限)。
- 子根目录只能为自己的群组(无群组)创建规则,权限和用户。
- 用户可以访问
我需要系统具有足够的灵活性,以便为内容分配新的角色和权限。
I need the system to be flexible enough, so that new roles and permissions are assigned to content.
我有一个 users 信息。目前我在每个内容表中使用两个字符,即 createdBy 和 CreatedByGroup 用户有权限。但它不够灵活,因为对于每一个新的内容,我必须走所有的数据更新和权限更新。
I have a users table storing group key along with other information. Currently I am using two feilds in each content table i.e. createdBy and CreatedByGroup, and using that as the point whether a certain user has permissions. But its not flexible enough, because for every new content, I have to go throug all data updates and permission updates. Please help me by discussing your best practices for schema design.
推荐答案
适合您需要的模式称为基于角色的访问控制。
The pattern that suits your needs is called role-based access control.
有PHP中的几个好的实现,包括 Zend_Acl (良好的文档) , phpGACL 和 TinyACL 。大多数框架都有自己的ACL实现形式。
There are several good implementations in PHP, including Zend_Acl (good documenation), phpGACL and TinyACL. Most frameworks also have their own implementations of an ACL in some form.
即使你选择自己滚动,它将帮助你审查妥善的解决方案,如那些。
Even if you choose to roll your own, it'll help you to review well factored solutions such as those.
这篇关于设计用户角色和权限系统的最佳实践?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
