设计基于权限的安全模型 [英] Designing a permissions based security model
问题描述
我们的应用程序是基于我们称为站点的不同物理位置。用户可能有权在一个站点而不是其他站点执行某些操作(例如,编辑站点的配置)。因此,我们现在需要根据当前用户和当前站点查找权限。此外,某些用户的权限可能对自己非常具体,即。没有其他用户的权限与其他用户的权限完全相同。因此,我们需要一个基于更多权限的安全模型,而不是基于角色。
设计符合这些要求的新权限模式的最佳方法是什么?我想确保很容易实现代码检查(我不希望在我们的SetUIPermissions方法中抛出一个百万的if语句),我们不想更新每个用户(每个400+并计数)时间我们添加一个新的权限。由于这个最后一个要求,我认为我们需要保持角色的想法,但可能会为特定用户添加/删除特定权限的异常。
任何想法?
你在正确的轨道上具有角色和权限。角色参考一组默认权限是一个相对常见的解决方案;通过使用户具有角色和一组权限,您可以允许该角色被该用户专门授予/撤销的权限集所覆盖。这提供了合理的灵活性和粒度,并支持您添加新权限(角色)的情况,而无需触摸每个用户。
I work on a vb.net winforms app where we currently are using simple roles for security. We enable/disable specific controls based on if the current user has the required role. We are to the point where this is no longer granular enough.
Our application is based on different physical locations we call sites. A user might have permission to do something (for example, edit a site's configuration) at one site but not another. Therefore, we now need to lookup permissions based on current user AND current site. Also, a certain user's permissions may be very specific to themselves ie. no other user's permissions are exactly the same as another user's. Therefore we need a security model that's more permissions based rather than role based.
What's the best way to design a new permissions model that can meet these requirements? I want to make sure that it's easy to implement the checking in the code (I don't want a million if statements sprinkled in our SetUIPermissions methods) and we don't want to have to update every user (400+ and counting) each time we add a new permission. Because of this last requirement I think we need to keep the idea of roles but possibly add/remove exceptions for particular permissions for specific users.
Any ideas?
You're on the right track with the roles and permissions. It's a relatively common solution to have a role refer to a set of "default" permissions; by having a user have a role and a set of permissions, you allow for the role to be overridden by the set of permissions specifically granted / revoked for that user. This gives reasonable flexibility and granularity, and supports your situation of adding new permissions (in the role) without needing to touch every user.
这篇关于设计基于权限的安全模型的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
