Android的;根据RBAC管理UI控件 [英] Android;manage UI controls according RBAC
问题描述
在一个项目中,我有3个演员和5使用要办案。调节演员访问基于其角色(RBAC)。还有所有演员看到相同的UI实体,但一些UI控件是根据每个演员禁用他/她Role.I可以使用如果语句来决定具体的控制必须为当前的演员或禁用启用?例如:
In a project I have 3 Actors and 5 Use cases.I want to regulate Actors access to entities based on their roles(RBAC).Also all Actors see the same UI,but some UI controls are disabled for each actor according to his/her Role.I can use If statements to decide specific control must be enabled for current Actor or disabled? For example:
If (User.Roles(...))
{
btnEditOrder.enabled = false;
}
这是可能的,但用户界面是复杂的,每个布局有很多UI controls.So管理所有这些可能的选项和硬code。在应用程序逻辑似乎daunting.Specially,用例,演员和他们的数量权限可能会改变你知道later.Do如何避免硬code这样的逻辑,并有一个好的设计?
That is possible,but UI is complex and each layout has many UI controls.So managing all these possible options and hard-code that logic in the application seems daunting.Specially, number of use cases,actors and their permissions may change later.Do you know how I can avoid hard-code such logic and have a good design?
推荐答案
恕我直言,这将是很好创建单独的menu.xml文件的文件为每个角色。
IMHO it would be good to create separate menu.xml files for each role.
比方说,你做单独的menu.xml文件的文件分别是:
Let's say you make separate menu.xml files namely:
-
options_menu_manager.xml
-
options_menu_engineer.xml
-
options_menu_director.xml
options_menu_manager.xml
options_menu_engineer.xml
options_menu_director.xml
您将需要它周围的Helper类。我假设你有作用已经在内存中,你可以这样做:
You will need to make a Helper class around it. I am assuming you have the role already in the memory, you can do something like:
class Helper{
public static int getOptionsMenu(){
switch(Global.role){
case Constants.MANAGER:
return R.menu.options_menu_manager.xml;
...
...
}
}
}
和你需要的地方拿到的菜单,你可以使用,而不是使用R.menu一个辅助功能。*文件。
and wherever you need to get the menus, you can use a helper function instead of using a R.menu.* file.
@Override
public boolean onCreateOptionsMenu(Menu menu) {
MenuInflater inflater = getMenuInflater();
inflater.inflate(Helper.getOptionsMenu(), menu);
return true;
}
虽然,这仅仅是一个越来越基于角色的菜单方式。您仍然应该拥有所有的执行行动的授权出身良好验证。对于你也可以建立一个满足当前用户对允许的动作角色,看他是否被允许做他正在做什么或不是一个帮手。
Although, this is just a way of getting ROLE based menu. You should still have a good background validation of the authorization of all the performed actions. For that also you can create a helper that matches the current user's role against the allowed actions to see if he is allowed to do what he is doing or not.
这篇关于Android的;根据RBAC管理UI控件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!