最佳基于角色的访问控制(RBAC)数据库模型 [英] Best Role-Based Access Control (RBAC) database model
问题描述
跟踪Web应用程序基于角色的访问控制的最佳数据库模式是什么?
What is the best database schema to track role-based access controls for a web application?
我正在使用Rails,但是由Google链接的RBAC插件看起来没有维护(仅对SVN进行了300次提交;最近一次是在一年前).
I am using Rails, but the RBAC plugin linked by Google looks unmaintained (only 300 commits to SVN; latest was almost a year ago).
这个概念很简单,可以从头开始实施,但是又足够复杂和重要,值得一读.
The concept is simple enough to implement from scratch, yet complex and important enough that it's worth getting right.
那么其他人如何设计和实现他们的RBAC模型?
So how do others architect and implement their RBAC model?
推荐答案
据我所知,RBAC的基本角色是:
To my rather basic knowledge in that area, the basic actors of an RBAC are:
- 资源.
- 权限.
- 用户.
- 角色(即组).
资源<-必需->(一个或多个)权限.
Resources <- require -> (one or many) Permissions.
角色<-是->(一个或多个)权限的集合.
Roles <- are collections of -> (one or many) Permissions.
用户<-可以具有->(一个或多个)角色.
Users <- can have -> (one or many) Roles.
此类模型的表格为:
- 权限
- 角色
- 用户
- 角色权限
- user_role
现在,如果您希望应用程序的用户能够配置资源所需的权限,则可能还要在此处包括资源.但是我从不需要那.希望有帮助.
Now you might want to include resources here as well if you want users of your application to be able to configure which permissions a resource need. But I never needed that. Hope that helps.
这篇关于最佳基于角色的访问控制(RBAC)数据库模型的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
