ASP.NET Boilerplate模板中的角色和权限之间有什么区别? [英] What is the difference between Roles and Permissions in ASP.NET Boilerplate Template?

问题描述

在ASP.NET Boilerplate中，为什么它具有控制授权的角色和权限?两者之间有何区别?

In ASP.NET Boilerplate, why does it has roles and permissions to control authorization? Which is the difference between both?

推荐答案

1.为什么ABP具有控制授权的角色和权限?两者有什么区别?

同时具有角色和权限可以使管理员灵活而轻松地控制授权.

1. Why does ABP have roles and permissions to control authorization? What is the difference between the two?

Having both roles and permissions allows flexibility and ease for admins to control authorization.

不同之处在于授权仅取决于权限，而不取决于角色.

The difference is that authorization only depends on permissions, not roles.

来自 https://aspnetboilerplate.com/Pages/Documents/Zero/Role-管理:

角色用于组权限.当用户拥有某个角色时，他/她将拥有该角色的所有权限.用户可以具有多个角色.该用户的权限将是所有分配的角色的所有权限的合并.

Roles are used to group permissions. When a user has a role, then he/she will have all the permissions of that role. A user can have multiple roles. The permissions of this user will be a merge of all the permissions of all assigned roles.

例如，可以允许站点主持人添加，编辑和删除任何帖子，包括其他人撰写的帖子.网站主持人也可以添加，编辑和删除评论.如果有多个站点主持人，则可以轻松地分配角色，而不是为每个用户分配单独的权限.

For example, a site moderator can be allowed to add, edit and delete any posts, including the ones written by others. A site moderator can add, edit and delete comments as well. If there are several site moderators, then a role can be easily assigned instead of individual permissions to each user.

否，可以直接将权限分配给用户.

No, a permission can be assigned directly to a user.

否，角色不需要权限.没有权限的角色就像职位(例如员工).

No, a role does not need permissions. A role with no permissions is like a position (e.g. employee).

来自 https://aspnetboilerplate.com/Pages/Documents/Zero/Permission-管理:

角色权限

如果我们授予角色权限，则具有该角色的所有用户都将获得该权限的授权(除非明确禁止特定用户使用).

Role Permissions

If we grant a permission to a role, all the users that have this role are authorized for the permission (unless explicitly prohibited for a specific user).

用户权限

尽管对于大多数应用程序而言，基于角色的权限管理已足够，但我们可能需要控制每个用户的权限.当我们为用户定义权限设置时，它会覆盖为用户角色定义的权限设置.

User Permissions

While the role-based permission management can be enough for most applications, we may need to control the permissions per user. When we define a permission setting for a user, it overrides the permission setting defined for the roles of the user.

此外，还有组织单位角色(尚未记录).也就是说，可以将角色分配给组织单位，并认为该组织单位中的用户具有该角色.

In addition, there are also Organization Unit Roles (not documented yet). That is, a role can be assigned to an organization unit and users in that organization unit are considered to have that role.

这篇关于ASP.NET Boilerplate模板中的角色和权限之间有什么区别?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！