最佳做法控制权限? [英] Best practices for control permissions?
问题描述
嘿,我需要一些建议这个...
Hey all, I need some advice on this...
我们在数据库中有控制的一定水平的用户可以有超过应用程序特定权限设置。禁用,只读和编辑。
We have certain permissions setup in the database for certain levels of control a user can have over the application. Disabled, ReadOnly and Edit.
我的问题是:有没有比较通用/更好的方法来处理权限应用于表单元素在页面上比写一个安全方法/每页检查启用/禁用/隐藏/显示不同的权限适当控制允许吗?
My question is: Are there more generic/better ways to handle permissions applied to a form element on the page than writing a security method/check per page to enable/disable/hide/show proper controls depending on the permissions allowed?
任何人有什么不同的方式处理这方面的经验?
Anyone have any experience handling this in different ways?
编辑:
我就是想增加常量,需要安全的每一层,然后加在用户类的IsAuthorized函数将接受一个恒定的距离,控制是对形式的可能性,并返回布尔启用/禁用控制,这将真正降低我不得不当打的地方量/如果我需要修改安全为各种形式的。
I just thought about the possibility of adding constants for each layer that needs security and then adding an IsAuthorized function in the user class that would accept a constant from the form that the control is on, and return boolean to enable/disable controls, this would really reduce the amount of places I'd have to hit when/if I ever need to modify the security for all forms.
干杯!
推荐答案
对不起,去稍微题外话这里,但是从我的错误中吸取教训:
Sorry for going slightly off-topic here, but learn from my mistake:
我做了一个简单的Web应用程序有一次,我正在发展,我以为我会设置3个级别的安全性:有限只读(公),读 - 写有限(用户),读写(管理员) 。用户表中它有安全的水平,一切运行良好......直到我需要在安全级别更精细的控制作为项目增长。这一切都始于那个在节目中的一个区域而不是完全的管理控制不是用户的控制需要更多的用户。
I had a simple web app one time that I was developing and I thought that I'd setup 3 levels of security: limited read-only (public), read-limited write (user), read-write (admin). The users table had a level of security in it and everything worked fine... until I needed finer control over security levels as the project grew. It all started with a user that needed more than user control in one area of the program but not full admin control.
我应该做的是建立一个可扩展的系统,即使我并不需要它在第一次更好的控制。这将有救了我的sooo很多时间。
What I should have done was setup an expandable system with finer control even though I didn't need it at first. This would have saved me sooo much time.
这篇关于最佳做法控制权限?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!