ASP.NET 样板模板中的角色和权限有什么区别? [英] What is the difference between Roles and Permissions in ASP.NET Boilerplate Template?

问题描述

在 ASP.NET Boilerplate 中，为什么它具有控制授权的角色和权限?两者之间的区别是什么?

解决方案

1.为什么ABP有控制授权的角色和权限?两者有什么区别?

同时拥有角色和权限可以让管理员灵活轻松地控制授权.

区别在于授权只取决于权限，而不取决于角色.

来自 https://aspnetboilerplate.com/Pages/Documents/Zero/Role-管理:

<块引用>

角色用于组权限.当用户拥有角色时，他/她将拥有该角色的所有权限.一个用户可以拥有多个角色.此用户的权限将是所有分配角色的所有权限的合并.

例如，可以允许网站版主添加、编辑和删除任何帖子，包括其他人撰写的帖子.站点版主也可以添加、编辑和删除评论.如果有多个站点版主，则可以轻松地为每个用户分配一个角色而不是单独的权限.

2.权限是否一定属于角色?角色是否一定需要权限?

不可以，权限可以直接分配给用户.

不，角色不需要权限.没有权限的角色就像一个职位(例如员工).

来自 https://aspnetboilerplate.com/Pages/Documents/Zero/Permission-管理:

<块引用>

角色权限

如果我们为角色授予权限，则所有拥有该角色的用户都有权获得该权限(除非明确禁止特定用户使用).

<块引用>

用户权限

虽然基于角色的权限管理对于大多数应用程序来说已经足够了，但我们可能需要控制每个用户的权限.当我们为用户定义权限设置时，它会覆盖为用户角色定义的权限设置.

此外，还有组织单位角色(尚未记录).也就是说，一个角色可以分配给一个组织单位，该组织单位中的用户被认为具有该角色.

In ASP.NET Boilerplate, why does it has roles and permissions to control authorization? Which is the difference between both?

解决方案

1. Why does ABP have roles and permissions to control authorization? What is the difference between the two?

Having both roles and permissions allows flexibility and ease for admins to control authorization.

The difference is that authorization only depends on permissions, not roles.

From https://aspnetboilerplate.com/Pages/Documents/Zero/Role-Management:

Roles are used to group permissions. When a user has a role, then he/she will have all the permissions of that role. A user can have multiple roles. The permissions of this user will be a merge of all the permissions of all assigned roles.

For example, a site moderator can be allowed to add, edit and delete any posts, including the ones written by others. A site moderator can add, edit and delete comments as well. If there are several site moderators, then a role can be easily assigned instead of individual permissions to each user.

2. Does a permission necessarily belong to a role? And does a role necessarily need permissions?

No, a permission can be assigned directly to a user.

No, a role does not need permissions. A role with no permissions is like a position (e.g. employee).

From https://aspnetboilerplate.com/Pages/Documents/Zero/Permission-Management:

Role Permissions

If we grant a permission to a role, all the users that have this role are authorized for the permission (unless explicitly prohibited for a specific user).

User Permissions

While the role-based permission management can be enough for most applications, we may need to control the permissions per user. When we define a permission setting for a user, it overrides the permission setting defined for the roles of the user.

In addition, there are also Organization Unit Roles (not documented yet). That is, a role can be assigned to an organization unit and users in that organization unit are considered to have that role.

这篇关于ASP.NET 样板模板中的角色和权限有什么区别?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！