使用按位运算符不同模块的用户角色权限 [英] User role permissions for different modules using bitwise operators
问题描述
所以我有一个有几个模块的应用(想想模块,不同的页面),每个模块都有一组权限;查看,添加,编辑,删除
So I have an application that has several modules (think of modules as different pages), each module has a set of permissions; view, add, edit, delete
我希望每个用户角色拥有的权限为每个模块,例如:
I want each user role to have privileges for each module, for example
角色权限
模块1 - >查看结果
模块2 - >添加,编辑结果
模块3 - >查看,添加,编辑,删除结果
等等。
Module 1 -> view
Module 2 -> add, edit
Module 3 -> view, add, edit, delete
etc.
我如何设计数据库支持,我将如何去有关使用按位运算符实现它(或者会有一个更有效的方式对这种特殊情况下?)
How can I design the database to support that and how would I go about implementing it using bitwise operators (or would there be a more efficient way for this particular case?)
我已经有用户,USER_ROLE和角色表,但我对如何设计模块表不确定。
I already have the user, user_role and role tables but I'm unsure on how to design the Module table.
推荐答案
如果您决定使用一个位掩码,请记住,你可以跟踪被限制权限的数量(你可以跟踪在签署4个字节的31权限整数数据库列)。然后每个权限将被分配一个值,该值是两个(1,2,4,8,等)的功率,并且可以执行按位操作,以检查是否允许匹配。
If you decide to use a bitmask, remember that the number of permissions you can keep track of is limited (you can track 31 permissions in a signed 4-byte integer database column). Each permission would then be assigned a value that is a power of two (1, 2, 4, 8, etc), and you could perform bitwise operations to check for permission matches.
这是你希望实现的目标,我建议建立一个role_has_module_privs表来代替。这种方法是从一个查询透视更加可扩展,更加高效。但是,如果你有组合的一个有限数量,位掩码可能更有效。
From what you're looking to accomplish, I would suggest creating a role_has_module_privs table instead. This approach is much more scalable, and more efficient from a querying perspective. But if you have a finite number of combinations, bitmasks may be more efficient.
这篇关于使用按位运算符不同模块的用户角色权限的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
