1.概述
功能權限,限定了某一類用戶(按角色)對資源的訪問(CRUD)。一般常見的關系為Resource(如Menu,File等),Role,User,Privilege。其中,Privilege用於存儲Role和Resource之間的關系。
2.數據表設計
IF OBJECT_ID ('dbo.Privileges') IS NOT NULL DROP TABLE dbo.Privileges GO CREATE TABLE dbo.Privileges ( ID INT IDENTITY NOT NULL, --主鍵 ResourceID INT NOT NULL, --資源ID RoleName NVARCHAR (50) NOT NULL, --角色名稱 Flag INT NOT NULL, --權限標記 CONSTRAINT PK_Privileges PRIMARY KEY (ID) ) GO
3.數據結構
3.1 權限常量枚舉
[Flags] public enum EPrivilege { Retrieve = 1 << 0, Create = 1 << 1, Update = 1 << 2, Delete = 1 << 3, None = 1 << 4 }
3.2 功能權限
/// <summary> /// 功能權限實體 /// </summary> public partial class Privilege { /// <summary> /// 主鍵 /// </summary> public long ID { get; set; } /// <summary> /// 角色名稱 /// </summary> public string RoleName { get; set; } /// <summary> /// 功能菜單ID /// </summary> public string FunctionMenuID { get; set; } /// <summary> /// 權限位標記 /// </summary> public int Flag { get; set; } } public partial class Privilege { /// <summary> /// 將Flag與EPrivilege等效轉化 /// </summary> public EPrivilege FlagEqualToEPrivilege { get { var str = this.Flag.ToString(); return (EPrivilege)Enum.Parse(typeof(EPrivilege), str, true); } set { this.Flag = (int)value; } } public bool HasPrivilege(EPrivilege privilege) { return (this.FlagEqualToEPrivilege & privilege) != 0; } }
3.3 DB Methods
public class PrivilgeExtensions { public static bool HasPrivilege(this IPrincipal user, string resourceName, EPrivilege privilegeType) { //...... return false; } }
總結:Flag與Enum之間的自動解析應該是通過【Flags】標記完成。