权限控制的一个思路
数据库表结构
<span CREATE</span> <span TABLE</span><span `NewTable` (
`id` </span><span int</span>(<span 11</span>) <span NOT</span> <span NULL</span><span AUTO_INCREMENT,
`title` </span><span varchar</span>(<span 255</span>) <span NOT</span> <span NULL</span><span ,
`menu_id` </span><span int</span>(<span 11</span>) <span NOT</span> <span NULL</span><span ,
`module` </span><span varchar</span>(<span 50</span>) <span NOT</span> <span NULL</span><span ,
`class` </span><span varchar</span>(<span 50</span>) <span NOT</span> <span NULL</span><span ,
`method` </span><span varchar</span>(<span 50</span>) <span NOT</span> <span NULL</span><span PRIMARY</span> <span KEY</span><span (`id`)
);</span>假定我们使用了MVC的结构,并通过url访问对应的模块及类和函数。
表中第一行表示一个操作,title表示操作名,menu_id表示属于哪一个菜单选项,module表示模块名(没有可以略过),class表示类名,method表示函数名
此外我们还需要一个用户组的表,大致如下:
其中access_list中保存的当前用户组所拥有的权限ID(对应上个权限表中的ID)
当然我们还需要一个用户表来对应用户组表
group_id表示的第用户所对应的用户组
当我们访问一个url的时候,比如:
http://testApp.test.com/index.php/module/testModule/testClass/testAction
通过路由分析,我们得到相应的数据:
模块->testModule
类->testClass
函数->testAction
通过三个参数,我们查找权限表中的数据,得到一个唯一的id值。
然后对比用户组中access_list中的数据,如果数据中包括有这个id,那么当前用户拥有当前操作的权限,反之没有权限。
那么我们如何来控制菜单选项,当用户有权限时才显示呢?
因为在权限表中的每个操作都对应有一个menu_id,即菜单选项。我们通过查找当前用户所属于的用户组信息,得到他所拥有的权限操作ID,再通过ID取得他所属于的菜单选项,这样就得到了当前用户所拥有的菜单权限。
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1667
14
1426
52
1328
25
1273
29
1255
24
Enable root permissions with one click (quickly obtain root permissions)
Jun 02, 2024 pm 05:32 PM
It allows users to perform more in-depth operations and customization of the system. Root permission is an administrator permission in the Android system. Obtaining root privileges usually requires a series of tedious steps, which may not be very friendly to ordinary users, however. By enabling root permissions with one click, this article will introduce a simple and effective method to help users easily obtain system permissions. Understand the importance and risks of root permissions and have greater freedom. Root permissions allow users to fully control the mobile phone system. Strengthen security controls, customize themes, and users can delete pre-installed applications. For example, accidentally deleting system files causing system crashes, excessive use of root privileges, and inadvertent installation of malware are also risky, however. Before using root privileges
iOS 18 adds a new 'Recovered' album function to retrieve lost or damaged photos
Jul 18, 2024 am 05:48 AM
Apple's latest releases of iOS18, iPadOS18 and macOS Sequoia systems have added an important feature to the Photos application, designed to help users easily recover photos and videos lost or damaged due to various reasons. The new feature introduces an album called "Recovered" in the Tools section of the Photos app that will automatically appear when a user has pictures or videos on their device that are not part of their photo library. The emergence of the "Recovered" album provides a solution for photos and videos lost due to database corruption, the camera application not saving to the photo library correctly, or a third-party application managing the photo library. Users only need a few simple steps
How to handle database connection errors in PHP
Jun 05, 2024 pm 02:16 PM
To handle database connection errors in PHP, you can use the following steps: Use mysqli_connect_errno() to obtain the error code. Use mysqli_connect_error() to get the error message. By capturing and logging these error messages, database connection issues can be easily identified and resolved, ensuring the smooth running of your application.
Detailed tutorial on establishing a database connection using MySQLi in PHP
Jun 04, 2024 pm 01:42 PM
How to use MySQLi to establish a database connection in PHP: Include MySQLi extension (require_once) Create connection function (functionconnect_to_db) Call connection function ($conn=connect_to_db()) Execute query ($result=$conn->query()) Close connection ( $conn->close())
How to save JSON data to database in Golang?
Jun 06, 2024 am 11:24 AM
JSON data can be saved into a MySQL database by using the gjson library or the json.Unmarshal function. The gjson library provides convenience methods to parse JSON fields, and the json.Unmarshal function requires a target type pointer to unmarshal JSON data. Both methods require preparing SQL statements and performing insert operations to persist the data into the database.
How to use database callback functions in Golang?
Jun 03, 2024 pm 02:20 PM
Using the database callback function in Golang can achieve: executing custom code after the specified database operation is completed. Add custom behavior through separate functions without writing additional code. Callback functions are available for insert, update, delete, and query operations. You must use the sql.Exec, sql.QueryRow, or sql.Query function to use the callback function.
How to connect to remote database using Golang?
Jun 01, 2024 pm 08:31 PM
Through the Go standard library database/sql package, you can connect to remote databases such as MySQL, PostgreSQL or SQLite: create a connection string containing database connection information. Use the sql.Open() function to open a database connection. Perform database operations such as SQL queries and insert operations. Use defer to close the database connection to release resources.
MySQL: Simple Concepts for Easy Learning
Apr 10, 2025 am 09:29 AM
MySQL is an open source relational database management system. 1) Create database and tables: Use the CREATEDATABASE and CREATETABLE commands. 2) Basic operations: INSERT, UPDATE, DELETE and SELECT. 3) Advanced operations: JOIN, subquery and transaction processing. 4) Debugging skills: Check syntax, data type and permissions. 5) Optimization suggestions: Use indexes, avoid SELECT* and use transactions.
