此文章来自也算赌徒的我的关于'基于角色的访问控制'的权限管理的数据库的设计
*/
use [master]
go-- 检查数据库 [RBAC]是否存在,如果存在则删除(只测试用,不然会丢数据.)
-- Search from the sysdatabase to see that if the [RBAC] database exist.
-- If exists then drop it else create it.if exists(select * from sysdatabases where name = 'RBAC')
drop database [RBAC]
go-- 创建数据库 [RBAC]
-- Create the database named by '[RBAC]'.
create database [RBAC]
go-- 使用数据库 [RBAC]
-- Use the database of '[RBAC]'.
use [RBAC]
go-- 创建 "用户" 数据表 [RBAC_User]
-- Create the datatable named by '[RBAC_User]' to save users.
create table [RBAC_User]
(
--用户编号
[User_ID] int primary key not null,
--用户名称
[User_Name] varchar(20) not null,
--用户密码
[User_PassWord] varchar(20) not null,
--用户状态
[User_Lock] bit not null
)
go-- 添加测试数据
-- Add data for test
insert into [RBAC_User] values(1,'FightingYang','PassWord',0);
go
insert into [RBAC_User] values(2,'Supper3000','Teacher',0);
go
insert into [RBAC_User] values(3,'JianzhongLi','Teacher',1);
goselect * from [RBAC_User]
go
-- 创建 "组" 数据表 [RBAC_Group]
-- Create the datatable named by '[RBAC_Group]' to save groups.
create table [RBAC_Group]
(
--组编号
[Group_ID] int primary key not null,
--组名称
[Group_Name] varchar(20) not null
)
go-- 添加测试数据
-- Add data for test
insert into [RBAC_Group] values(1,'编程爱好者');
go
insert into [RBAC_Group] values(2,'MSDN老师');
goselect * from [RBAC_Group]
go
-- 创建 "角色" 数据表 [RBAC_Role]
-- Create the datatable named by '[RBAC_Role]' to save roles.
create table [RBAC_Role]
(
--角色编号
[Role_ID] int primary key not null,
--角色名称
[Role_Name] varchar(20) not null
)
go-- 添加测试数据
-- Add data for test
insert into [RBAC_Role] values(1,'admin');
go
insert into [RBAC_Role] values(2,'user');
goselect * from [RBAC_Role]
go-- 创建 "资源" 数据表 [RBAC_Resource]
-- Create the datatable named by '[RBAC_Resource]' to save Resources.
create table [RBAC_Resource]
(
--资源编号
[Resource_ID] int primary key not null,
--资源名称
[Resource_Name] varchar(20) not null
)
go-- 添加测试数据
-- Add data for test
insert into [RBAC_Resource] values(1,'音频');
go
insert into [RBAC_Resource] values(2,'视频');
goselect * from [RBAC_Resource]
go-- 创建 "操作" 数据表 [RBAC_Operate]
-- Create the datatable named by '[RBAC_Operate]' to save Operates.
create table [RBAC_Operate]
(
--操作编号
[Operate_ID] int primary key not null,
--操作名称
[Operate_Name] varchar(10) not null
)
go-- 添加测试数据
-- Add data for test
insert into [RBAC_Operate] values(1,'添加');
go
insert into [RBAC_Operate] values(2,'读取');
go
insert into [RBAC_Operate] values(3,'编写');
go
insert into [RBAC_Operate] values(4,'删除');
goselect * from [RBAC_Operate]
go-- 创建 "权限" 数据表 [RBAC_Privilege]
-- Create the datatable named by [RBAC_Privilege] to save privileges.
create table [RBAC_Privilege]
(
--权限编号
[Privilege_ID] int primary key not null,
--资源编号
[Resource_ID] int foreign key references [RBAC_Resource]([Resource_ID]) not null,
--操作编号
[Operate_ID] int foreign key references [RBAC_Operate]([Operate_ID]) not null
)
go-- 添加测试数据
-- Add data for test-- 第一条权限是对"音频"的"添加"权限
insert into [RBAC_Privilege] values(1,1,1);
go
-- 第二条权限是对"音频"的"读取"权限
insert into [RBAC_Privilege] values(2,1,2);
go
-- 第三条权限是对"音频"的"编写"权限
insert into [RBAC_Privilege] values(3,1,3);
go
-- 第四条权限是对"音频"的"删除"权限
insert into [RBAC_Privilege] values(4,1,4);
go
-- 第五条权限是对"视频"的"读取"权限
insert into [RBAC_Privilege] values(5,2,1);
go
-- 第六条权限是对"视频"的"读取"权限
insert into [RBAC_Privilege] values(6,2,2);
go
-- 第七条权限是对"视频"的"编写"权限
insert into [RBAC_Privilege] values(7,2,3);
go
-- 第八条权限是对"视频"的"删除"权限
insert into [RBAC_Privilege] values(8,2,4);
goselect * from [RBAC_Operate]
go-- 创建 "授权" 数据表 [RBAC_Impower]
-- Create the datatable named by [RBAC_Impower] to save Impower.
create table [RBAC_Impower]
(
--授权编号
[Impower_ID] int primary key not null,
--角色编号
[Role_ID] int foreign key references [RBAC_Role]([Role_ID]) not null,
--权限编号
[Privilege_ID] int foreign key references [RBAC_Privilege]([Privilege_ID]) not null
)
go-- 添加测试数据
-- Add data for test-- 第一条授权内容"admin"具有'对"音频"的"添加"权限'
insert into [RBAC_Impower] values(1,1);
go
-- 第二条授权内容"admin"具有'对"音频"的"读取"权限'
insert into [RBAC_Impower] values(2,2);
go
-- 第三条授权内容"admin"具有'对"音频"的"编写"权限'
insert into [RBAC_Impower] values(3,3);
go
-- 第四条授权内容"admin"具有'对"音频"的"删除"权限'
insert into [RBAC_Impower] values(4,4);
go
-- 第五条授权内容"admin"具有'对"视频"的"添加"权限'
insert into [RBAC_Impower] values(5,5);
go
-- 第六条授权内容"admin"具有'对"视频"的"读取"权限'
insert into [RBAC_Impower] values(6,6);
go
-- 第七条授权内容"admin"具有'对"视频"的"编写"权限'
insert into [RBAC_Impower] values(7,7);
go
-- 第八条授权内容"admin"具有'对"视频"的"删除"权限'
insert into [RBAC_Impower] values(8,8);
go
-- 第九条授权内容"user"具有'对"音频"的"读取"权限'
insert into [RBAC_Impower] values(9,2);
go
-- 第十条授权内容"user"具有'对"视频"的"读取"权限'
insert into [RBAC_Impower] values(10,5);
goselect * from [RBAC_Impower]
go-- 添加测试数据
-- Add data for test-- 组所具备的角色的数据第一条的内容是"MSDN老师"具有"admin"的角色
insert into [RBAC_GroupRole] values(1,2,1);
go
-- 组所具备的角色的数据第二条的内容是"编程爱好者"具有"user"的角色
insert into [RBAC_GroupRole] values(2,1,2);
goselect * from [RBAC_GroupRole]
go-- 创建 "用户组" 数据表 [RBAC_UserGroupRole]
-- Create the datatable named by '[RBAC_UserGroupRole]' to save userGroupRoles.
create table [RBAC_UserGroupRole]
(
--用户组编号
[UserGroup_ID] int primary key not null,
--用户编号
[User_ID] int foreign key references [RBAC_User]([User_ID]) not null,
--组编号
[Group_ID] int foreign key references [RBAC_Group]([Group_ID]) not null,
--角色编号
[Role_ID] int foreign key references [RBAC_Role]([Role_ID]) not null
)
go-- 添加测试数据
-- Add data for test-- 第一条用户组数据是"FightingYang"属于"编程爱好者"组,在组中的角色是"admin"
insert into [RBAC_UserGroup] values(1,1,1,1);
go
-- 第二条用户组数据是"Supper3000"属于"MSDN老师"组,在组中的角色是"admin"
insert into [RBAC_UserGroup] values(2,2,2,1);
go
-- 第三条用户组数据是"JianzhongLi"属于"MSDN老师"组,在组中的角色是"user"
insert into [RBAC_UserGroup] values(3,3,2,2);
goselect * from [RBAC_UserGroupRole]
go