1.概述
功能权限,限定了某一类用户(按角色)对资源的访问(CRUD)。一般常见的关系为Resource(如Menu,File等),Role,User,Privilege。其中,Privilege用于存储Role和Resource之间的关系。
2.数据表设计
IF OBJECT_ID ('dbo.Privileges') IS NOT NULL DROP TABLE dbo.Privileges GO CREATE TABLE dbo.Privileges ( ID INT IDENTITY NOT NULL, --主键 ResourceID INT NOT NULL, --资源ID RoleName NVARCHAR (50) NOT NULL, --角色名称 Flag INT NOT NULL, --权限标记 CONSTRAINT PK_Privileges PRIMARY KEY (ID) ) GO
3.数据结构
3.1 权限常量枚举
[Flags] public enum EPrivilege { Retrieve = 1 << 0, Create = 1 << 1, Update = 1 << 2, Delete = 1 << 3, None = 1 << 4 }
3.2 功能权限
/// <summary> /// 功能权限实体 /// </summary> public partial class Privilege { /// <summary> /// 主键 /// </summary> public long ID { get; set; } /// <summary> /// 角色名称 /// </summary> public string RoleName { get; set; } /// <summary> /// 功能菜单ID /// </summary> public string FunctionMenuID { get; set; } /// <summary> /// 权限位标记 /// </summary> public int Flag { get; set; } } public partial class Privilege { /// <summary> /// 将Flag与EPrivilege等效转化 /// </summary> public EPrivilege FlagEqualToEPrivilege { get { var str = this.Flag.ToString(); return (EPrivilege)Enum.Parse(typeof(EPrivilege), str, true); } set { this.Flag = (int)value; } } public bool HasPrivilege(EPrivilege privilege) { return (this.FlagEqualToEPrivilege & privilege) != 0; } }
3.3 DB Methods
public class PrivilgeExtensions { public static bool HasPrivilege(this IPrincipal user, string resourceName, EPrivilege privilegeType) { //...... return false; } }
总结:Flag与Enum之间的自动解析应该是通过【Flags】标记完成。