This page looks best with JavaScript enabled

权限管理功能设计

 ·  ☕ 4 min read

    权限管理分析

    权限拦截的对象:用户

    权限拦截的点:菜单,路由,接口,按钮

    控制用户对资源的访问

    权限的操作:配置,读取,拦截

    核心概念:用户、角色、资源

    权限管理的功能点

    配置:

    1. 用户管理:用户表,用户管理界面
    2. 资源配置:资源表,资源配置界面
    3. 角色管理:角色表,角色管理界面
    4. 用户角色关联配置:用户角色关联表,复用角色管理界面
    5. 角色资源关联配置:角色资源关联表,复用角色管理界面

    读取:

    • 用户权限的读取:用户登录时,读取该用户所有权限

    拦截:

    • 用户操作业务时,进行权限拦截
      • 前端界面:菜单,路由,按钮,hidden disabled
      • 后端接口:接口,gateway的过滤器

    权限初始化

    数据库表的创建

    数据表的结构

    用户表

     1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12

    drop table if exists `user`;
create table `user` (
  `id` char(8) not null default '' comment 'id',
  `login_name` varchar(50) not null comment '登陆名',
  `name` varchar(50) comment '昵称',
  `password` char(32) not null comment '密码',
  primary key (`id`),
  unique key `login_name_unique` (`login_name`)
) engine=innodb default charset=utf8mb4 comment='用户';

# 初始test/test
insert into `user` (id, login_name, name, password) values ('10000000', 'test', '测试', 'e70e2222a9d67c4f2eae107533359aa4');

    资源表

     1
 2
 3
 4
 5
 6
 7
 8
 9
10
11

    drop table if exists `resource`;
create table `resource` (
  `id` char(6) not null default '' comment 'id',
  `name` varchar(100) not null comment '名称|菜单或按钮',
  `page` varchar(50) null comment '页面|路由',
  `request` varchar(200) null comment '请求|接口',
  `parent` char(6) comment '父id',
  primary key (`id`)
) engine=innodb default charset=utf8mb4 comment='资源';

insert into `resource` values ('01', '系统管理', null, null, null);

    角色表

     1
 2
 3
 4
 5
 6
 7
 8
 9
10
11

    drop table if exists `role`;
create table `role` (
  `id` char(8) not null default '' comment 'id',
  `name` varchar(50) not null comment '角色',
  `desc` varchar(100) not null comment '描述',
  primary key (`id`)
) engine=innodb default charset=utf8mb4 comment='角色';

insert into `role` values ('00000000', '系统管理员', '管理用户、角色权限');
insert into `role` values ('00000001', '开发', '维护资源');
insert into `role` values ('00000002', '业务管理员', '负责业务管理');

    用户角色关联表

    1
2
3
4
5
6
7
8
9

    drop table if exists `role_user`;
create table `role_user` (
  `id` char(8) not null default '' comment 'id',
  `role_id` char(8) not null comment '角色|id',
  `user_id` char(8) not null comment '用户|id',
  primary key (`id`)
) engine=innodb default charset=utf8mb4 comment='角色用户关联';

insert into `role_user` values ('00000000', '00000000', '10000000');

    角色资源关联表

    1
2
3
4
5
6
7
8
9

    drop table if exists `role_resource`;
create table `role_resource` (
  `id` char(8) not null default '' comment 'id',
  `role_id` char(8) not null comment '角色|id',
  `resource_id` char(6) not null comment '资源|id',
  primary key (`id`)
) engine=innodb default charset=utf8mb4 comment='角色资源关联';

insert into `role_resource` values ('00000000', '00000000', '01');

    资源表数据

     1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59

    [{
    "id": "00", "name": "欢迎", "page": "welcome"
}, {
    "id": "01", "name": "系统管理",
    "children": [{
        "id": "0101", "name": "用户管理", "page": "system/user",
        "children": [
            {"id": "010101", "name": "保存", "request": ["/system/admin/user/list", "/system/admin/user/save"]},
            {"id": "010102", "name": "删除", "request": ["/system/admin/user/delete"]},
            {"id": "010103", "name": "重置密码", "request": ["/system/admin/user/save-password"]}
        ]
    }, {
        "id": "0102", "name": "资源管理", "page": "system/resource",
        "children": [
            {"id": "010201", "name": "保存/显示", "request": ["/system/admin/resource"]}
        ]
    }, {
        "id": "0103", "name": "角色管理", "page": "system/role",
        "children": [
            {"id": "010301", "name": "角色/权限管理", "request": ["/system/admin/role"]}
        ]
    }]
}, {
    "id": "02", "name": "业务管理",
    "children": [{
        "id": "0201", "name": "分类管理", "page": "business/category",
        "children": [
            {"id": "020101", "name": "增删改查", "request": ["/business/admin/category"]}
        ]
    }, {
        "id": "0202", "name": "课程管理", "page": "business/course",
        "children": [
            {"id": "020201", "name": "增删改查", "request": ["/business/admin/course", "/business/admin/category/all"]}
        ]
    }, {
        "id": "0203", "name": "讲师管理", "page": "business/teacher",
        "children": [
            {"id": "020301", "name": "增删改查", "request": ["/business/admin/teacher"]}
        ]
    }, {
        "id": "0204", "name": "会员管理", "page": "business/member",
        "children": [
            {"id": "020401", "name": "增删改查", "request": ["/business/admin/member"]}
        ]
    }, {
        "id": "0205", "name": "短信管理", "page": "business/sms",
        "children": [
            {"id": "020501", "name": "增删改查", "request": ["/business/admin/sms"]}
        ]
    }]
}, {
    "id": "03", "name": "文件管理",
    "children": [{
        "id": "0301", "name": "文件管理", "page": "file/file",
        "children": [
            {"id": "030101", "name": "文件管理", "request": ["/file/admin/file"]}
        ]
    }]
}]
    Support the author with
    alipay QR Code
    wechat QR Code