In the past many 0~1 large-scale digital mid-office projects, the underlying authority system is what I care about most, and I also require product managers and development students, especially back-end developers, to be familiar with them before they can enter product development projects.
The RBAC model gives B-end products a very easy-to-understand permission method, and there are many RBAC-related articles on the platform. This article focuses on the actual technical implementation process for your reference, to facilitate the communication phone number list between the B-end product manager and the development students, and to avoid detours (the three projects were damaged a lot here).
First, the basic introduction of the authority system
The elements of the permission system are: business organization, roles, users and permissions, pages, and views.
Organizations, roles, and users are instantly adjustable based on business changes.
Permissions are the lowest-level attributes phone number list which are developed and implemented by developers based on business requirements. The object of the permission constraint is the concrete instance of the background. According to the security requirements of the data interface, special interface permissions can be designed. Permissions are divided into functional permissions (including menu permissions), organizational permissions, and data permissions.
Pages and views are the content that the system presents to the corresponding users according to the business configuration.
For a detailed description of the authority system, please refer to the
2. In-depth understanding of the RBAC model
At the heart of the RBAC (Role-Based Privilege Control) model is the introduction of the concept of roles between users and privileges. The direct association between users and permissions is canceled, and the user permissions are indirectly granted by the method of user association roles and role association permissions (as shown in the figure below), so as to achieve the purpose of decoupling users and permissions.
The RBAC model emphasizes the relationship between users, roles, and permissions, but in B-side business applications, it cannot be separated from the business department, so the four must establish a relationship. In addition to the above four tables, the background also needs to record the relationship table of users, business departments, and roles, as shown in the following figure:
1. Basic requirements for business records in mature business platforms
The authority system in mature ERP and CRM platforms is very strict, and there are strict requirements for business records: that is, a single business record must have the owner of the business record and the business department to which the owner belongs . Therefore, business records must have 7 basic fields: creator, creation time, last modified person, last modified time, Owner, the business department where the Owner is located + status (enabled/disabled) , when the Owner changes, the owner where the Owner is located Business departments are updated synchronously.
Only in this way can the strict control of organizational permissions be guaranteed, and its implementation logic is obtained from the business organization where the Owner in the data record is located according to the data scope of the organization and role of the current user. After loading the visible data, control the front-end function buttons according to the editing permissions of the current user.
Example: Zhang San is a sales manager. The query permission is to see the customer data of all sales consultants in the department, and the modification permission is personal. When getting the client list, the modification buttons of some clients are highlighted (his personal clients), and the modification buttons of some clients are grayed out (not his clients, but those of other sales consultants). In the figure above, customer data is in the lead center, and business data in other business centers is handled similarly.
2. How is the permission system configured and logically implemented?
Permission configuration belongs to the basic setting part. Generally, the permissions of different roles are set by the supervising user, for example:
Such permission configuration actually needs to be agreed between the front-end and the back-end. A unified permission code is used for collaborative control, and menu/function permissions, data permissions, and corresponding permission codes are agreed by other methods such as excel sheets. Example:
There are 3 questions for everyone to think about:
Is the organization authority at the individual level, all treated the same as the headquarters, the headquarters and below?
What if a person has multiple roles, and different roles have different levels of organizational 1-Different processing methods: 1) Individual-level permissions, directly find the owner; 2) All: give all data directly; 3) Headquarters: give the ID of the organization where the owner belongs, and use this ID to return the data with this ID in the record; 4) Headquarters and below: The ID of the owner's organization and the organization IDs of all the following organizations. Use these IDs to return the data with these IDs in the record. 2- From the perspective of data viewing, the highest level of authority is taken; but some business data is sensitive, the lowest level of authority is taken. Avoid data leakage due to misconfiguration of role permissions. 3-General organization and data permissions only involve functional permissions, that is, after seeing the data records, you can modify or delete them. Moreover, the user center of functional rights will be synchronized to the business center. What I want to emphasize here is the business logic control, such as the impact of order status on functional permissions. For example: after the order is closed, only the view button and the archive button are left, and all other buttons are grayed out. 2021-04-19Reply