求靠山权限设计思路-PHP Tutorial-php.cn

Home

Backend Development

PHP Tutorial

求靠山权限设计思路

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jun 13, 2016 am 10:57 AM

m2mnbspresourceroleuser

求后台权限设计思路
管理权限分到单个用户，没有统一的用户组。
权限分到节点，也就是分到每个操作。
这样的设计要如何来做。
不知道哪位大侠有好的思路，或是demo

------解决方案--------------------
后台分模块，模块有增删改查权限，如果没有用户组就只能每个用户分配详细的权限了，不过最好是设定权限级别，这样对权限比较好管理
------解决方案--------------------
给用户表附加一个权限字段即可
------解决方案--------------------

探讨

引用:

给用户表附加一个权限字段即可

这个权限字段中的存诸的值要与权限表里面的数据对应是吧？
有什么权限就只显示什么方法
而那个权限表里的字段要怎么做？
是不是要一个权限说明字段和一个请救的方法字段？
用几个字段好？

------解决方案--------------------
完全不分用户组, 权限也不分组或者等级的话,

你要先估计一下有多少具体权限节点,

数量大的话,以后管理很复杂.
------解决方案--------------------
首先要有角色。角色赋予几种操作权限。还要有权限表，权限表的权限值用整数存储，解析成二进制位，每一位代表一种操作权限。这样可以实现全局的权限的灵活派分。
------解决方案--------------------
搞个表也行啊。直接存
用户权限
------解决方案--------------------
搞个表，对应用户权限
------解决方案--------------------
你可以用数组形式来做后台权限，在一个数组里边放入一个函数调用的方法名，
------解决方案--------------------
可以参考ThinkPHP的RBAC权限控制
------解决方案--------------------
我来说下吧
1.设计资源表resource（也就是权限资源，每个需要控制权限的动作都是一个资源，一般通过url来区分资源）
2.设计用户表(这个不多说了)
3.确定用户和资源之间的关系
一个用户可以有多个资源，一个资源同样可以用多个用户，所以这是典型的m2m关系，需要设计第三张表来维护他们的关系，所以就出现了user_resource表
4.验证权限
当一个请求过来，解析url，找到对应的资源resource，然后查找user_resource表，看是否用户具有这个资源的权限。接下来你懂的

如果要添加用户组，这个就很简单了。
1.设计用户组表role
2.设计user_role(不用说用户和用户组同样是m2m关系)
3.设计role_resource（用户组和资源同样是m2m关系）
4.至于用户组的权限判断你应该懂了。

------解决方案--------------------
权限树的对比可以做到简单的。

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

PHP Performance Tuning for High Traffic WebsitesMay 14, 2025 am 12:13 AM

ThesecrettokeepingaPHP-poweredwebsiterunningsmoothlyunderheavyloadinvolvesseveralkeystrategies:1)ImplementopcodecachingwithOPcachetoreducescriptexecutiontime,2)UsedatabasequerycachingwithRedistolessendatabaseload,3)LeverageCDNslikeCloudflareforservin

Dependency Injection in PHP: Code Examples for BeginnersMay 14, 2025 am 12:08 AM

You should care about DependencyInjection(DI) because it makes your code clearer and easier to maintain. 1) DI makes it more modular by decoupling classes, 2) improves the convenience of testing and code flexibility, 3) Use DI containers to manage complex dependencies, but pay attention to performance impact and circular dependencies, 4) The best practice is to rely on abstract interfaces to achieve loose coupling.

PHP Performance: is it possible to optimize the application?May 14, 2025 am 12:04 AM

Yes,optimizingaPHPapplicationispossibleandessential.1)ImplementcachingusingAPCutoreducedatabaseload.2)Optimizedatabaseswithindexing,efficientqueries,andconnectionpooling.3)Enhancecodewithbuilt-infunctions,avoidingglobalvariables,andusingopcodecaching

PHP Performance Optimization: The Ultimate GuideMay 14, 2025 am 12:02 AM

ThekeystrategiestosignificantlyboostPHPapplicationperformanceare:1)UseopcodecachinglikeOPcachetoreduceexecutiontime,2)Optimizedatabaseinteractionswithpreparedstatementsandproperindexing,3)ConfigurewebserverslikeNginxwithPHP-FPMforbetterperformance,4)

PHP Dependency Injection Container: A Quick StartMay 13, 2025 am 12:11 AM

APHPDependencyInjectionContainerisatoolthatmanagesclassdependencies,enhancingcodemodularity,testability,andmaintainability.Itactsasacentralhubforcreatingandinjectingdependencies,thusreducingtightcouplingandeasingunittesting.

Dependency Injection vs. Service Locator in PHPMay 13, 2025 am 12:10 AM

Select DependencyInjection (DI) for large applications, ServiceLocator is suitable for small projects or prototypes. 1) DI improves the testability and modularity of the code through constructor injection. 2) ServiceLocator obtains services through center registration, which is convenient but may lead to an increase in code coupling.

PHP performance optimization strategies.May 13, 2025 am 12:06 AM

PHPapplicationscanbeoptimizedforspeedandefficiencyby:1)enablingopcacheinphp.ini,2)usingpreparedstatementswithPDOfordatabasequeries,3)replacingloopswitharray_filterandarray_mapfordataprocessing,4)configuringNginxasareverseproxy,5)implementingcachingwi

PHP Email Validation: Ensuring Emails Are Sent CorrectlyMay 13, 2025 am 12:06 AM

PHPemailvalidationinvolvesthreesteps:1)Formatvalidationusingregularexpressionstochecktheemailformat;2)DNSvalidationtoensurethedomainhasavalidMXrecord;3)SMTPvalidation,themostthoroughmethod,whichchecksifthemailboxexistsbyconnectingtotheSMTPserver.Impl

See all articles

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

How to fix KB5055612 fails to install in Windows 10?

4 weeks agoByDDD

Roblox: Grow A Garden - Complete Mutation Guide

3 weeks agoByDDD

Roblox: Bubble Gum Simulator Infinity - How To Get And Use Royal Keys

3 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

Nordhold: Fusion System, Explained

4 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

Mandragora: Whispers Of The Witch Tree - How To Unlock The Grappling Hook

3 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

Hot Tools

Notepad++7.3.1

Easy-to-use and free code editor

SecLists

SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.