Web Front-endVue.jsDetailed explanation of the implementation ideas of Vue's various permissions control and managementDetailed explanation of the implementation ideas of Vue's various permissions control and management
This article brings you relevant knowledge about vue, which mainly introduces in detail the implementation ideas of various permission control and management of vue. Friends who are interested can take a look at it together. I hope it will be helpful to everyone.
1. Menu permissions
- Menu permissions: Control which menu items users can see in the system
- Menu permission refers to the left menu bar in the back-end system. The front-end can be spliced together based on the permission data returned by the back-end interface combined with the element-ui menu component. The menu will be displayed according to the permissions
- Solve the problem of the refresh page menu bar not being displayed through the vuex persistence plug-in (local storage)
- When implementing the logout function, clear the local data through the
clear()method, and pass after the jumpwindow.location.reload()Refresh the current page to clear the vuex data
2. Routing permissions
- Routing permissions In order to prevent The user maliciously enters the address in the address bar and is forced to jump. Dynamic routing can be used to restrict user permissions. If there is permission, it will jump. If there is no permission, it will jump to the 404 page.
- The method of routing permissions needs to be in
initDynamicRoutesis called at two times, namely when the login is successful and when the page is created. Otherwise, the dynamic route is the default value and cannot be accessed by refreshing
import Vue from 'vue'
import VueRouter from 'vue-router'
import Layout from '@/layout'
import store from '@/store'
Vue.use(VueRouter)
// 动态路由规则
const tableRule = {
path: '/table',
name: 'table',
component: () => import('@/views/table/index.vue')
}
const imageRule = {
path: '/image',
name: 'image',
component: () => import('@/views/image')
}
const userRule = {
path: '/users',
name: 'users',
component: () => import('@/views/users')
}
// 路由规则和字符串的映射关系
const ruleMapping = {
table: tableRule,
users: userRule,
image: imageRule
}
//静态路由
const routes = [
{
path: '/login',
// name: 'login', // 这里如果有name 控制台会提示
component: () => import('@/views/login')
},
{
path: '/',
component: Layout,
children: [
{
path: '',
// name: 'home',
component: () => import('@/views/home')
},
{
path: '/chart',
component: () => import('@/views/chart')
}
]
}
]
const router = new VueRouter({
routes
})
//路由权限:用户登录后接口返回,存储到本地缓存
const rightList = [
{
id: 1,
authName: "基本页面",
icon: "el-icon-connection",
children: [
{
id: 11,
authName: "表格页面",
icon: "el-icon-s-grid",
path: "table",
rights: ["view", "edit", "add", "delete"]
},
{
id: 12,
authName: "素材页面",
icon: "el-icon-s-marketing",
path: "image",
rights: ["view", "edit", "add", "delete"]
}
]
},
{
id: 2,
authName: "用户权限",
icon: "el-icon-set-up",
children: [
{
id: 21,
authName: "权限页面",
icon: "el-icon-s-custom",
path: "users",
rights: ["view", "edit", "add", "delete"]
}
]
}
];
//在登录(login.vue)、页面刷新(App.vue)的时候,调用initDynamicRoutes
export function initDynamicRoutes () {
// 根据二级权限 对路由规则进行动态的添加
const currentRoutes = router.options.routes
rightList.forEach(item => { // 如果是没有子路由的话 就直接添加进去 如果有子路由的话就进入二级权限遍历
if (item.path) {
const temp = ruleMapping[item.path]
// 路由规则中添加元数据meta
temp.meta = item.rights
currentRoutes[1].children.push(temp)
}
item.children.forEach(item => {
// item 二级权限
const temp = ruleMapping[item.path]
// 路由规则中添加元数据meta,用于按钮权限控制
temp.meta = item.rights
currentRoutes[1].children.push(temp)
})
})
// 添加路由规则
router.addRoutes(currentRoutes)
}
export default router3. Button permissions
- The so-called button permissions mean that in a certain menu interface, we need to display the buttons that can be operated, such as delete and modify, based on the corresponding button permission data in the current operation module of the role returned by the backend. , add and other buttons.
- If we want to implement button permission control, we need to use vue's custom instructions to achieve it: First we need to create a button permission control instruction, we define this instruction The name is:
v-permission
- If we want to implement button permission control, we need to use vue's custom instructions to achieve it: First we need to create a button permission control instruction, we define this instruction The name is:
- Get the current user’s button permission inside this command (vuex|local cache) Data
- Get the data of the custom attribute value through
binding.value
- Get the data of the custom attribute value through
- Determine whether the button permission data obtained from
vuex|local cachecontains the permissions contained in the custom instruction
- Determine whether the button permission data obtained from
- If it is not included, we set
el.style.display = “none”, or useel.parentNode.removeChild(el)to delete the current button element
- If it is not included, we set
<el-button v-permission="[$route.path, 'add']">添加</el-button>
directives: {
// 检测全选的指令
permission: {
// 绑定此指令的标签插入到dom节点触发
inserted(el, bind) {
// el:绑定该指令标签
// bind:对象格式 当前绑定指令标签上的数据情况
// 获取按钮上的value值,就是用户当前要使用的权限和请求的路由地址
let value = bind.value//['/user','add']
//模拟后端返回的当前角色对应的权限
let rules = {
'/menu': ['add', 'edit'],
"/user": [ 'edit', 'remove'],
"/goods": ['add']
}
// 根据访问的路由地址获取该模块的操作权限
let allow = rules[value[0]]
// 检测当前操作是否合法
if (!allow.includes(value[1])) {
// 不合法隐藏操作按钮
el.style = "display:none"
}
}
}
}4. Data permissions
-
Data permissionsThat is, users with different roles will see different table data - For example, if Zhang San is a project manager, he can see all the data and field information in a certain business form
- Li Si is an ordinary employee and can only see his own data in the form
- Code implementation: The front end encapsulates the request header uniformly, carrying user information, and finally the back end detects the user permissions, parses and returns the corresponding data;
import axios from 'axios'
import router from '@/router'
const request = axios.create()
// 映射
const actionMapping = {
get: 'view',
post: 'add',
put: 'edit',
delete: 'delete'
}
// request.defaults.baseURL = 'http://127.0.0.1:7001' // 注释掉之后调的接口将是Mock数据
// 请求拦截器
request.interceptors.request.use(req => {
// console.log(req.url)
// console.log(req.method)
if (req.url !== '/login' && req.url !== '/roles') {
// 不是登录的请求 也不是获取权限的请求 则在请求头中加入token 不知道如何使用Mock来验证请求头中的token 故此处注释
// req.headers.Authorization = sessionStorage.getItem('token')
const action = actionMapping[req.method]
// 判断非权限范围内的请求
// console.log(router)
const currentRight = router.currentRoute.meta
// console.log(currentRight)
if (currentRight && currentRight.indexOf(action) === -1) {
// 没有权限
alert('没有权限')
return Promise.reject(new Error('没有权限'))
}
}
return req
})
export default request Recommended learning: "vue video tutorial 》
The above is the detailed content of Detailed explanation of the implementation ideas of Vue's various permissions control and management. For more information, please follow other related articles on the PHP Chinese website!
What Happens When the Vue.js Virtual DOM Detects a Change?May 14, 2025 am 12:12 AMWhentheVue.jsVirtualDOMdetectsachange,itupdatestheVirtualDOM,diffsit,andappliesminimalchangestotherealDOM.ThisprocessensureshighperformancebyavoidingunnecessaryDOMmanipulations.
How Accurate Is It to Think of Vue.js's Virtual DOM as a Mirror of the Real DOM?May 13, 2025 pm 04:05 PMVue.js' VirtualDOM is both a mirror of the real DOM, and not exactly. 1. Create and update: Vue.js creates a VirtualDOM tree based on component definitions, and updates VirtualDOM first when the state changes. 2. Differences and patching: Comparison of old and new VirtualDOMs through diff operations, and apply only the minimum changes to the real DOM. 3. Efficiency: VirtualDOM allows batch updates, reduces direct DOM operations, and optimizes the rendering process. VirtualDOM is a strategic tool for Vue.js to optimize UI updates.
Vue.js vs. React: Scalability and MaintainabilityMay 10, 2025 am 12:24 AMVue.js and React each have their own advantages in scalability and maintainability. 1) Vue.js is easy to use and is suitable for small projects. The Composition API improves the maintainability of large projects. 2) React is suitable for large and complex projects, with Hooks and virtual DOM improving performance and maintainability, but the learning curve is steeper.
The Future of Vue.js and React: Trends and PredictionsMay 09, 2025 am 12:12 AMThe future trends and forecasts of Vue.js and React are: 1) Vue.js will be widely used in enterprise-level applications and have made breakthroughs in server-side rendering and static site generation; 2) React will innovate in server components and data acquisition, and further optimize the concurrency model.
Netflix's Frontend: A Deep Dive into Its Technology StackMay 08, 2025 am 12:11 AMNetflix's front-end technology stack is mainly based on React and Redux. 1.React is used to build high-performance single-page applications, and improves code reusability and maintenance through component development. 2. Redux is used for state management to ensure that state changes are predictable and traceable. 3. The toolchain includes Webpack, Babel, Jest and Enzyme to ensure code quality and performance. 4. Performance optimization is achieved through code segmentation, lazy loading and server-side rendering to improve user experience.
Vue.js and the Frontend: Building Interactive User InterfacesMay 06, 2025 am 12:02 AMVue.js is a progressive framework suitable for building highly interactive user interfaces. Its core functions include responsive systems, component development and routing management. 1) The responsive system realizes data monitoring through Object.defineProperty or Proxy, and automatically updates the interface. 2) Component development allows the interface to be split into reusable modules. 3) VueRouter supports single-page applications to improve user experience.
What are the disadvantages of VueJs?May 05, 2025 am 12:06 AMThe main disadvantages of Vue.js include: 1. The ecosystem is relatively new, and third-party libraries and tools are not as rich as other frameworks; 2. The learning curve becomes steep in complex functions; 3. Community support and resources are not as extensive as React and Angular; 4. Performance problems may be encountered in large applications; 5. Version upgrades and compatibility challenges are greater.
Netflix: Unveiling Its Frontend FrameworksMay 04, 2025 am 12:16 AMNetflix uses React as its front-end framework. 1.React's component development and virtual DOM mechanism improve performance and development efficiency. 2. Use Webpack and Babel to optimize code construction and deployment. 3. Use code segmentation, server-side rendering and caching strategies for performance optimization.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Safe Exam Browser
Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.
VSCode Windows 64-bit Download
A free and powerful IDE editor launched by Microsoft
MantisBT
Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.
SAP NetWeaver Server Adapter for Eclipse
Integrate Eclipse with SAP NetWeaver application server.
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
