Building Step by Step (6): Configuring Users and User Permissions
120021. Introduction to This Lesson
In this lesson, you will learn how to configure users and user permissions in data tables, which is one of the essential features in enterprise-level web application projects developed with the Jianghu JS framework. You will understand the relevant data tables that need to be configured, the structure of each table, and the usage instructions for each field.
We will demonstrate how to configure these tables through examples to achieve user authentication, permission management, and access control functionalities.
2. Basic Concepts of User Permission Management
User permission management is an important concept. Through effective identity authentication, permission management, and access control, the system can ensure that users can only access resources they are authorized to, thereby enhancing the security of the system and the ability to protect data. It involves the following aspects:
(1) Identity Authentication: Identity authentication is the process of verifying a user's identity. Common methods of identity authentication include username and password. Through effective identity authentication, the system can ensure that only legitimate users can access system resources.
(2) Permission Management: Users are assigned to groups and roles. A user may be assigned to one or more user groups, and user groups may have one or more roles, with roles corresponding to specific permissions.
(3) Access Control: Access control refers to controlling users' access permissions to system resources. This includes determining which pages, data, or functionalities users can access and restricting users' access to unauthorized resources.
3. Database Configuration Tables in the Jianghu JS Framework
In the permission management of Jianghu JS projects, multiple tables are typically involved to manage information about users, user groups, roles, and permissions. The _user, _group, and _role tables are the foundational tables, while the other three tables are relationship tables. The functions of these tables are as follows:
_user Table: Used for identity authentication, storing basic information about users, such as usernames and passwords. * represents all users.
_group Table: Used for user group management, storing information about user groups, such as group names and descriptions. * represents all groups.
Two default groups
loginandpublicare not displayed in the_grouptable.
- Users are in the
logingroup after logging in.- All users are in the
publicgroup.
_role Table: Used for role management, storing information about roles, such as role names and descriptions. * represents all roles.
_user_group_role Table: Used for permission management, assigning groups and roles to users, storing the relationships between users, groups, and roles.
_user_group_role_page Table: Used to control access to pages, specifying permission settings for different user groups or roles on different pages.
_user_group_role_resource Table: Used to control access to data, specifying which data interfaces different user groups or roles can access on different pages.
5. Assigning Groups and Roles to Users
In enterprise-level web application projects developed with the Jianghu JS framework, setting user permissions is essential, using the _user_group_role table to configure user permissions.
For example: Teacher Zhang Sanfeng serves as the group leader in the first-grade group, including the following information:
- The user information for Zhang Sanfeng
W00001is stored in the_usertable. - The information for the first-grade group
oneGradeGroupis stored in the_grouptable. - The role information for the group leader
groupLeaderis stored in the_roletable.
To assign Zhang Sanfeng to the group oneGradeGroup and the role groupLeader, the entry in the _user_group_role table would be as follows:
| user | group | role |
|