preface

In the background, human resource management system, we often encounter the technology of assigning permissions. How to assign permissions is a difficult problem. Here,RBAC model can solve this problem well

What is RBAC?

Overview of the RBAC model

RBAC model (Role-based Access Control: Role-based access control) model is a kind of new model developed in the 1990 s, but during the multi-user calculation in the 1970 s, this idea was put forward, until the 1990 s, the RBAC to get some attention in the research community, and has many types of RBAC model is put forward. Among them, RBAC96 model proposed by George Mason University Information Security Technology Laboratory (LIST) is the most representative and has been widely recognized.

RBAC believes that the process of authorization can be abstractly summarized as: Whether Who can access What How and determine whether this logical expression is True or not is a process of solving, that is, transforming the permission problem into What and How. Who, What and How constitute the triplet of access permission. For specific theories, please refer to RBAC96. Here we will not do a detailed introduction, we can have an impression.

The composition of RBAC

In the RBAC model, there are three basic components: users, roles, and permissions.

RBAC controls user permissions by defining roles and granting certain roles to users. RBAC separates users from permissions (different from the ACL model), greatly facilitating permission management

background

In order to achieve the goal that different accounts can see different pages and perform different functions after logging in to the system, we have many solutions, namely RBAC(Role-based Access Control) permission model, which is the role-based permission allocation solution.

Its permission mode is as follows:

Three main body

User: the person who uses the system (employee)

How many functions are available in the system (example: start with 3 pages, each with 3,2,4 different actions)

Role Role: a collection of different permission points

  • The RBAC model can help us solve the problem of different people obtaining different permissions

How is permission assignment implemented in a project

We can tell based on the data sent from the back end

In the figure above, Menus represent page permissions, and Points represent function-level button permissions. We can dynamically create or remove DOM elements and add dynamic routes by judging whether there are permissions through arrays