tsai
/
abp-next-admin2
mirror of https://github.com/colinin/abp-next-admin.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
这是基于vue-vben-admin 模板适用于abp vNext的前端管理项目
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2888 Commits
72 Branches
54 Tags
77 MiB
 
 
 
 
 
 
Tree: ac7a940a9e
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'ac7a940a9e'
${ noResults }
abp-next-admin2/docs/wiki/扩展开发/自定义模块开发/权限定义与管理.md

6.9 KiB
Raw Blame History

权限定义与管理

**本文档中引用的文件** - [PermissionDefinitionAppService.cs](file://aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.Application/LINGYUN/Abp/PermissionManagement/Definitions/PermissionDefinitionAppService.cs) - [PermissionGroupDefinitionAppService.cs](file://aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.Application/LINGYUN/Abp/PermissionManagement/Definitions/PermissionGroupDefinitionAppService.cs) - [MultiplePermissionManager.cs](file://aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.Application/LINGYUN/Abp/PermissionManagement/MultiplePermissionManager.cs) - [PermissionAppService.cs](file://aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.Application/LINGYUN/Abp/PermissionManagement/PermissionAppService.cs) - [OrganizationUnitPermissionManagementProvider.cs](file://aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.Domain.OrganizationUnits/LINGYUN/Abp/PermissionManagement/OrganizationUnits/OrganizationUnitPermissionManagementProvider.cs) - [PermissionManagementPermissionDefinitionProvider.cs](file://aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.Application.Contracts/LINGYUN/Abp/PermissionManagement/Permissions/PermissionManagementPermissionDefinitionProvider.cs) - [PermissionDefinitionDto.cs](file://aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.Application.Contracts/LINGYUN/Abp/PermissionManagement/Definitions/Dto/PermissionDefinitionDto.cs) - [PermissionDefinitionCreateDto.cs](file://aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.Application.Contracts/LINGYUN/Abp/PermissionManagement/Definitions/Dto/PermissionDefinitionCreateDto.cs) - [PermissionDefinitionUpdateDto.cs](file://aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.Application.Contracts/LINGYUN/Abp/PermissionManagement/Definitions/Dto/PermissionDefinitionUpdateDto.cs) - [PermissionManagementPermissionNames.cs](file://aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.Application.Contracts/LINGYUN/Abp/PermissionManagement/Permissions/PermissionManagementPermissionNames.cs) - [PermissionDefinitionController.cs](file://aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.HttpApi/LINGYUN/Abp/PermissionManagement/HttpApi/Definitions/PermissionDefinitionController.cs) - [AbpPermissionManagementApplicationModule.cs](file://aspnet-core/modules/permissions-management/LINGYUN.Abp.PermissionManagement.Application/LINGYUN/Abp/PermissionManagement/AbpPermissionManagementApplicationModule.cs)

目录

  1. 简介
  2. 权限定义
  3. 权限层级结构
  4. 权限验证机制
  5. 权限管理最佳实践
  6. 权限分组与继承
  7. 动态权限分配
  8. 结论

简介

本项目中的权限管理系统基于ABP框架构建,提供了完整的权限定义、管理和验证功能。系统支持静态和动态权限定义,允许通过API进行权限的创建、更新和删除操作。权限管理模块提供了对组织单元、角色和用户的权限支持,实现了灵活的权限控制机制。

权限管理模块通过PermissionManagement命名空间下的多个组件协同工作,包括应用程序服务、领域服务和HTTP API控制器。系统支持多租户架构,权限定义可以针对不同的租户侧进行配置。

权限系统的核心功能包括权限定义管理、权限分配、权限验证和权限继承。通过IPermissionDefinitionManager接口管理所有权限定义,IPermissionManager接口处理权限的授予和检查,而PermissionValueProvider则负责具体的权限验证逻辑。

Section sources

  • AbpPermissionManagementApplicationModule.cs

权限定义

权限定义是权限管理系统的基础,每个权限都有唯一的名称、显示名称和描述信息。在本系统中,权限定义通过PermissionDefinitionDto类表示,包含以下关键属性:

  • Name: 权限的唯一标识符,用于代码中引用
  • DisplayName: 权限的显示名称,用于用户界面展示
  • GroupName: 所属权限组的名称,用于组织权限
  • ParentName: 父权限名称,用于构建权限树结构
  • IsEnabled: 权限是否启用的状态
  • MultiTenancySide: 多租户支持级别
  • Providers: 支持的权限提供者列表
  • StateCheckers: 状态检查器配置

权限定义通过IPermissionDefinitionAppService接口进行管理,支持创建、读取、更新和删除(CRUD)操作。创建权限时需要提供PermissionDefinitionCreateDto对象,其中包含权限名称、显示名称、所属组等必要信息。

classDiagram
class PermissionDefinitionDto {
+string Name
+string ParentName
+string DisplayName
+string GroupName
+bool IsEnabled
+bool IsStatic
+MultiTenancySides MultiTenancySide
+List<string> Providers
+string StateCheckers
+ExtraPropertyDictionary ExtraProperties
}
class PermissionDefinitionCreateDto {
+string Name
+string GroupName
+string ParentName
+string DisplayName
+bool IsEnabled
+MultiTenancySides MultiTenancySide
+List<string> Providers
+string StateCheckers
+ExtraPropertyDictionary ExtraProperties
}
class PermissionDefinitionUpdateDto {
+string ConcurrencyStamp
+string DisplayName
+string ParentName
+bool IsEnabled
+MultiTenancySides MultiTenancySide
+List<string> Providers
+string StateCheckers
+ExtraPropertyDictionary ExtraProperties
}
PermissionDefinitionCreateDto --|> PermissionDefinitionCreateOrUpdateDto
PermissionDefinitionUpdateDto --|> PermissionDefinitionCreateOrUpdateDto
PermissionDefinitionCreateOrUpdateDto <|-- PermissionDefinitionDto

**Diagram sources **

  • PermissionDefinitionDto.cs
  • PermissionDefinitionCreateDto.cs
  • PermissionDefinitionUpdateDto.cs

Section sources

  • PermissionDefinitionDto.cs
  • [PermissionDefinitionCreateDto.cs](file://aspnet-core