Through the role control model,user can separate a specific function from own and correspond with the role which belongs to him. By authorizing the role.it can achieve the connection of user and a specific function. It mitigates workload of system administrator and improves the security of system by role control' s separation mechanism. The use of metadata to manage control' s information corresponding to function, when system administrator manages the right of user, system can gain the corresponding information from metadata. Though generating the list of system function by custom user rights management control based on metadata, system administrator can as-signe user roles and authore roles. The actual project development proves that the method can successfully control user rights .improve the security of system and maintainablility of the system,and greatly reduce cost of system maintenance.%通过角色控制模型将用户与某一具体功能分离,使用户与他所属的角色相对应.通过给角色授权来实现用户与某一具体功能的连接.这既减轻了系统管理员的工作量又通过角色控制的分离机制提高了系统的安全性.在实现上使用元数据管理功能对应的控件的信息,当系统管理员管理用户权限时,系统从元数据中获取对应信息.通过基于元数据的自定义用户权限管理控件生成整个系统的功能列表,系统管理员分配用户角色,并为该角色授权.通过实际的项目开发,验证了此方法可以有效地实现对用户权限控制,同时增强了系统的安全性,提高了系统的可维护性,大大降低了系统维护的代价.
展开▼
