在c# windows应用程序中控制用户权限
本文关键字:控制 用户 权限 应用程序 windows | 更新日期: 2023-09-27 18:05:28
我已经用c#和SQL 2008设计了Windows应用程序。现在,我想控制用户可以访问哪个部分及其权限。
所以,我想知道它是更好的设计表在sql和设置权限为每个用户或有任何其他的解决方案?一般来说,我看到的是以下几行:
让tblUser
表像这样:
tblUser
UserId
UserName
etc...
角色表:
tblRole
RoleId
Name
和链接表:
tblUserRole
UserId
RoleId
在您的应用程序中,您将检查当前用户是否在tblUserRole
表中具有相应的角色。如果是,允许当前用户使用该功能,否则显示错误消息,禁止用户进入等…
以MS SQL
为例,您可以拥有以下类型的Stored Procedure
:
添加用户
CREATE PROCEDURE spAddUser
@UserName AS nvarchar(256)
AS
BEGIN
-- SET NOCOUNT ON added to prevent extra result sets from
-- interfering with SELECT statements.
SET NOCOUNT ON;
INSERT INTO tblUser
(UserName)
VALUES(@UserName)
SELECT SCOPE_IDENTITY( ) AS 'Id'
END
GO
添加用户角色
CREATE PROCEDURE spAddUserRole
@UserId AS int,
@RoleId As int
AS
BEGIN
-- SET NOCOUNT ON added to prevent extra result sets from
-- interfering with SELECT statements.
SET NOCOUNT ON;
INSERT INTO tblUserRole
(UserId, RoleId)
VALUES(@UserId, @RoleId)
END
GO
用户是否有角色
CREATE PROCEDURE spDoesUserHaveRole
@UserId AS int,
@RoleId As int,
@HasRole AS bit OUTPUT
AS
BEGIN
-- SET NOCOUNT ON added to prevent extra result sets from
-- interfering with SELECT statements.
SET NOCOUNT ON;
SELECT @HasRole = COUNT(UserId) > 0 FROM tblUserRole
WHERE UserId = @UserId AND
RoleId = @RoleId
END
GO