权限控制五个表一网打尽(文/馒头)
--权限表
select * from dbo.SysRole
--[RoleName,RoleDesc]
--用户表
select * from dbo.SysUser
--UserName,IsAdmin
--用户与角色的对应表
select * from dbo.SysRoleMember
--RoleName,UserName
--用户角色与功能菜单的对应表
select * from dbo.SysUserPermission
--PermissName,PermissType [GroupId | UserId],SectionId
--功能菜单
select * from dbo.SysSection
--SectionId,SectionName
--如果SysUser.IsAdmin = true 则直接返回所有的SysSection
--根据权限读取功能菜单
SELECT * FROM SysSection WITH (NOLOCK)
WHERE Exists (
SELECT TOP 1 0 FROM SysUserPermission WITH (NOLOCK)
WHERE SysSection.SectionId = SectionId
AND (
(PermissType='GroupId'
AND EXISTS (SELECT TOP 1 0 FROM SysRole WITH (NOLOCK)
WHERE Exists (SELECT TOP 1 0 FROM SysRoleMember WITH (NOLOCK) WHERE SysRole.RoleName = RoleName AND UserName='admin')
AND SysUserPermission.PermissName=RoleName)
)
OR (
PermissType='UserId' AND PermissName='admin'
)
)
)
select * from dbo.SysRole
--[RoleName,RoleDesc]
--用户表
select * from dbo.SysUser
--UserName,IsAdmin
--用户与角色的对应表
select * from dbo.SysRoleMember
--RoleName,UserName
--用户角色与功能菜单的对应表
select * from dbo.SysUserPermission
--PermissName,PermissType [GroupId | UserId],SectionId
--功能菜单
select * from dbo.SysSection
--SectionId,SectionName
--如果SysUser.IsAdmin = true 则直接返回所有的SysSection
--根据权限读取功能菜单
SELECT * FROM SysSection WITH (NOLOCK)
WHERE Exists (
SELECT TOP 1 0 FROM SysUserPermission WITH (NOLOCK)
WHERE SysSection.SectionId = SectionId
AND (
(PermissType='GroupId'
AND EXISTS (SELECT TOP 1 0 FROM SysRole WITH (NOLOCK)
WHERE Exists (SELECT TOP 1 0 FROM SysRoleMember WITH (NOLOCK) WHERE SysRole.RoleName = RoleName AND UserName='admin')
AND SysUserPermission.PermissName=RoleName)
)
OR (
PermissType='UserId' AND PermissName='admin'
)
)
)
id 博主 = [[KILONET.CNBLOGS.COM alloc] initWithValue:@"天堂向右,我依然向左"
网名:@"老舟"
兴趣:@"影音,阅读"
动态:@"系统架构设计,Android通信模块开发"
网址:@"http://kilonet.cnblogs.com"
签名:@"--------------------------------------------------
Stay Hungry , Stay Foolish
求 知 若 渴,处 事 若 愚
--------------------------------------------------"
]; // Never Release
