Formed in 2009, the Archive Team (not to be confused with the archive.org Archive-It Team) is a rogue archivist collective dedicated to saving copies of rapidly dying or deleted websites for the sake of history and digital heritage. The group is 100% composed of volunteers and interested parties, and has expanded into a large amount of related projects for saving online and digital history.
Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.
Sign up权限和开放给第三方的问题 #14
权限和开放给第三方的问题 #14
Comments
|
前面再加一层api server来控制吧 用户和库表字段关联起来 字段可以过滤 库表应该可以灵活可配 |
|
@Leowuqunqun @wanghaisheng |
|
@TommyLemon 开发者平台之类的要怎么办 文档要手动写了么 |
|
@Leowuqunqun 平台确实要写权限配置的文档,打算做一个自动解析model注解生成文档的工具,反正解析也很简单。 @MethodAccess(
POST = {UNKNOWN, ADMIN} //只允许未登录角色和管理员角色新增User,默认配置是 {LOGIN, ADMIN}
)
public class User {}默认的权限配置在MethodAccess里 /**请求方法权限,只允许某些角色通过对应方法访问
* @author Lemon
*/
@Documented
@Retention(RUNTIME)
@Target(TYPE)
public @interface MethodAccess {
/**@see {@link RequestMethod#GET}
* @return 该请求方法允许的角色 default {UNKNOWN, LOGIN, CONTACT, CIRCLE, OWNER, ADMIN};
*/
RequestRole[] GET() default {UNKNOWN, LOGIN, CONTACT, CIRCLE, OWNER, ADMIN};
/**@see {@link RequestMethod#HEAD}
* @return 该请求方法允许的角色 default {UNKNOWN, LOGIN, CONTACT, CIRCLE, OWNER, ADMIN};
*/
RequestRole[] HEAD() default {UNKNOWN, LOGIN, CONTACT, CIRCLE, OWNER, ADMIN};
/**@see {@link RequestMethod#GETS}
* @return 该请求方法允许的角色 default {LOGIN, CONTACT, CIRCLE, OWNER, ADMIN};
*/
RequestRole[] GETS() default {LOGIN, CONTACT, CIRCLE, OWNER, ADMIN};
/**@see {@link RequestMethod#HEADS}
* @return 该请求方法允许的角色 default {LOGIN, CONTACT, CIRCLE, OWNER, ADMIN};
*/
RequestRole[] HEADS() default {LOGIN, CONTACT, CIRCLE, OWNER, ADMIN};
/**@see {@link RequestMethod#POST}
* @return 该请求方法允许的角色 default {LOGIN, ADMIN};
*/
RequestRole[] POST() default {LOGIN, ADMIN};
/**@see {@link RequestMethod#PUT}
* @return 该请求方法允许的角色 default {OWNER, ADMIN};
*/
RequestRole[] PUT() default {OWNER, ADMIN};
/**@see {@link RequestMethod#DELETE}
* @return 该请求方法允许的角色 default {OWNER, ADMIN};
*/
RequestRole[] DELETE() default {OWNER, ADMIN};
}这是角色属性类RequestRole /**来访的用户角色
* @author Lemon
*/
public enum RequestRole {
/**未登录,不明身份的用户
*/
UNKNOWN,
/**已登录的用户
*/
LOGIN,
/**联系人,必须已登录
*/
CONTACT,
/**圈子成员(CONTACT + OWNER),必须已登录
*/
CIRCLE,
/**拥有者,必须已登录
*/
OWNER,
/**管理员,必须已登录
*/
ADMIN;
}感谢支持^_^ |
|
@Leowuqunqun |
|
|
|
|
|
|
|
|
|
@Leowuqunqun @wanghaisheng APIJSON 3.6.5 已支持直接在数据库 Access 表配置权限,不需要写代码了 |
|
@TommyLemon nice |
1.查询权限的校验怎么进行很好的控制
2.如果开放给第三方的话要怎么办?开发者平台之类的