非 RBAC 用户角色和权限系统:检查用户所在城市
我们目前正在我们的网络应用程序 (ASP.NET) 中设计一个用户角色和权限系统,并且似乎我们有几个案例 不适合经典的基于角色的访问控制(RBAC)。我将发布几个问题,每个问题专门针对一个特定案例,这是第一篇文章。
我们有以下情况:如果用户居住在特定城市,则不允许用户查看特定页面。这是一个简单的案例,编码方式如下:
if (User.City == “莫斯科”)
// 允许用户查看该页面。
否则
// 不允许用户查看此页面。
虽然这个案例非常简单明了,但它与 RBAC 无关。
在 StackOverflow 上,有人将此称为基于属性的访问控制。
在经典的RBAC下,似乎这个案例应该这样设计:引入一个权限“人居住的城市”,这个权限会有一个属性City。然后创建一个角色,为其添加“City=Moscow”类型的权限,并将角色分配给用户。看起来极其笨重。
问题是在我们的权限系统中引入这种非 RBAC 方法是否可以接受——这是否会破坏设计?
这似乎是一个原始问题,但我们发现大多数应用程序都使用纯 RBAC,并且我们开始认为我们可能做错了什么。
谢谢。
We are currently designing a User Roles and Permissions System in our web application (ASP.NET), and it seems that we have several cases that do no fit within the classical Role-Based Access Control (RBAC). I will post several questions, each devoted to a particular case, this being the first post.
We have the following case: not to allow a user view a certain page if the user lives in a particular city. This is a simple case that is coded in the following way:
if (User.City == “Moscow”)
// Allow the user to view the page.
else
// Do not allow the user to view this page.
Though this case is very simple and straightforward, it has nothing to do with the RBAC.
On StackOverflow, someone called this an Attribute-based Access Control.
Under the classical RBAC, it seems that this case should be designed like this: introduce a permission “City where the person lives”, this permission will have a property City. Then create a role, add a permission of type “City = Moscow” to it and the assign the role to the user. Looks extremely cumbersome.
The question is whether it is acceptable to introduce such non-RBAC approaches to our permissions system – does that break the design or not?
This might seem a primitive question, but we found that most applications use pure RBAC, and we started to think that we might be doing something wrong.
Thank you.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
对于基于属性的访问控制来说,这将是一个很好的例子。但是,如果您不介意查看 PHP 实现,Zend Framework 有一个基于角色的访问控制,它使用断言来解决更多特殊情况:
http://framework.zend.com/manual/en/zend.acl.advanced.html
标准规则允许角色执行对资源的操作。第四个参数允许规则仅在满足某些条件时应用。在伪代码中:
断言是传递给用户的对象。它有一个方法来检查是否满足断言:
这是实现您需要的方法。
This would be a nice case for an atribute based access control. However, if you don't mind looking at a PHP implementation, Zend Framework has a role based access control that uses assertions to solve more special cases:
http://framework.zend.com/manual/en/zend.acl.advanced.html
A standard rule would allow a role to do an action on a resource. A fourth parameter allows the rule only to apply when some condition is met. In pseudocode:
The assertion is an object that is passed the user. It has a method that checks whether the assertion is met:
This is a way of implementing what you need.