此文章来自也算赌徒的我的关于’基于角色的访问控制’的权限管理的数据库的设计

*/
use [master]
go

– 检查数据库 [RBAC]是否存在,如果存在则删除(只测试用,不然会丢数据.)
– Search from the sysdatabase to see that if the [RBAC] database exist.
– If exists then drop it else create it.

if exists(select * from sysdatabases where name = ‘RBAC’)
   drop database [RBAC]
go

– 创建数据库 [RBAC]
– Create the database named by ‘[RBAC]’.
create database [RBAC]
go

– 使用数据库 [RBAC]
– Use the database of ‘[RBAC]’.
use [RBAC]
go

– 创建 “用户” 数据表 [RBAC_User]
– Create the datatable named by ‘[RBAC_User]’ to save users.
create table [RBAC_User]
(
 –用户编号
 [User_ID] int primary key not null,
 –用户名称
 [User_Name] varchar(20) not null,
 –用户密码
 [User_PassWord] varchar(20) not null,
 –用户状态
 [User_Lock] bit not null
)
go

– 添加测试数据
– Add data for test
insert into [RBAC_User] values(1,‘FightingYang’,‘PassWord’,0);
go
insert into [RBAC_User] values(2,‘Supper3000’,‘Teacher’,0);
go
insert into [RBAC_User] values(3,‘JianzhongLi’,‘Teacher’,1);
go

– 创建 “组” 数据表 [RBAC_Group]
– Create the datatable named by ‘[RBAC_Group]’ to save groups.
create table [RBAC_Group]
(
 –组编号
 [Group_ID] int primary key not null,
 –组名称
 [Group_Name] varchar(20) not null
)
go

– 添加测试数据
– Add data for test
insert into [RBAC_Group] values(1,‘编程爱好者’);
go
insert into [RBAC_Group] values(2,‘MSDN老师’);
go

  

– 创建 “角色” 数据表 [RBAC_Role]
– Create the datatable named by ‘[RBAC_Role]’ to save roles.
create table [RBAC_Role]
(
 –角色编号
 [Role_ID] int primary key not null,
 –角色名称
 [Role_Name] varchar(20) not null
)
go

讯享网

– 添加测试数据
– Add data for test
insert into [RBAC_Role] values(1,‘admin’);
go
insert into [RBAC_Role] values(2,‘user’);
go

 

– 创建 “资源” 数据表 [RBAC_Resource]
– Create the datatable named by ‘[RBAC_Resource]’ to save Resources.
create table [RBAC_Resource]
(
 –资源编号
 [Resource_ID] int primary key not null,
 –资源名称
 [Resource_Name] varchar(20) not null
)
go

– 添加测试数据
– Add data for test
insert into [RBAC_Resource] values(1,‘音频’);
go
insert into [RBAC_Resource] values(2,‘视频’);
go

 

– 创建 “操作” 数据表 [RBAC_Operate]
– Create the datatable named by ‘[RBAC_Operate]’ to save Operates.
create table [RBAC_Operate]
(
 –操作编号
 [Operate_ID] int primary key not null,
 –操作名称
 [Operate_Name] varchar(10) not null
)
go

– 添加测试数据
– Add data for test
insert into [RBAC_Operate] values(1,‘添加’);
go
insert into [RBAC_Operate] values(2,‘读取’);
go
insert into [RBAC_Operate] values(3,‘编写’);
go
insert into [RBAC_Operate] values(4,‘删除’);
go

 

– 创建 “权限” 数据表 [RBAC_Privilege]
– Create the datatable named by [RBAC_Privilege] to save privileges.
create table [RBAC_Privilege]
(
 –权限编号
 [Privilege_ID] int primary key not null,
 –资源编号
 [Resource_ID] int foreign key references RBAC_Resource not null,
 –操作编号
 [Operate_ID] int foreign key references RBAC_Operate not null
)
go

– 第一条权限是对”音频”的”添加”权限
insert into [RBAC_Privilege] values(1,1,1);
go
– 第二条权限是对”音频”的”读取”权限
insert into [RBAC_Privilege] values(2,1,2);
go
– 第三条权限是对”音频”的”编写”权限
insert into [RBAC_Privilege] values(3,1,3);
go
– 第四条权限是对”音频”的”删除”权限
insert into [RBAC_Privilege] values(4,1,4);
go
– 第五条权限是对”视频”的”读取”权限
insert into [RBAC_Privilege] values(5,2,1);
go
– 第六条权限是对”视频”的”读取”权限
insert into [RBAC_Privilege] values(6,2,2);
go
– 第七条权限是对”视频”的”编写”权限
insert into [RBAC_Privilege] values(7,2,3);
go
– 第八条权限是对”视频”的”删除”权限
insert into [RBAC_Privilege] values(8,2,4);
go

 

– 创建 “授权” 数据表 [RBAC_Impower]
– Create the datatable named by [RBAC_Impower] to save Impower.
create table [RBAC_Impower]
(
 –授权编号
 [Impower_ID] int primary key not null,
 –角色编号
 [Role_ID] int foreign key references RBAC_Role not null,
 –权限编号
 [Privilege_ID] int foreign key references RBAC_Privilege not null
)
go

– 第一条授权内容”admin”具有’对”音频”的”添加”权限’
insert into [RBAC_Impower] values(1,1);
go
– 第二条授权内容”admin”具有’对”音频”的”读取”权限’
insert into [RBAC_Impower] values(2,2);
go
– 第三条授权内容”admin”具有’对”音频”的”编写”权限’
insert into [RBAC_Impower] values(3,3);
go
– 第四条授权内容”admin”具有’对”音频”的”删除”权限’
insert into [RBAC_Impower] values(4,4);
go
– 第五条授权内容”admin”具有’对”视频”的”添加”权限’
insert into [RBAC_Impower] values(5,5);
go
– 第六条授权内容”admin”具有’对”视频”的”读取”权限’
insert into [RBAC_Impower] values(6,6);
go
– 第七条授权内容”admin”具有’对”视频”的”编写”权限’
insert into [RBAC_Impower] values(7,7);
go
– 第八条授权内容”admin”具有’对”视频”的”删除”权限’
insert into [RBAC_Impower] values(8,8);
go
– 第九条授权内容”user”具有’对”音频”的”读取”权限’
insert into [RBAC_Impower] values(9,2);
go
– 第十条授权内容”user”具有’对”视频”的”读取”权限’
insert into [RBAC_Impower] values(10,5);
go

 

– 组所具备的角色的数据第一条的内容是”MSDN老师”具有”admin”的角色
insert into [RBAC_GroupRole] values(1,2,1);
go
– 组所具备的角色的数据第二条的内容是”编程爱好者”具有”user”的角色
insert into [RBAC_GroupRole] values(2,1,2);
go

– 创建 “用户组” 数据表 [RBAC_UserGroupRole]
– Create the datatable named by ‘[RBAC_UserGroupRole]’ to save userGroupRoles.
create table [RBAC_UserGroupRole]
(
 –用户组编号
 [UserGroup_ID] int primary key not null,
 –用户编号
 [User_ID] int foreign key references RBAC_User not null,
 –组编号
 [Group_ID] int foreign key references RBAC_Group not null,
 –角色编号
 [Role_ID] int foreign key references RBAC_Role not null
)
go

– 第一条用户组数据是”FightingYang”属于”编程爱好者”组,在组中的角色是”admin”
insert into [RBAC_UserGroup] values(1,1,1,1);
go
– 第二条用户组数据是”Supper3000”属于”MSDN老师”组,在组中的角色是”admin”
insert into [RBAC_UserGroup] values(2,2,2,1);
go
– 第三条用户组数据是”JianzhongLi”属于”MSDN老师”组,在组中的角色是”user”
insert into [RBAC_UserGroup] values(3,3,2,2);
go