摘要 |
The invention provides a method for controlling user rights. The method comprises the following steps: a user role is correspondingly acquired from a preset user role mapping relational table; the resource access right of the role is picked up, and the resource access right is defined by a regular expression, recorded in a right definition file, and marked by an exclusive resource code; the resource access request from the user is intercepted, and the resource code of the resource is acquired; by matching the resource code with the resource access right of the role, if matched, the resource is returned to the user; and if not matched, the resource access request from the user is refused. In the inserting mode, the method can be applied to e various system structural frames; moreover, the method also has the advantages of wide application range, flexible definition, and obvious lowering of system development and operation costs. |