Giter VIP home page Giter VIP logo

lbwa / adminize-template Goto Github PK

View Code? Open in Web Editor NEW
3.0 1.0 2.0 7.72 MB

๐Ÿ”‘A fully front-end access control solution building with Vue.js v2.6+

Home Page: https://git.io/fjtP2

JavaScript 56.72% HTML 0.82% Vue 39.42% CSS 3.04%
vuejs vuejs2 admin-dashboard user-access-control vue-router vuex recursive recursive-render admin-template administrator-dashboard access-control vue2-admin frontend dashboard vue vuecli3 vue-cli3 management-system mvvm

adminize-template's Introduction

Adminize template

Circle CI GitHub package.json version Website GitHub last commit (branch) GitHub closed pull requests Greenkeeper badge

Online site

A front-end access control solution building with Vue.js v2.6+

Features

  1. Dynamic aside rendering

    All of console aside menu items is based on current user global routes which is made of public routes and private routes

    • Public routes means their generation will be ignored by access verification process.

    • Private routes means these routes are filtered by current user access.

  2. The implement of mandatory access control and optional access control

    You can set up two typical solutions for access verification.

    • Mandatory access control, current user access should be satisfied all of them, otherwise routes wouldn't be created.

    • Optional access control, private routes will be create when current user access just matched one of them

  3. User access console which is used to distribute access to user.

  4. Dynamic component importer.

    Just edit your own component path based on {PROJECT_ROOT}/src in the {PROJECT_ROOT}/src/router/components directory.

    // It will use `() => import(...)` function to import your component dynamically
export default ['page/someComponent']

    then you can import component like these code:

    import { privateComponents } from 'ROUTER/components'

export default [
  {
    path: '/private',
    component: privateComponents.pageSomeComponent
  }
]

Schema

  • User access schema, you can store it anywhere (eg, local environment or remote database).

    /**
 * @description These access set can be store anywhere you want.
 * You should fetch all current access before you activate
 * private routes generation.
 */
interface UserAccess {
  access: string
  update_time: string
  [extraMeta: string]: any
}

type UserAccessSet = UserAccess[]

    The most important thing is in access field of UserAccess scheme. We will use this field to create current user access map which is used to implement front-end access control and aside menu rendering dynamically.

  • Route schema, inherited from route schema of vue-router

    interface Route extends RouteOfVueRouter {
  meta: {
    title: string
    icon: string
    layout: string
    access?: string[]
    optionalAccess?: string[]
  }
}
    Field description
    title Used to create a title in the aside menu
    icon Used to create a icon for above title
    layout Used to create a layout for route linked with above title
    access Used to determine mandatory access for current route
    optionalAccess Used to determine optional access for current route

Usages

  • Routes-access control

    export default [
  {
    path: '/fist-routes',
    components: firstComponent,
    meta: {
      /**
       * @description This route will be added to global routes map if user
       * accesses include 'device.read' and 'device.write' access.
       */
      access: ['admin.device.read', 'admin.device.write']
    }
  },
  {
    path: '/second-routes',
    components: secondComponent,
    meta: {
      /**
       * @description Current route will be ignored when current user has no 'mange.device.write' access
       */
      access: ['admin.device.read', 'admin.device.write']
    }
  },
  {
    path: '/optional-routes',
    components: optionalComponent,
    meta: {
      /**
       * @description Once one of access was matched, private routes will be created.
       */
      optionalAccess: ['admin.device.read', 'admin.device.write']
    }
  }
  // ... other routes
]
meta field description
access Current user's access list should include all items of access field.
optionalAccess Current user's access list include at least one access of optionalAccess field.

  • Element-access control

    • Single access control

      <!-- Element will be disappeared when user has no 'admin.device.read' access -->
<AnyElement v-access="admin.device.read" />
<AnyElement v-if="$_hasAccess('admin.device.read')" />

    • Optional access control

      <!-- The current user's accesses should include at least one of the target access list. -->
<AnyElement v-access.some="['admin.device.read', 'admin.device.write']" />
<AnyElement v-if="$_hasSomeAccess(['admin.device.read', 'admin.device.write'])" />

    • Mandatory access control

      <!-- The current user's accesses should include all accesses in the target access list. -->
<AnyElement v-access.every="['admin.device.read', 'admin.device.write']" />
<AnyElement v-if="$_hasEveryAccess(['admin.device.read', 'admin.device.write'])" />

As you wish, you can use Vue prototype function $_hasAccess, $_hasSomeAccess, $_hasEveryAccess to verify any user access without limitation.

NOTICE: You should use parent.$_hasAccess to verify user access in the Vue functional component which has a non-functional parent vue component.

Vue v-access directive with modifiers description
v-access Single access verification
v-access.some Optional access verification
v-access.every Mandatory access control
Vue prototype function description
$_hasAccess Single access verification
$_hasSomeAccess Optional access verification
$_hasEveryAccess Mandatory access control

Commands

  • Compiles and hot-reloads for development
yarn run serve
  • Compiles and minifies for production
yarn run build

Other

CHANGELOG is here.

adminize-template's People

Contributors

dependabot[bot] avatar greenkeeper[bot] avatar imgbot[bot] avatar lbwa avatar

Stargazers

avatar avatar avatar

Watchers

avatar

Forkers

pylixm shalevy1

adminize-template's Issues

Multiple login error

Describe the bug
The application will still use the previous user data when the previous user did not log out and the new user login has an error.

To Reproduce
Steps to reproduce the behavior:

  1. login in admin/user account(username: admin or user, password: any words)
  2. input /login into url tab
  3. login in any incorrect accounts
  4. application will occurs a login error, but it'll go to home page.

Expected behavior
The application shouldn't use the previous user data when the previous user did not log out and the new user login has an error.

Screenshots
demo

Desktop (please complete the following information):

  • OS: Windows 10
  • Browser Chrome
  • Version 73.0.3683.86

Additional context
Add any other context about the problem here.

refactor: rebuild accessMap to avoid unnecessary array traverse

Is your feature request related to a problem? Please describe.
The key of access mapping should be an original access name, and value should be an original access object created by backend.

Describe the solution you'd like
An new access mapping should be like:

interface Access {
    name: string
    id: string
}

interface AccessMap {
   [mappingKey: string]: Access
}

Changes:

const accessMap = {
-    'app.device': ['read', 'write']
+    'app.device.read: { /* original access object */ }
+    'app.device.write: { /* original access object */ }
}

Describe alternatives you've considered
We can also store orignal access list to build other types access mapping.

Additional context
We build an access name mapping to aviod unnecessary array traverse.

user has wrong access routes

Describe the bug
user has wrong access routes when previous user has not logout.

To Reproduce
Steps to reproduce the behavior:

  1. log in with 'admin'
  2. go to login page
  3. log in with 'user'
  4. See error: user has admin's routes

Expected behavior
user should has his own correct access routes when previous user has not logout.

Desktop (please complete the following information):

  • OS: Windows 10
  • Browser: chrome
  • Version 73.0.3683.103 stable

Additional context
Dynamic access validation also can resovle this issue when use has no route access

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.