CN108600175A - Control method, device and the storage medium of system operatio permission - Google Patents

Control method, device and the storage medium of system operatio permission Download PDF

Info

Publication number
CN108600175A
CN108600175A CN201810257194.1A CN201810257194A CN108600175A CN 108600175 A CN108600175 A CN 108600175A CN 201810257194 A CN201810257194 A CN 201810257194A CN 108600175 A CN108600175 A CN 108600175A
Authority
CN
China
Prior art keywords
user
permission
page
operation button
operating right
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810257194.1A
Other languages
Chinese (zh)
Other versions
CN108600175B (en
Inventor
李海鹏
李映华
周金国
朱文献
汪志成
邓建智
肖嘉豪
王定寰
邹维维
李威
唐俊
李国培
江欣如
罗滟
李玉苗
黄存心
郭利坚
司徒艺
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhuhai Hengqin Youyun Technology Co.,Ltd.
Original Assignee
Shenzhen Shi Lian Song Tower Decoration Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Shi Lian Song Tower Decoration Technology Co Ltd filed Critical Shenzhen Shi Lian Song Tower Decoration Technology Co Ltd
Priority to CN201810257194.1A priority Critical patent/CN108600175B/en
Publication of CN108600175A publication Critical patent/CN108600175A/en
Application granted granted Critical
Publication of CN108600175B publication Critical patent/CN108600175B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2149Restricted operating environment

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a kind of control method of system operatio permission, the control method of the system operatio permission includes:When receiving accessing page request, the corresponding page of the accessing page request is obtained;Obtain the attribute of the operation button in the page;It is updated in operating right code database according to the attribute of the operation button and is encoded accordingly, so that the coding in the operating right code database is matched with operation button in the page.The invention also discloses a kind of control devices and storage medium of system operatio permission.The present invention encodes accordingly because server can be updated according to the attribute of the operation button in the page in operating right code database, to which operating right code database automatically updates when realizing operating right modification, improves user experience.

Description

Control method, device and the storage medium of system operatio permission
Technical field
The present invention relates to the control method of computer control field more particularly to system operatio permission, device and storages to be situated between Matter.
Background technology
System such as web system is mainly used for establishing the contact of user and system resource, and whether user is with access to being Resource of uniting is controlled by system and is realized, wherein the control of system operatio permission is whether control user is authorized to operate that in the system page Operation button.
The page code database and operating right code database by including operation button coding of system operatio permission control Association is realized, at present in system operatio authority control method, operating right code database behaviour generally all by containing system The table B compositions of the Table A of work and the operating right for preserving user role class information, when certain operating rights are modified When, need the Table A in manual modification operating right code database, the consistency of ability operating right code database and page button, drop Low user experience.
The above is only used to facilitate the understanding of the technical scheme, and is not represented and is recognized that the above is existing skill Art.
Invention content
The main purpose of the present invention is to provide a kind of control methods of system operatio permission, it is intended to solve current system behaviour The problem of making to need manual modification operating right code database when operating right is changed in permission control, influence user experience.
To achieve the above object, the present invention provides a kind of control method of system operatio permission, which is characterized in that the system The control method of system operating right includes the following steps:
When receiving accessing page request, the corresponding page of the accessing page request is obtained;
Obtain the attribute of the operation button in the page;
It is updated in operating right code database according to the attribute of the operation button and is encoded accordingly, so that the operating right Coding in code database is matched with operation button in the page.
Preferably, the attribute of the operation button includes the identification information and authority information of the operation button.
Preferably, described when receiving accessing page request, obtain the step of the corresponding page of the accessing page request After rapid, further include:
Obtain the class information of user;
The operating right of the user is obtained according to the class information of the user;
There is the operation button of operating right to carry out on the page the user according to the operating right of the user Display.
Preferably, the user is had the operation button of operating right described by the operating right according to the user The step of being shown on the page include:
Whether it is authorized to operate that institute according to user described in the determined property of the operating right of the user and the operation button State operation button;
When the user is authorized to operate that the operation button, the operation button is shown on the page.
Preferably, described when receiving accessing page request, obtain the step of the corresponding page of the accessing page request Before rapid, further include:
When receiving the logging request of terminal transmission, whether the username and password for including in the logging request is judged Correctly;
When the user name and the correct password, System menu is sent to the terminal, so that the terminal is based on The System menu sends the access request.
Preferably, which is characterized in that it is described when receiving accessing page request, it obtains the accessing page request and corresponds to The page the step of after, further include:
Obtain the data permission configuration information of user;
The data list that the user possesses is obtained according to the data permission configuration information of the user;
The data list is shown on the page.
Preferably, the data permission configuration information according to the user obtains the data list that the user possesses Step includes:
Determine the dimension of the data permission configuration information of the user;
Obtain dimension values of the data permission configuration information of the user in the dimension;
The user is obtained every according to the dimension of the data permission configuration information of the user and the dimension values Possess the data list of permission in a dimension;
The data list that the user is possessed to permission in each dimension takes union, obtains user's ownership The data list of limit.
Preferably, the dimension of the data permission configuration information of the user includes the department information and project letter of the user Breath.
In addition, in order to achieve the above object, the present invention also provides a kind of control device of system operatio permission, the system is grasped The control device for making permission includes:It memory, processor and is stored on the memory and can run on the processor System operatio permission control program, realized when the control program of the system operatio permission is executed by the processor as above The step of control method of the system operatio permission.
In addition, in order to achieve the above object, the present invention also provides a kind of storage medium, system is stored on the storage medium The control program of the control program of operating right, the system operatio permission realizes system as described above when being executed by processor The step of control method of operating right.
Control method, device and the storage medium for the system operatio permission that the embodiment of the present invention proposes, server receive When access request, the attribute of all operation buttons in the corresponding page of the accessing page request is obtained, then according to acquisition To operation button attribute update operating right code database in encode accordingly so that the volume in the operating right code database Code is matched with the operation button in the page, so that operating right code database can automatically more when operation button is changed Newly, user experience is improved.
Description of the drawings
Fig. 1 is the hardware architecture diagram of the control device for the system operatio permission that the embodiment of the present invention is related to;
Fig. 2 is the flow diagram of the control method first embodiment of present system operating right;
Fig. 3 is the flow diagram of the control method second embodiment of present system operating right;
Fig. 4 is the refinement flow diagram of step S60 in Fig. 3;
Fig. 5 is the flow diagram of the control method 3rd embodiment of present system operating right;
Fig. 6 is the flow diagram of the control method fourth embodiment of present system operating right;
Fig. 7 is the refinement flow diagram of step S100 in Fig. 6.
The embodiments will be further described with reference to the accompanying drawings for the realization, the function and the advantages of the object of the present invention.
Specific implementation mode
It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not intended to limit the present invention.
The primary solutions of the embodiment of the present invention are:The present embodiment receives access and asks according to said program, server When asking, the attribute of all operation buttons in the corresponding page of the accessing page request is obtained, then according to the behaviour got Make to encode accordingly in the attribute update operating right code database of button, so that the coding in the operating right code database and institute The operation button matching in the page is stated, so that operating right code database can automatically update when operation button is changed.
Due in the prior art, needing the coding in manual modification operating right code database when operating right is changed, drop Low user experience.
The present invention provides a solution so that and operating right code database can automatically update when operation button is changed, Improve user experience.
As shown in Figure 1, the terminal structure schematic diagram for the hardware running environment that Fig. 1, which is the embodiment of the present invention, to be related to.
As shown in Figure 1, the terminal may include:Processor 1001, such as CPU, network interface 1004, user interface 1003, memory 1005, communication bus 1002.Wherein, communication bus 1002 is for realizing the connection communication between these components. User interface 1003 may include display screen (Display), input unit such as keyboard (Keyboard), optional user interface 1003 can also include standard wireline interface and wireless interface.Network interface 1004 may include optionally that the wired of standard connects Mouth, wireless interface (such as WI-FI interfaces).Memory 1005 can be high-speed RAM memory, can also be stable memory (non-volatile memory), such as magnetic disk storage.Memory 1005 optionally can also be independently of aforementioned processor 1001 storage device.
It will be understood by those skilled in the art that the restriction of the not structure paired terminal of terminal structure shown in Fig. 1, can wrap It includes than illustrating more or fewer components, either combines certain components or different components arrangement.
As shown in Figure 1, as may include that operating system, network are logical in a kind of memory 1005 of computer storage media Believe module, the control program of Subscriber Interface Module SIM and system operatio permission.
In terminal shown in Fig. 1, network interface 1004 is mainly used for connecting background server, is carried out with background server Data communicate;User interface 1003 is mainly used for connecting client (user terminal), with client into row data communication;And processor 1001 can be used for calling the control program of the system operatio permission stored in memory 1005, and execute following operation:
When receiving accessing page request, the corresponding page of the accessing page request is obtained;
Obtain the attribute of the operation button in the page;
It is updated in operating right code database according to the attribute of the operation button and is encoded accordingly, so that the operating right Coding in code database is matched with the operation button in the page.
Further, processor 1001 can call the control program of the system operatio permission stored in memory 1005, Also execute following operation:
The attribute of the operation button includes the identification information and authority information of the operation button.
Further, processor 1001 can call the control program of the system operatio permission stored in memory 1005, Also execute following operation:
Obtain the class information of user;
The operating right of the user is obtained according to the class information of the user;
There is the operation button of operating right to carry out on the page the user according to the operating right of the user Display.
Further, processor 1001 can call the control program of the system operatio permission stored in memory 1005, Also execute following operation:
Whether it is authorized to operate that institute according to user described in the determined property of the operating right of the user and the operation button State operation button;
When the user is authorized to operate that the operation button, the operation button is shown on the page.
Further, processor 1001 can call the control program of the system operatio permission stored in memory 1005, Also execute following operation:
When receiving the logging request of terminal transmission, whether the username and password for including in the logging request is judged Correctly;
When the user name and the correct password, System menu is sent to the terminal, so that the terminal is based on The System menu sends the access request.
Further, processor 1001 can call the control program of the system operatio permission stored in memory 1005, Also execute following operation:
Obtain the data permission configuration information of user;
The data list that the user possesses is obtained according to the data permission configuration information of the user;
The data list is shown on the page.
Further, processor 1001 can call the control program of the system operatio permission stored in memory 1005, Also execute following operation:
Determine the dimension of the data permission configuration information of the user;
Obtain dimension values of the data permission configuration information of the user in the dimension;
The user is obtained every according to the dimension of the data permission configuration information of the user and the dimension values Possess the data list of permission in a dimension;
The data list that the user is possessed to permission in each dimension takes union, obtains user's ownership The data list of limit.
Further, processor 1001 can call the control program of the system operatio permission stored in memory 1005, Also execute following operation:
The dimension of the data permission configuration information of the user includes the department information and project information of the user.
The present invention is according to said program, and when server receives access request, it is corresponding to obtain the accessing page request The attribute of all operation buttons in the page, then according in the attribute of the operation button got update operating right code database Corresponding coding, so that the coding in the operating right code database is matched with the operation button in the page, so that Operating right code database can automatically update when operation button is changed, and improve user experience.
Based on above-mentioned hardware architecture, the embodiment of the control method of present system operating right is proposed.
It is the flow diagram of the control method first embodiment of present system operating right with reference to Fig. 2, Fig. 2, it is described The control method of system operatio permission includes:
Step S10 obtains the corresponding page of the accessing page request when receiving accessing page request;
The control method of present system operating right is mainly used for the control of system, such as can be used for the control of web system System.The operating right of system refers to the operating right of all visible operation buttons, when user needs to operate in system, Logging in system by user is clicked and needs the link of the page accessed in System menu, and server receives after access request according to institute The page that access request determines user's request is stated, control system program is automatically into the corresponding page of the access request.
Step S20 obtains the attribute of the operation button in the page;
After server determines the page of user's request, obtains user and ask all operation buttons in the page accessed The attribute of attribute, the operation button includes the identification information and authority information of the operation button, wherein the identification information For namely operation button identification code, for button to be identified as to the operation button for being associated with operating right, i.e., when button has When identification information, show that the button is operation button;The permission code of the authority information namely operation button includes the operation The information of button corresponding operation and the user for having operating right is compared for the operating right with user to judge to be used for Whether it is authorized to operate that this button, the authority information of operation button are additionally operable to the mutual area that all operation buttons in the same page need Point, thus in the page all operation buttons authority information it is different.
For example, in the present invention, the identification information of operation button is the mark class attributes of operation button in the page, Class attributes are set as role_operate_clz, and for the button to be identified as operation button, the even class of button belongs to Property in include role_operate_clz, then it represents that the button be operation button;Authority information is then the opcode of operation button Attribute is the unique mark of the operation button, for distinguishing other buttons in the page, therefore the opcode attributes of operation button Code cannot be repeated in current page.
When receiving accessing page request, after getting the corresponding page of access request, identifies the operation button of the page, obtain The class attributes and mark opcode attributes of extract operation button.Specifically, in the page all operation buttons attribute (class attributes and mark opcode attributes) can obtain in accordance with the following methods:When page code database receives the access of user When request, a js methods request is automatically generated, which includes all of the asked accession page of user<a> The operation button of label tape permission code, i.e., will make operating right<a>Label includes that class attributes and mark opcode belong to Property, wherein class attributes are role_operate_clz, and the code of operation button cannot be repeated in current page, by the page Interior all operation buttons are mutually distinguished.Band class values are included role_operate_clz's by js methods request<a>Label The request of permission code to program backstage so that program backstage gets the class attributes and mark of all operation buttons of the page Opcode attributes.
Step S30 is updated in operating right code database according to the attribute of the operation button and is encoded accordingly, so that described Coding in operating right code database is matched with the operation button in the page;
In system operatio authority control method provided by the invention, when operating right button needs to modify, safeguard Personnel need to only change the coding of the operation button in the page, that is, change the authority information in the attribute of operation button.Work as server Get the attribute of above-mentioned page operation button, the attribute of the operation button got in operating right code database with institute The corresponding operation coding of operation button is stated to be compared one by one, if there are different parts, the volume of operation button in instruction page Code is modified, then is updated the coding operated in code database according to the attribute for obtaining page operation button, so that behaviour The coding for making code database is consistent with page operation button encoder, to realize that is encoded in operating right code database automatically updates.
For example, each operation button in the page is each equipped with class attributes and mark opcode attributes, all operations are pressed The class attributes of button include role_operate_clz, and the code of the opcode attributes of operation button is each in the same page It differs.When operation button needs modification, maintenance personnel only needs the opcode attributes of manual modification operation button.Program backstage After receiving the js methods request that the page is sent, according to all operation buttons of the page for including in js methods request Class attributes be role_operate_clz and mark opcode attributes, by the opcode attributes of the operation button got with Operation coding corresponding with the operation button is compared one by one in operating right code database, when the two difference, will be operated It encodes in rights token library and is updated according to the coded data of the opcode attributes of the operation button accordingly, to realize Coding in operating right code database automatically updates.
The present embodiment is according to said program, when server gets the access request of user, obtains user and asks access Then the attribute of all operation buttons in the page updates the volume in operating right code database according to the attribute of the operation button Code improves user experience so that operating right code database can automatically update when operation button is changed.
Further, with reference to Fig. 3, Fig. 3 is that the flow of the second embodiment of present system operating right control method is shown It is intended to, is based on first embodiment, the access request for obtaining user determines user's request according to the access request After the step of page, further include:
Step S40 obtains the class information of user;
Step S50 obtains the operating right of the user according to the class information of the user;
The user is had the operation button of operating right in the page by step S60 according to the operating right of the user It is shown on face.
In the present invention, the operating right of user and the class information of user are corresponding, i.e., according to the class information of user To judge whether user has the operating right of some operation button.When user needs to operate in system, Yong Hudeng Recording system is clicked and needs the link of the page accessed in System menu, and server receives the account that login is obtained after access request The class information for the user for including in family is looked into then according to the class information of the user got from operating right code database The operating right of user is found out, then according to the operating right of the user, user is asked to have operating right in the page accessed Operation button shown, operated for user.It is to be appreciated that obtaining user's operation permission and will have operating right Button the page show and first embodiment in realize can be without first between the automatically updating of operating right code database Sequence afterwards, i.e. without sequencing between step S20 and step S40.Preferably, step S40 is first carried out after step S30 Operating right code database automatically updates, then obtains user's operation permission and show the button for having operating right in the page.
In current system operatio rights management, after getting the operating right of user, need for every in the page A method program is separately provided to judge whether the user is authorized to operate that this button in one operation button, very cumbersome.Cause This, it is preferable that is in technical solution provided in this embodiment, after the operating right for getting the user, by will be described The code and permission code of operating right and the operation button in user requests webpage carry out recycle ratio pair, to obtain user's request The operation button that page right of possession accesses, and shown and operated for user, specifically, Fig. 4 is please referred to, i.e., the described step S60 includes:
The operating right of the user is compared with the attribute of the operation button, judges the user by step S61 Whether the operation button is authorized to operate that;
Step S62 shows the operation button when the user is authorized to operate that the operation button on the page Show.
In technical solution provided by the invention, each operation button is each equipped with identification information in the page, it is only necessary to will lead to The operating right for crossing the user that will be got is compared with the permission code of the operation button, you can judges user to the operation Whether button has operating right, without configuring an operation table for each page.Specifically, each permission in the page Operation button is each equipped with class attributes and mark opcode attributes, and wherein class is role_operate_clz, and operation is pressed The code of button cannot be repeated in current page, and all operation buttons in the page are mutually distinguished.It is obtained when according to the information of user After getting the operating right of user, the operation button in the page is identified by a js methods, obtains the attribute of operation button, and will The user's operation permission and the attribute of the operation button got compares, if the user is authorized to operate that the button, The operation button is shown on the page, if family haves no right to operate the button, by the button in the page It is upper to hide, so complete the comparison of all buttons of the page, by user the page have all operation buttons of operating right into Row display, to realize the configuration of user's operation permission.
In the present embodiment, the class information of user is obtained, the behaviour of the user is then obtained according to the class information of user Make permission, and the operation button for having operating right is shown on the page, to realize the configuration of user's operation permission.
It is the flow diagram that present system operating right control method third is implemented with reference to Fig. 5, Fig. 5, is based on first And second embodiment, the access request for obtaining user determine the page of user's request according to the access request Before step, further include:
Step S70, when receive terminal transmission logging request when, judge the user name for including in the logging request and Whether password is correct;
Step S80 sends System menu, for described when the user name and the correct password to the terminal Terminal is based on the System menu and sends the access request.
When user needs access system, it is necessary first to which the identity information for verifying user needs user in system login at this time The page inputs username and password and is logged in respectively, after server obtains username and password input by user, by its with it is pre- The username and password deposited is compared, when at least one of described username and password input by user and the use to prestore When name in an account book and inconsistent password, judges the user name input by user or/and password bad, then prompt user to be inputted User name or password mistake, need to re-enter username and password.
When the username and password input by user is consistent with the username and password to prestore, the use is judged The username and password of family input is correct, and user logins successfully, and server sends System menu to terminal, and terminal display interface is jumped System menu is gone to, user, which clicks System menu, can ask accession page.
In the present embodiment, when user needs access system, first determine whether username and password input by user whether just Really, the access request that user is just obtained when username and password input by user is correct, ensure that the safety of system.
It is the flow diagram that present system operating right control method the 4th is implemented with reference to Fig. 6, Fig. 6, is based on first To 3rd embodiment, it is described obtain user access request, according to the access request determine user request the page the step of Later, further include:
Step S90 obtains the data permission configuration information of user;
Step S100 obtains the data list that the user possesses according to the data permission configuration information of the user;
Step S110 shows the data list on the page.
The permission of system further includes data permission other than operating right, and the operating right controls user to the page In operation button whether be authorized to operate that the data permission controls user to which data Internet access in the page.
Work as logging in system by user, after the username and password verification inputted is correct, system jumps to operation interface, clicks The link of the page accessed is needed in System menu, described in server is received after access request and to be determined according to the access request The page of user's request, control system program press the operating right of user automatically into the corresponding page of the access request While configuration according to the method in embodiment 1 to 3, also need to configure the data permission of user, it is complete to realize System permission control.After system program is asked automatically into the visit page asks the corresponding page, server acquisition is stepped on Then the data permission configuration information for the user for including in the account of record is weighed according to the data permission configuration information of user from data The data list that user possesses is obtained in limit library, and it is shown on the page, so that when user to access pages both Show user have permission to access operation button, and show user's Internet access data, while realize system operatio permission and The control of data permission.It is understood that realizing operating right database update, operating right configuration and data permission control The step of have no sequencing, i.e. without sequencing between step S20, step S40 and step S90 three.
In the present invention, in order to realize the various dimensions control of data permission, various dimensions can be carried out to the data permission of user and matched It sets, when obtaining when the data permission configuration information of user, obtains the dimension of the data permission configuration information of user, further obtain Take the data list that family possesses permission in the dimension.Specifically, include with reference to Fig. 7, i.e., the described step S100:
Step S101 determines the dimension of the data permission configuration information of the user;
Step S102 obtains dimension values of the data permission configuration information of the user in the dimension;
Step S103, according to the dimension of the data permission configuration information of the user and dimension values acquisition User possesses the data list of permission in each dimension;
Step S104, the data list that the user is possessed to permission in each dimension take union, obtain described User possesses the data list of permission.
In current system data permission control, authority configuration, i.e. user are usually carried out according to user department After login, system obtains the department information of this user, and the data of other departments are filtered according to its department information, only shows user The data of department reach data permission control effect.Data permission control method single effect so, can only be from department This dimension is controlled.In order to be configured from multiple dimensions to the operating right of user, in the present invention, user Data permission configuration information can to have multiple dimensions, the data permission configuration information of the dimension be the attribute of user, often A dimension all corresponds to respective permission group, it is to be understood that the dimension of data permission configuration information can according to actual needs into Row setting, is not particularly limited herein.For instance, it is preferred that the data permission configuration information of user may include the department of user Two dimensions of information and project information.Further, the data permission configuration information of each dimension can include different dimension Angle value, the dimension values can voluntarily be arranged according to actual conditions, are not particularly limited herein.For example, department information may include Hardware department, software division, administrative department etc., project information may include that project one, project two, project are third, it is to be understood that It is that the type of project can be voluntarily arranged according to actual needs in the type and project information of department in department information, This is not particularly limited.The different dimensional angle value of the data permission configuration information of each dimension of user corresponds to respective authority set, I.e. different departments have respective data permission collection, different projects also to have respective data permission collection.
When getting the access request of user, the dimension of the data permission configuration information of user is judged, then obtain and use Dimension values of the family in each dimension obtain user in each dimension further according to the dimension values of dimension and user in the dimension Data permission collection of the user got in each dimension is taken union to be gathered around to get to user by the data permission collection possessed Some data permission collection, the data permission collection possessed according to user can be obtained the data list of user's Internet access.
For example, when getting the access request of user, server judges to obtain active user in portion according to user information Possess data permission in door and two dimensions of project, then obtains department's list that active user possesses permission, each department is equal It is associated with addressable data, you can the department's list association possessed according to user inquires data list, obtains user in portion The data list (namely division data authority set) possessed in door dimension;The project row that active user possesses permission are obtained simultaneously Table, each project are associated with addressable data, you can and the bulleted list correlation inquiry possessed according to user goes out data list, Obtain the data list (namely project data authority set) that user possesses in project dimension;User is possessed in department's dimension Data list and project dimension on the data list that possesses merge/take union (i.e. by the division data authority set and item of user Mesh number takes union according to authority set) the data permission list (i.e. the data permission collection of user) that user possesses is obtained, by the user Terminal where the data permission list possessed is transmitted to user is shown on the page, to realize department and the project from user The data permission of user is controlled in two dimensions.
Technical solution provided by the embodiment gets user and asks the page accessed in the access request for getting user When, the data permission configuration information of user is obtained, the Internet access of user is got according to the data permission configuration information of user Data list, and shown on the page, so as to realize the data permission control of system.
In addition, the embodiment of the present invention also proposes a kind of storage medium, system operatio permission is stored on the storage medium Control program, the control program of the system operatio permission realized when being executed by processor the system described in embodiment as above grasp The step of making the control method of permission.
It should be noted that herein, the terms "include", "comprise" or its any other variant are intended to non-row His property includes, so that process, method, article or system including a series of elements include not only those elements, and And further include other elements that are not explicitly listed, or further include for this process, method, article or system institute it is intrinsic Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including this There is also other identical elements in the process of element, method, article or system.
The embodiments of the present invention are for illustration only, can not represent the quality of embodiment.
Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side Method can add the mode of required general hardware platform to realize by software, naturally it is also possible to by hardware, but in many cases The former is more preferably embodiment.Based on this understanding, technical scheme of the present invention substantially in other words does the prior art Going out the part of contribution can be expressed in the form of software products, which is stored in one as described above In storage medium (such as ROM/RAM, magnetic disc, CD), including some instructions use so that a station terminal equipment (can be mobile phone, Computer, server, air conditioner or network equipment etc.) execute method described in each embodiment of the present invention.
It these are only the preferred embodiment of the present invention, be not intended to limit the scope of the invention, it is every to utilize this hair Equivalent structure or equivalent flow shift made by bright specification and accompanying drawing content is applied directly or indirectly in other relevant skills Art field, is included within the scope of the present invention.

Claims (10)

1. a kind of control method of system operatio permission, which is characterized in that the control method of the system operatio permission include with Lower step:
When receiving accessing page request, the corresponding page of the accessing page request is obtained;
Obtain the attribute of the operation button in the page;
It is updated in operating right code database according to the attribute of the operation button and is encoded accordingly, so that the operating right encodes Coding in library is matched with the operation button in the page.
2. the control method of the system as claimed in claim 1 operating right, which is characterized in that the attribute packet of the operation button Include the identification information and authority information of the operation button.
3. the control method of the system as claimed in claim 1 operating right, which is characterized in that described to receive page access When request, after the step of obtaining the accessing page request corresponding page, further include:
Obtain the class information of user;
The operating right of the user is obtained according to the class information of the user;
There is the operation button of operating right to show on the page the user according to the operating right of the user.
4. the control method of system operatio permission as claimed in claim 3, which is characterized in that the behaviour according to the user Making permission has the step of operation button of operating right is shown on the page to include the user:
Whether it is authorized to operate that the behaviour according to user described in the determined property of the operating right of the user and the operation button Make button;
When the user is authorized to operate that the operation button, the operation button is shown on the page.
5. the control method of the system as claimed in claim 1 operating right, which is characterized in that described to receive page access When request, before the step of obtaining the accessing page request corresponding page, further include:
When receiving the logging request of terminal transmission, judge the username and password for including in the logging request whether just Really;
When the user name and the correct password, System menu is sent to the terminal, so that the terminal is based on described System menu sends the access request.
6. the control method of system operatio permission as described in any one in claim 1-5, which is characterized in that described to receive When accessing page request, after the step of obtaining the accessing page request corresponding page, further include:
Obtain the data permission configuration information of user;
The data list that the user possesses permission is obtained according to the data permission configuration information of the user;
The data list is shown on the page.
7. the control method of system operatio permission as claimed in claim 6, which is characterized in that the number according to the user The step of obtaining the data list that the user possesses according to privileges configuration information include:
Determine the dimension of the data permission configuration information of the user;
Obtain dimension values of the data permission configuration information of the user in the dimension;
The user is obtained in each dimension according to the dimension of the data permission configuration information of the user and the dimension values Possess the data list of permission on degree;
The data list that the user is possessed to permission in each dimension takes union, obtains the user and possesses permission Data list.
8. the control method of system operatio permission as claimed in claim 7, which is characterized in that the data permission of the user is matched The dimension of confidence breath includes the department information and project information of the user.
9. a kind of control device of system operatio permission, which is characterized in that the control device of the system operatio permission includes:It deposits Reservoir, processor and the control journey for being stored in the system operatio permission that can be run on the memory and on the processor It is realized as described in any one of claim 1 to 8 when the control program of sequence, the system operatio permission is executed by the processor System operatio permission control method the step of.
10. a kind of storage medium, which is characterized in that be stored with the control program of system operatio permission, institute on the storage medium It states and realizes that system described in any item of the claim 1 to 8 such as is grasped when the control program of system operatio permission is executed by processor The step of making the control method of permission.
CN201810257194.1A 2018-03-27 2018-03-27 Control method, device and the storage medium of system operatio permission Active CN108600175B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810257194.1A CN108600175B (en) 2018-03-27 2018-03-27 Control method, device and the storage medium of system operatio permission

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810257194.1A CN108600175B (en) 2018-03-27 2018-03-27 Control method, device and the storage medium of system operatio permission

Publications (2)

Publication Number Publication Date
CN108600175A true CN108600175A (en) 2018-09-28
CN108600175B CN108600175B (en) 2019-09-06

Family

ID=63623757

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810257194.1A Active CN108600175B (en) 2018-03-27 2018-03-27 Control method, device and the storage medium of system operatio permission

Country Status (1)

Country Link
CN (1) CN108600175B (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109471627A (en) * 2018-10-22 2019-03-15 大唐网络有限公司 Page presentation control method, system and device
CN110110509A (en) * 2019-04-12 2019-08-09 深圳壹账通智能科技有限公司 Right management method and Related product
CN110119488A (en) * 2019-04-12 2019-08-13 平安普惠企业管理有限公司 The control method and device that the page is shown
CN110457612A (en) * 2019-10-14 2019-11-15 江苏金恒信息科技股份有限公司 A kind of terminal page access method and system
CN110968230A (en) * 2019-12-05 2020-04-07 上海风秩科技有限公司 Display method, display device and readable storage medium of control
CN111563215A (en) * 2020-07-16 2020-08-21 平安国际智慧城市科技股份有限公司 Method and device for controlling front-end operation authority and related equipment
CN112182639A (en) * 2020-08-20 2021-01-05 长沙市到家悠享网络科技有限公司 User login method, system and equipment, and storage medium
CN112764605A (en) * 2020-12-31 2021-05-07 航天精一(广东)信息科技有限公司 Dynamic response method and system for page button
CN116628654A (en) * 2023-07-26 2023-08-22 之江实验室 Front-end page authority control method, device, equipment and storage medium

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103020498A (en) * 2012-11-19 2013-04-03 广东亚仿科技股份有限公司 Intelligent dynamic access control method and system
CN103324470A (en) * 2012-03-21 2013-09-25 阿里巴巴集团控股有限公司 Web system generation method and device
CN103747015A (en) * 2014-01-26 2014-04-23 中国科学技术大学苏州研究院 Web-based ubiquitous resource authentication control method
US20140195926A1 (en) * 2013-01-08 2014-07-10 Emo2 Inc. Systems and methods for enabling access to one or more applications on a device
CN105404826A (en) * 2015-12-22 2016-03-16 宋连兴 Authority management method for dynamically generated business object
CN105978928A (en) * 2016-04-14 2016-09-28 平安科技(深圳)有限公司 Information content update management method and device
WO2017107725A1 (en) * 2015-12-25 2017-06-29 上海逗屋网络科技有限公司 Method and device for controlling operation interface
CN107292143A (en) * 2017-06-08 2017-10-24 安徽大智睿科技技术有限公司 The System right management method and system that a kind of operating right is combined with data permission

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103324470A (en) * 2012-03-21 2013-09-25 阿里巴巴集团控股有限公司 Web system generation method and device
CN103020498A (en) * 2012-11-19 2013-04-03 广东亚仿科技股份有限公司 Intelligent dynamic access control method and system
US20140195926A1 (en) * 2013-01-08 2014-07-10 Emo2 Inc. Systems and methods for enabling access to one or more applications on a device
CN103747015A (en) * 2014-01-26 2014-04-23 中国科学技术大学苏州研究院 Web-based ubiquitous resource authentication control method
CN105404826A (en) * 2015-12-22 2016-03-16 宋连兴 Authority management method for dynamically generated business object
WO2017107725A1 (en) * 2015-12-25 2017-06-29 上海逗屋网络科技有限公司 Method and device for controlling operation interface
CN105978928A (en) * 2016-04-14 2016-09-28 平安科技(深圳)有限公司 Information content update management method and device
CN107292143A (en) * 2017-06-08 2017-10-24 安徽大智睿科技技术有限公司 The System right management method and system that a kind of operating right is combined with data permission

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109471627A (en) * 2018-10-22 2019-03-15 大唐网络有限公司 Page presentation control method, system and device
CN110110509A (en) * 2019-04-12 2019-08-09 深圳壹账通智能科技有限公司 Right management method and Related product
CN110119488A (en) * 2019-04-12 2019-08-13 平安普惠企业管理有限公司 The control method and device that the page is shown
WO2020207024A1 (en) * 2019-04-12 2020-10-15 深圳壹账通智能科技有限公司 Authority management method and related product
CN110457612A (en) * 2019-10-14 2019-11-15 江苏金恒信息科技股份有限公司 A kind of terminal page access method and system
CN110968230A (en) * 2019-12-05 2020-04-07 上海风秩科技有限公司 Display method, display device and readable storage medium of control
CN110968230B (en) * 2019-12-05 2021-09-10 上海风秩科技有限公司 Display method, display device and readable storage medium of control
CN111563215A (en) * 2020-07-16 2020-08-21 平安国际智慧城市科技股份有限公司 Method and device for controlling front-end operation authority and related equipment
CN112182639A (en) * 2020-08-20 2021-01-05 长沙市到家悠享网络科技有限公司 User login method, system and equipment, and storage medium
CN112764605A (en) * 2020-12-31 2021-05-07 航天精一(广东)信息科技有限公司 Dynamic response method and system for page button
CN116628654A (en) * 2023-07-26 2023-08-22 之江实验室 Front-end page authority control method, device, equipment and storage medium
CN116628654B (en) * 2023-07-26 2023-11-07 之江实验室 Front-end page authority control method, device, equipment and storage medium

Also Published As

Publication number Publication date
CN108600175B (en) 2019-09-06

Similar Documents

Publication Publication Date Title
CN108600175B (en) Control method, device and the storage medium of system operatio permission
US11588855B2 (en) Policy approval layer
CN107623714B (en) Data sharing method, device and computer readable storage medium
KR101590076B1 (en) Method for managing personal information
CN107104984B (en) Unified policy across heterogeneous device types
US8959234B2 (en) Method and system for providing online services corresponding to multiple mobile devices, server, mobile device, and computer program product
US11924247B1 (en) Access control policy simulation and testing
EP2706700A1 (en) Computer account management system and implementation method thereof
US20100169219A1 (en) Pluggable health-related data user experience
US8667578B2 (en) Web management authorization and delegation framework
CN106778303A (en) Delegated strategy optimization method and delegated strategy optimization device
EP3889971A1 (en) Online diagnosis platform, permission management method and permission management system for online diagnosis platform
CN109889517A (en) Data processing method, permissions data collection creation method, device and electronic equipment
US10601839B1 (en) Security management application providing proxy for administrative privileges
CN106341234A (en) Authorization method and device
US10225152B1 (en) Access control policy evaluation and remediation
CN107689949A (en) Data base authority management method and system
JP2024060071A (en) Method and program for controlling device management apparatus
CN109241119A (en) Trans-departmental data sharing method and system
CN104753854A (en) Method for setting uniform Web interface for various authentication/authorization servers
CN116827604B (en) Application login control method, system, terminal and storage medium
CN112600744A (en) Authority control method and device, storage medium and electronic device
CN108307678A (en) Method and system for permitting or disapproving connection request
CN110348184B (en) Industrial cloud-based permission resource configuration method, system and storage medium
KR102026018B1 (en) Automatic Authentication Method based on Dynamic Context for Transparent Access for Medical Information

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right

Effective date of registration: 20190719

Address after: 518100 Huafuyang Building, No. 1 Kewen Road, Yuehai Street, Nanshan District, Shenzhen City, Guangdong Province, 305

Applicant after: Shenzhen Shilian Construction Technology Co., Ltd.

Address before: Room 101, Floor 1, Huafuyang Building, No. 1 Kewen Road, Yuehai Street, Nanshan District, Shenzhen City, Guangdong Province

Applicant before: Shenzhen Shi Lian song tower Decoration Technology Co., Ltd.

TA01 Transfer of patent application right
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20210621

Address after: 2510, 3018 Huandao East Road, Hengqin New District, Zhuhai City, Guangdong Province, 519000

Patentee after: Zhuhai Hengqin Youyun Technology Co.,Ltd.

Address before: 518100 Room 305, 3 / F, huafuyang building, 1 Keke Road, Yuehai street, Nanshan District, Shenzhen City, Guangdong Province

Patentee before: Shenzhen Shilian Construction Technology Co.,Ltd.

TR01 Transfer of patent right