CN112231658A - VUE-based ERP dynamic authority control method - Google Patents
VUE-based ERP dynamic authority control method Download PDFInfo
- Publication number
- CN112231658A CN112231658A CN202011007440.1A CN202011007440A CN112231658A CN 112231658 A CN112231658 A CN 112231658A CN 202011007440 A CN202011007440 A CN 202011007440A CN 112231658 A CN112231658 A CN 112231658A
- Authority
- CN
- China
- Prior art keywords
- user
- route
- routing
- vue
- control method
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45504—Abstract machines for programme code execution, e.g. Java virtual machine [JVM], interpreters, emulators
- G06F9/45529—Embedded in an application, e.g. JavaScript in a Web browser
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention relates to the technical field of dynamic permissions, and particularly discloses a VUE-based ERP dynamic permission control method, which comprises the following steps: step 1: carrying out route interception setting in permissions. js files by using attribute parameters in a router. before Each method; step 2: acquiring routing data stored in a database by using a getMenulist method in an API (application program interface); and step 3: and performing authority filtering on the routing table by utilizing filterAsyncRoutes and HasPermission functions. The invention is scientific and reasonable, is safe and convenient to use, intercepts each routing jump by utilizing router.
Description
Technical Field
The invention relates to the technical field of dynamic permissions, in particular to a VUE-based ERP dynamic permission control method.
Background
With the development of internet technology, the structure of information resources accessible to various users tends to be complicated, the scale of information also increases gradually, and system contents caused by any illegal user entering or unauthorized operation are damaged, so that a very serious result is brought to the whole information system, and the security of information is ensured to become a very prominent problem;
the dynamic permissions are more and more popular in software, in short, different users have different functional interfaces and different service permissions, and from the development perspective, the description is that different users have different roles, and different roles are bound with different functional modules and have different operation permissions. The following methods are used for controlling the operation authority of the software system user:
1. the role of the database system is utilized to carry out access authority, different users access database resources through different roles, but the authority control object of the scheme only aims at data, and the database server is heavy in burden;
2. the authority management is realized through an integrated security mechanism provided by a web server or an application program server, the development workload is small, and the method is only suitable for places with stable groups;
3. the special authority authentication server authority management mode is used, so that various users can be managed in a centralized manner and need to be arranged in a unified manner, but the functions of specific application are difficult to be refined;
from the perspective, a set of multi-user, multi-role and multi-authority flexible binding program can be established. The traditional dynamic route is generated by depending on a server side, when a user logs in, the server side acquires the role of the user, searches a database for corresponding user permission information according to the role of the user, and finally returns the permission of the generated user to a front-end page, so that the time consumption is increased, and the performance loss is further increased in the process of high-frequency generation along with the gradual increase of the user;
with the maturity of VUE framework technology, industry mainstream generally uses VUE to generate front-end authority, but most software still needs to generate authority information at the back end, and cannot completely generate dynamic routing at the front end, so people need an ERP dynamic authority control method based on VUE.
Disclosure of Invention
The invention aims to provide a VUE-based ERP dynamic authority control method to solve the problems in the background technology.
In order to solve the technical problems, the invention provides the following technical scheme: an ERP dynamic authority control method based on VUE comprises the following steps:
s1: js file judges whether the current login routing object of the user, the user need path jump or not and whether the user needs route interception or not;
s2: acquiring routing data stored in a database by using a getMenulist method in an API (application program interface), acquiring and judging the length of a stored role array by using VUEX (virtual extensible markup language), and calling convertTree and performing recursive processing on returned routing menu data after a user acquires a role;
s3: and circularly judging each route in the routing table through a hash function by using a filterAsyncRoutes function, judging whether the current user permission is matched with the hash function through metal.
Preferably, in step S1, the determining the user route hop by using the to, from, and next parameters of the router.
To is the route To which the user is going To go and intercepts the route, from is the route object from which the current navigation is going To leave, and next is the route skipping;
judging whether the user can jump or not according to the jumping route and the user attribute of the user, judging whether the user jumping path is successful or not according to a route table, when the jumping route of the user is a landing page, directly jumping to a system home page if the user logs in at a first level, otherwise entering the landing page, if the user jumps not to the landing page, judging whether the jumping path and the user role exist or not according to the information in the route table, if so, generating a system interface, jumping successfully, otherwise, generating a menu according to the information, and jumping unsuccessfully.
In step S2, it is determined whether the user owns the role by determining whether the length of the role array is greater than 0, and when it is recognized that the length of the stored role array is greater than 0, it indicates that the user easily acquires the role, otherwise, the user does not acquire the role.
In step S3, determining, by using a hash function, whether the user rights are matched with the metal.
And successfully matching the authority, namely using a haspermission function to correspondingly match the authority array in the route with the role of the user and judging and matching sub-routes in each route.
The returned data comprises a plurality of routing objects, the routing objects comprise a plurality of attribute parameters, the attribute parameters can be represented as title, role, path, icon and the like, the routing data can be called at the front end only when being acquired, when the calling of the returned data is empty, the routing is intercepted, the user needs to log in again, and the steps S1-S3 are repeated.
In step S2, after the route menu data changes, the attribute parameters in the route menu data are updated and recalled, and the feedback of the data can be updated so that dynamic permission information can be generated in time, and it can be determined whether the permission matching of the user can be successful.
The computer processor, when executing the collection of information for user login, performs the steps of the method of any one of claims 1 to 6.
The dynamic information in steps S1 to S3 is generated at the front end, so that the overhead of the server can be reduced, thereby improving the user experience.
Compared with the prior art, the invention has the following beneficial effects:
intercept each routing jump by using router. The user login can legally jump to a certain webpage, the asynchronous routing table is recursively filtered by using the filterAsyncRoutes method, the routing table which accords with the user role authority is returned, whether the routing table is matched with the current user authority or not is judged by using the HasPermission method through metal, the original authority data is received and processed by using the convertTree method to generate a routing tree, by combining the above methods, whether the user's rights match or not can be known more clearly, whether the user has the rights or not can be judged, the matching degree from the root node to each node can be carefully judged through the convertTree recursive function, the matching of the authority can be more authoritative, in the invention, the server only needs to store the authority information, and the dynamic authority information is generated completely by the front end, thereby greatly reducing the expense of the server and improving the user experience.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
FIG. 1 is a schematic flow diagram of a VUE-based ERP dynamic authority control method according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, the present invention provides a technical solution:
an ERP dynamic authority control method based on VUE comprises the following steps:
s1: js file judges whether the current login routing object of the user, the user need path jump or not and whether the user needs route interception or not;
s2: acquiring routing data stored in a database by using a getMenulist method in an API (application program interface), acquiring and judging the length of a stored role array by using VUEX (virtual extensible markup language), and calling convertTree and performing recursive processing on returned routing menu data after a user acquires a role;
s3: using a filterAsyncRoutes function to perform cyclic judgment on each route in the routing table through a hash function, and judging whether the hash function is matched with the current user permission through metal and filtering the permission;
the array is an ordered element sequence, the role array is the effective identity of the user name, namely the array name, whether the user has the role is judged by calculating the length of the role array, the recursive processing is to make the function circulate or refer to the function by self, and the routing table is an electronic table or a similar database stored in a router or a computer.
The filterAsyncRoots function needs role information of a user and a routing table, the filterAsyncRoots function carries out circulating judgment on each route in the routing table, and when the routing item has the right of judgment through the Haspermission method, the filterAsyncRoots method is called for the word node to traverse, so that all information in the routing table can be matched, and the correctness of the user information is ensured.
The convertTree is a recursive function, the function can carry out recursive processing on all routing nodes according to the root node, judgment is carried out on the root node and all routing nodes of the routing array, and if the pid of the node is not empty and a child node exists, the child node is generated into a routing object.
Preferably, in step S1, the determining the user route hop by using the to, from, and next parameters of the router.
To is the route To which the user is going To go and intercepts the route, from is the route object from which the current navigation is going To leave, and next is the route skipping;
judging whether a user can jump or not according to a jumping route and user attributes of the user, judging whether a user jumping path is successful or not according to a route table, when the jumping route of the user is a landing page, directly jumping to a system home page if the user logs in at a first level, otherwise entering the landing page, judging whether the jumping path and the user role exist or not according to information in the route table if the user jumps not to the landing page, if so, generating a system interface, jumping successfully, otherwise, generating a menu according to the information, and jumping unsuccessfully;
before route jump, the ordinary route is generally divided into ordinary route and http route interception, when user information is matched, the user jumps to a login interface to log in, after login succeeds, the user jumps to a target route, the http route interception is generally an interceptor, when a http request and a response need to be processed uniformly, the route can be used conveniently, and the two routes can be processed according to specific traffic.
In step S2, it is determined whether the user owns the role by determining whether the length of the role array is greater than 0, and when it is recognized that the length of the stored role array is greater than 0, it indicates that the user easily acquires the role, otherwise, the user does not acquire the role.
In step S3, determining, by using a hash function, whether the user rights are matched with the metal.
And successfully matching the authority, namely using a Haspermission function to correspondingly match the authority array in the route with the role of the user and judge and match sub-routes in each route, wherein the authority array is an array formed by the authority owned by the user.
The returned data comprises a plurality of routing objects, the routing objects comprise a plurality of attribute parameters, the attribute parameters can be represented as title, role, pid, icon and the like, the routing data can be obtained only by calling at the front end, when the calling of the returned data is empty, the routing is intercepted, the user needs to log in again, the steps S1-S3 are repeated, the title is prompt information appearing when a mouse is placed on the node, the role is role information of the user, the icon is a picture path displayed when the node is closed, and the pid is the id of a father node of the node.
In step S2, after the route menu data changes, the attribute parameters in the route menu data are updated and recalled, and the feedback of the data can be updated so that the dynamic permission information is generated in time, thereby determining whether the permission matching of the user can be successful.
When the computer processor collects the information of user login, the steps of the method of any one of claims 1 to 6 are implemented, so that the computer can automatically generate the authority of the user.
The dynamic information in steps S1 to S3 is generated at the front end, so that the overhead of the server can be reduced, thereby improving the user experience.
Example 1: under a large software company, a plurality of departments and positions are provided, different departments and positions have different authorities, the positions are respectively an internet software development engineer, a multimedia development engineer, a website operation manager, a website operation supervisor, a system administrator, a website planning, a website editing, a website design and a network information safety engineer, the work contents of different positions are different, so that the authority of each person is different, when internal employees of the company promote or resize, the authority owned by partial employees is increased or reduced, for example, when one website operation supervisor of the company employees promotes to be the website operation manager, the work authorities of the company are different, the responsible work contents are increased and the authority is increased, the authority of later departments of the company is changed, in a management platform, the side column information corresponding to the website operation manager is changed, the corresponding side bar information in the management platform is different, and different authorities need to be customized according to departments of users;
js, logging in a webpage of the software company, logging in a website according to the attribute of a user name, and when one of a user password or a user account is input incorrectly, failing to jump a path and still staying at the login page; when the path is successfully jumped, generating a system interface, and successfully jumping; the position information and the role of the user are modified in the position information table, so that new rights owned by the user in the company are automatically generated.
In the management platform, due to different related departments, the authorities of different departments can be generated by using dynamic authorities, and authority information of different departments can be changed in time through dynamic authority generation based on the VUE. When the department of the same employee changes, the menu bar displayed in the system changes, the change is only corresponding to the change of one item in one table in the database, and the pages of the server end and the front end do not need to change the codes, so that the pressure of operation and maintenance personnel of a subsequent management platform on frequently changing the authority of the department is greatly relieved.
Example 2: in this embodiment, as in embodiment 1, when a new employee a enters the company as a website design, the system will add his personal information and the authority owned by the job to the database, set the user name and password of the user, log in again after the setting is completed, and jump to the first page of the company website when the existence of the user is not shown in the database, and require the user to log in again until the user can log in successfully.
The working principle of the invention is as follows: js file, obtaining routing data stored in a database by using a getMenulist method in an API (application program interface), obtaining and judging the length of a stored role array by using VUEX, judging whether a user has a role according to the length of the array, calling convertTree and carrying out recursive processing on return routing menu data after the user obtains the role, carrying out cyclic judgment on each route in a routing table by using a fileAsyncRoutes function, and judging whether the route is matched with the current user authority and filtering the user authority by using a metal.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that changes may be made in the embodiments and/or equivalents thereof without departing from the spirit and scope of the invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (8)
1. An ERP dynamic authority control method based on VUE is characterized in that: the method comprises the following steps:
s1: js file judges whether the current login routing object of the user, the user need path jump or not and whether the user needs route interception or not;
s2: acquiring routing data stored in a database by using a getMenulist method in an API (application program interface), acquiring and judging the length of a stored role array by using VUEX (virtual extensible markup language), and calling a convertTree function and performing recursive processing on returned routing menu data after a user acquires a role;
s3: and circularly judging each route in the routing table through a hash function by using a filterAsyncRoutes function, judging whether the current user permission is matched with the hash function through metal.
2. The ERP dynamic authority control method based on the VUE as claimed in claim 1, wherein: in step S1, determining the user route hop by using the to, from, and next parameters of the router.
To is the route To which the user is going To go and intercepts the route, from is the route object from which the current navigation is going To leave, and next is the route skipping;
and judging whether the user can jump or not according to the jumping route and the user attribute of the user, and judging whether the user jumps to the path successfully or not according to a route table.
3. The ERP dynamic authority control method based on the VUE as claimed in claim 1, wherein: in step S2, it is determined whether the user owns the character by confirming whether the length of the character array is greater than 0.
4. The ERP dynamic authority control method based on the VUE as claimed in claim 1, wherein: in step S3, determining, by using a hash function, whether the user rights are matched with the metal.
And successfully matching the authority, namely using a haspermission function to correspondingly match the authority array in the route with the role of the user and judging and matching sub-routes in each route.
5. The ERP dynamic authority control method based on the VUE as claimed in claim 1, wherein: the returned data comprises a plurality of routing objects, the routing objects comprise a plurality of attribute parameters, the routing data is obtained only by calling at the front end, when the calling of the returned data is null, the routing is intercepted, the user needs to log in again, and the steps S1-S3 are repeated.
6. The ERP dynamic authority control method based on the VUE as claimed in claim 1, wherein: in step S2, when the routing menu data changes, the attribute parameters in the routing menu data are updated and recalled.
7. The ERP dynamic authority control method based on the VUE as claimed in claim 1, wherein: the computer processor collects and processes information of user login and realizes the steps of the method of any one of claims 1 to 6.
8. The ERP dynamic authority control method based on the VUE as claimed in claim 1, wherein: the dynamic information in steps S1 to S3 is generated at the front end.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011007440.1A CN112231658A (en) | 2020-09-23 | 2020-09-23 | VUE-based ERP dynamic authority control method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011007440.1A CN112231658A (en) | 2020-09-23 | 2020-09-23 | VUE-based ERP dynamic authority control method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112231658A true CN112231658A (en) | 2021-01-15 |
Family
ID=74107724
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011007440.1A Pending CN112231658A (en) | 2020-09-23 | 2020-09-23 | VUE-based ERP dynamic authority control method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112231658A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113094674A (en) * | 2021-04-28 | 2021-07-09 | 平安国际智慧城市科技股份有限公司 | Page display method and device, electronic equipment and storage medium |
| CN113568541A (en) * | 2021-08-09 | 2021-10-29 | 豆盟(北京)科技股份有限公司 | Page function determination method and device, electronic equipment and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109784033A (en) * | 2018-12-13 | 2019-05-21 | 平安科技(深圳)有限公司 | Operating right Dynamic Configuration and relevant device based on page menus |
| CN110493239A (en) * | 2019-08-26 | 2019-11-22 | 京东数字科技控股有限公司 | The method and apparatus of authentication |
| CN110502912A (en) * | 2019-08-19 | 2019-11-26 | 四川长虹电器股份有限公司 | A kind of front end permission route control method |
| CN111459566A (en) * | 2020-03-10 | 2020-07-28 | 中国平安人寿保险股份有限公司 | Authority verification-based route loading method and related equipment |
-
2020
- 2020-09-23 CN CN202011007440.1A patent/CN112231658A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109784033A (en) * | 2018-12-13 | 2019-05-21 | 平安科技(深圳)有限公司 | Operating right Dynamic Configuration and relevant device based on page menus |
| CN110502912A (en) * | 2019-08-19 | 2019-11-26 | 四川长虹电器股份有限公司 | A kind of front end permission route control method |
| CN110493239A (en) * | 2019-08-26 | 2019-11-22 | 京东数字科技控股有限公司 | The method and apparatus of authentication |
| CN111459566A (en) * | 2020-03-10 | 2020-07-28 | 中国平安人寿保险股份有限公司 | Authority verification-based route loading method and related equipment |
Non-Patent Citations (1)
| Title |
|---|
| 樊小书生: "VUE路由权限", 《HTTPS://BLOG.CSDN.NET/FXSS5201/ARTICLE/DETAILS/105348926》 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113094674A (en) * | 2021-04-28 | 2021-07-09 | 平安国际智慧城市科技股份有限公司 | Page display method and device, electronic equipment and storage medium |
| CN113094674B (en) * | 2021-04-28 | 2024-04-02 | 深圳赛安特技术服务有限公司 | Page display method and device, electronic equipment and storage medium |
| CN113568541A (en) * | 2021-08-09 | 2021-10-29 | 豆盟(北京)科技股份有限公司 | Page function determination method and device, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112615849B (en) | Micro-service access method, device, equipment and storage medium | |
| US11150874B2 (en) | API specification generation | |
| US10839011B2 (en) | Application programing interface document generator | |
| US10025880B2 (en) | Methods for integrating semantic search, query, and analysis and devices thereof | |
| US8239387B2 (en) | Structural clustering and template identification for electronic documents | |
| US8234693B2 (en) | Secure document management | |
| US7653659B2 (en) | System for automatic arrangement of portlets on portal pages according to semantical and functional relationship | |
| CN112487392A (en) | Method for realizing authority control of management system by front end | |
| CN112231658A (en) | VUE-based ERP dynamic authority control method | |
| WO2016091002A1 (en) | Method and device for providing authentication information on web page | |
| US20160092960A1 (en) | Product recommendations over multiple stores | |
| US10003592B2 (en) | Active directory for user authentication in a historization system | |
| US12045151B2 (en) | Graph-based impact analysis of misconfigured or compromised cloud resources | |
| US20090265314A1 (en) | Secure file searching | |
| CN112817567B (en) | Openwhisk no-service framework migration method for micro-service application | |
| JP6763433B2 (en) | Information gathering system, information gathering method, and program | |
| US20140379736A1 (en) | Identifying unknown parameter and name value pairs | |
| CN111563064B (en) | File operation method, system, device and readable storage medium | |
| CN113641868A (en) | Data access control method and device for resource guarantee investment and electronic equipment | |
| US20200151346A1 (en) | Method and system for implementing a cloud machine learning environment | |
| CN108470047B (en) | Remote platform monitoring system based on Internet of Things | |
| CN106445892B (en) | Document assembly method and system | |
| CN113486383B (en) | Method and device for controlling authority of front-end element, storage medium and equipment | |
| US20230315493A1 (en) | Inter-platform control interface | |
| JP2007094465A (en) | Load balancing system, method and program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210115 |
|
| RJ01 | Rejection of invention patent application after publication |