CN112231725A - Method for rapidly dividing software permission - Google Patents
Method for rapidly dividing software permission Download PDFInfo
- Publication number
- CN112231725A CN112231725A CN202011091716.9A CN202011091716A CN112231725A CN 112231725 A CN112231725 A CN 112231725A CN 202011091716 A CN202011091716 A CN 202011091716A CN 112231725 A CN112231725 A CN 112231725A
- Authority
- CN
- China
- Prior art keywords
- authority
- software
- permission
- database
- administrator
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2149—Restricted operating environment
Abstract
The invention discloses a method for rapidly dividing software permission, which comprises the following steps: step one, a database is created, and the database used for storing role information, authority information and various service information is created; step two, realizing service functions, providing corresponding service function modules in the software presentation layer, mainly comprising buttons, text boxes, forms and other controls, and triggering the corresponding service functions by clicking or double clicking the buttons by a user; the method comprises the steps of creating a super manager, giving all authorities to the super manager, creating a plurality of users, freely distributing partial authority of the super manager to subordinate users to upgrade the super manager to a primary manager, and displaying corresponding information content according to the identity and the authority of the users, so that software is more reasonable, and leadership management of the whole software and the users is facilitated.
Description
Technical Field
The invention relates to the technical field of software development, in particular to a method for rapidly dividing software permission.
Background
As is well known, software development is the process of building a software system or software parts in a system according to user requirements. Software development is a system engineering that includes requirement capture, requirement analysis, design, implementation, and testing. Software is typically implemented in a programming language. Development is typically possible using software development tools. Software is divided into system software and application software, and includes not only programs that can be run on a computer, but files related to these programs are also generally considered to be part of the software. The general process of the software design idea and method includes the algorithm and method for designing the function and implementation of the software, the overall structural design and module design of the software, programming and debugging, program joint debugging and testing, and writing and submitting the program.
The invention is disclosed in China: a management method and a management device (publication number: CN105072183A) of a cloud OS software warehouse disclose the management method and the management device of the cloud OS software warehouse, which solve the technical defects of complex and unsafe processes of deploying and updating software of the existing virtual machine, but have certain problems;
when the same software is used, the problem of user management and authority can be involved, and the authority management is very important for reasonably using the software. Because the positions are different in functions, the division of the functions is different, so that the software can be reasonably, effectively and quickly used, and therefore, a method for quickly dividing the software permission is provided.
Disclosure of Invention
Technical problem to be solved
Aiming at the defects of the prior art, the invention provides a method for rapidly dividing software permission.
(II) technical scheme
In order to achieve the purpose, the invention provides the following technical scheme: a method for rapidly dividing software permission comprises the following steps:
step one, a database is created, and the database used for storing role information, authority information and various service information is created;
step two, realizing service functions, providing corresponding service function modules in the software presentation layer, mainly comprising buttons, text boxes, forms and other controls, and triggering the corresponding service functions by clicking or double clicking the buttons by a user;
defining roles, and defining users with different use, editing or viewing functions of the software;
creating and distributing the authority, creating the authority of different rules and distributing the authority to different supervisors and users;
defining a relation entity class of the authority control object and the service container, wherein attributes contained in the relation entity class of the authority control object and the service container are an authority control object identifier and a service container identifier;
step six, establishing static permission;
and step seven, creating dynamic authority.
Preferably, in the first step, the type of the database is one of oracle, sqlserver or mysql.
Preferably, in the second step, the software representation layer is one of a web page, a mobile phone APP or computer software.
Preferably, in the third step, since the authority is the usage manner of the service function, the service is embodied in the software in the manner of various controls.
Preferably, in the fourth step, in the synchronization of the basic data when the authority control object is defined, the basic server container contains all the basic data, and the business service container contains data in the business field range, and the authority control object is stored in the database where the basic server container is located and synchronized to the database where the business service container is located.
Preferably, in the sixth step, the static permission refers to an appearance of the control display, and includes the following permissions: visibility, usability, editability and dispensability.
Preferably, in the seventh step, the dynamic permission refers to permission control and identity authentication completed according to actual requirements of the user: and displaying the information and the control related to the owned authority according to the identity state of the login user which is verified to be an administrator or a common user.
Preferably, the super administrator can freely assign partial authority of the super administrator to each subordinate user to upgrade the super administrator to a primary administrator, and then the primary administrator can assign partial authority of the super administrator to each subordinate user to upgrade the super administrator to a secondary administrator.
(III) advantageous effects
Compared with the prior art, the invention provides a method for rapidly dividing software permission, which has the following beneficial effects:
the method comprises the steps of creating a super manager, giving all authorities to the super manager, creating a plurality of users, freely distributing partial authority of the super manager to subordinate users to upgrade the super manager to a primary manager, and displaying corresponding information content according to the identity and the authority of the users, so that software is more reasonable, and leadership management of the whole software and the users is facilitated.
Drawings
FIG. 1 is a flow chart of the method of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Examples
Referring to fig. 1, the present invention provides a technical solution: a method for rapidly dividing software permission comprises the following steps:
step one, a database is created, and the database used for storing role information, authority information and various service information is created;
step two, realizing service functions, providing corresponding service function modules in the software presentation layer, mainly comprising buttons, text boxes, forms and other controls, and triggering the corresponding service functions by clicking or double clicking the buttons by a user;
defining roles, and defining users with different use, editing or viewing functions of the software;
creating and distributing the authority, creating the authority of different rules and distributing the authority to different supervisors and users;
defining a relation entity class of the authority control object and the service container, wherein attributes contained in the relation entity class of the authority control object and the service container are an authority control object identifier and a service container identifier;
step six, establishing static permission;
and step seven, creating dynamic authority.
In this embodiment, specifically: in the first step, the type of the database is one of oracle, sqlserver or mysql; the oracle database has the advantages that: 1. the processing speed is high; 2. the safety level is high, the flash and perfect recovery are supported, and the recovery can be carried out to 1 second before the failure even if the hardware is damaged; 3. several databases do the cluster database, can accomplish several seconds within the failover, and data physics is identical in addition, and the cluster is the most elegant solution always now, and data do not lose, fast switch over, load balancing, 4, grid control to and also very powerful in the aspect of the data warehouse, the advantage of sqlserver database is: the system has the advantages of being easy to use, flexible and suitable for distributed organization, data warehouse function for decision support, integration closely related to a plurality of other server software, good cost performance and the like, providing flexibility for data management and analysis, allowing units to respond leisurely in a rapidly changing environment so as to obtain competitive advantages, and having great importance for converting original data into business intelligence and making full use of opportunities brought by Web from the viewpoint of data management and analysis. As a complete database and data analysis package, the SQLServer opens a door for rapidly developing new generation enterprise-level business application programs and gaining core competitive advantages for enterprises, and as a record holder of important benchmark test scalability and speed prizes, the SQLServer is a database product with complete Web support, provides core support for extensible markup language (XML) and the capability of inquiring on the Internet and outside firewalls, and has small volume, high speed, low overall cost of ownership and sourcing; supporting various operating systems; the method is characterized in that a source database is opened, and a provided interface supports multi-language connection operation; and the method supports a large database, and can conveniently support tens of millions of recorded databases. As an open source code database, the system can be modified correspondingly for different applications; the system has a very fast and stable thread-based memory allocation system, and can be continuously used without worrying about the stability of the memory allocation system.
In this embodiment, specifically: in the second step, the software representation layer is one of a web page, a mobile phone APP or computer software.
In this embodiment, specifically: in step three, since the authority is the usage mode of the service function, the service is embodied in the software in the mode of various controls.
In this embodiment, specifically: in the fourth step, in the synchronization of the basic data when the authority control object is defined, the basic server container contains all the basic data, the business service container contains the data in the business field range, the authority control object is stored in the database where the basic server container is located, and is synchronized to the database where the business service container is located.
In this embodiment, specifically: in step six, the static permission refers to the appearance of the control display, and includes the following permissions: visibility (visible and invisible), usability (available and unavailable), editability (editable and read-only), and allowability (allowable and unallowable).
In this embodiment, specifically: in step seven, the dynamic authority refers to authority control completed according to the actual requirements of the user, and identity authentication: and displaying the information and the control related to the owned authority according to the identity state of the login user which is verified to be an administrator or a common user.
In this embodiment, specifically: the super administrator can freely distribute the partial authority of the super administrator to the subordinate users to upgrade the super administrator to a first-level administrator, and then the first-level administrator can distribute the partial authority of the super administrator to the subordinate users to upgrade the super administrator to a second-level administrator.
To sum up, the working principle and working process of the method for rapidly dividing software authority are that, when in use, different data such as various non-users, authorities and information are created in a database and stored, then in the synchronization of basic data when an authority control object is defined, a basic server container contains all basic data, a business service container contains data in a business field range, the authority control object is stored in the database where the basic server container is located and synchronized to the database where the business service container is located, a distributable business data acquisition module is fast, firstly, the authority object needing to be distributed is acquired in the basic service container, a specific authority object is selected, the business service container which the authority control object belongs to is found out, the business data to be distributed is loaded in the database corresponding to the business service container, then in a user table of the database, and designing a permission field, which is in a character type and has the length of 1000, and storing the system function permission of each user. Each authority point is used as a "partition" "1" "indicates authority, and" 0 "" indicates whether the authority exists, for example, the authority field is "1, 1, 1, 1, 0, … …, 1, 0, l", in the client program, a group of Boolean-type array T (0 to 119) is defined, when the user logs in, the content in the authority field table is split and the person T (o to 119) is explained, then the display of the system function module and all the operations of the user are controlled according to the content of T (0 to 119), then a super manager is created and all the authorities are given to the super manager, then a plurality of users are created, then the super manager can freely distribute the partial authority of the super manager to the users under the super manager, so that the user is upgraded to a primary manager, then the primary manager can distribute the partial authority of the super manager to the users under the super manager, so that the user is upgraded to a secondary manager, the administrator needs to manage the authority of each user that can log in, and in each system function module, the definition of the authority needs to be determined according to the actual situation and the specific architecture, therefore, the authority analysis of the system firstly needs to expand the actually used authority, the authority of the system needs to expand, and a proper authority hierarchical structure is selected for different applications in consideration of multiple aspects such as maintainability, flexibility and integrity, and the like, and enough development space is reserved, and although the authority of each function module is different, the function modules also have basically the same authority, such as addition, deletion, modification and the like.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (8)
1. A method for rapidly dividing software permission is characterized by comprising the following steps:
step one, a database is created, and the database used for storing role information, authority information and various service information is created;
step two, realizing service functions, providing corresponding service function modules in the software presentation layer, mainly comprising buttons, text boxes, forms and other controls, and triggering the corresponding service functions by clicking or double clicking the buttons by a user;
defining roles, and defining users with different use, editing or viewing functions of the software;
creating and distributing the authority, creating the authority of different rules and distributing the authority to different supervisors and users;
defining a relation entity class of the authority control object and the service container, wherein attributes contained in the relation entity class of the authority control object and the service container are an authority control object identifier and a service container identifier;
step six, establishing static permission;
and step seven, creating dynamic authority.
2. The method for rapidly partitioning software permission according to claim 1, wherein: in the first step, the type of the database is one of oracle, sqlserver or mysql.
3. The method for rapidly partitioning software permission according to claim 1, wherein: in the second step, the software representation layer is one of a web page, a mobile phone APP or computer software.
4. The method for rapidly partitioning software permission according to claim 1, wherein: in the third step, since the authority is the usage mode of the service function, the service is embodied in the software in the mode of various controls.
5. The method for rapidly partitioning software permission according to claim 1, wherein: in the fourth step, in the synchronization of the basic data when the authority control object is defined, the basic server container contains all the basic data, the business service container contains the data in the business field range, the authority control object is stored in the database where the basic server container is located, and is synchronized to the database where the business service container is located.
6. The method for rapidly partitioning software permission according to claim 1, wherein: in the sixth step, the static permission refers to the appearance of the control display, and includes the following permissions: visibility, usability, editability and dispensability.
7. The method for rapidly partitioning software permission according to claim 1, wherein: in the seventh step, the dynamic permission refers to permission control and identity authentication which are completed according to the actual requirements of the user: and displaying the information and the control related to the owned authority according to the identity state of the login user which is verified to be an administrator or a common user.
8. The method for rapidly partitioning software permissions according to claim 7, characterized by: the super administrator can freely distribute partial authority of the super administrator to subordinate users of the super administrator to upgrade the super administrator to a first-level administrator, and then the first-level administrator can distribute partial authority of the super administrator to subordinate users of the super administrator to upgrade the super administrator to a second-level administrator.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011091716.9A CN112231725A (en) | 2020-10-13 | 2020-10-13 | Method for rapidly dividing software permission |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011091716.9A CN112231725A (en) | 2020-10-13 | 2020-10-13 | Method for rapidly dividing software permission |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112231725A true CN112231725A (en) | 2021-01-15 |
Family
ID=74112516
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011091716.9A Pending CN112231725A (en) | 2020-10-13 | 2020-10-13 | Method for rapidly dividing software permission |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112231725A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113792030A (en) * | 2021-09-23 | 2021-12-14 | 重庆标能瑞源储能技术研究院有限公司 | Equipment virtual structure management method applied to big data platform |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101645126A (en) * | 2009-09-07 | 2010-02-10 | 浪潮集团山东通用软件有限公司 | Method for controlling service-oriented authorization access based on RBAC model extension |
| CN104050401A (en) * | 2013-03-12 | 2014-09-17 | 腾讯科技(深圳)有限公司 | User permission management method and system |
| US20150026215A1 (en) * | 2013-07-18 | 2015-01-22 | Anil Goel | Autonomous role-based security for database management systems |
| CN106778319A (en) * | 2015-11-23 | 2017-05-31 | 天津九洲云物联科技有限公司 | One kind is based on the improved access control model of RBAC model |
| CN108376214A (en) * | 2018-02-12 | 2018-08-07 | 深圳市沃特沃德股份有限公司 | Right management method, device and vehicle-mounted background system |
| CN109214207A (en) * | 2018-08-22 | 2019-01-15 | 郑州云海信息技术有限公司 | The management method and device of permission in the network of multi-user access |
| CN109739873A (en) * | 2018-12-27 | 2019-05-10 | 广州市玄武无线科技股份有限公司 | A kind of business datum querying method, device, equipment and readable storage medium storing program for executing |
| US20190238454A1 (en) * | 2016-07-19 | 2019-08-01 | Telefonaktieboiaget LM Ericsson (pubil) | Datapath Provision in Software Defined Networks |
| CN111291359A (en) * | 2020-01-17 | 2020-06-16 | 国电南瑞科技股份有限公司 | Authority management control method of rail transit information system |
-
2020
- 2020-10-13 CN CN202011091716.9A patent/CN112231725A/en active Pending
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101645126A (en) * | 2009-09-07 | 2010-02-10 | 浪潮集团山东通用软件有限公司 | Method for controlling service-oriented authorization access based on RBAC model extension |
| CN104050401A (en) * | 2013-03-12 | 2014-09-17 | 腾讯科技(深圳)有限公司 | User permission management method and system |
| US20150026215A1 (en) * | 2013-07-18 | 2015-01-22 | Anil Goel | Autonomous role-based security for database management systems |
| CN106778319A (en) * | 2015-11-23 | 2017-05-31 | 天津九洲云物联科技有限公司 | One kind is based on the improved access control model of RBAC model |
| US20190238454A1 (en) * | 2016-07-19 | 2019-08-01 | Telefonaktieboiaget LM Ericsson (pubil) | Datapath Provision in Software Defined Networks |
| CN108376214A (en) * | 2018-02-12 | 2018-08-07 | 深圳市沃特沃德股份有限公司 | Right management method, device and vehicle-mounted background system |
| CN109214207A (en) * | 2018-08-22 | 2019-01-15 | 郑州云海信息技术有限公司 | The management method and device of permission in the network of multi-user access |
| CN109739873A (en) * | 2018-12-27 | 2019-05-10 | 广州市玄武无线科技股份有限公司 | A kind of business datum querying method, device, equipment and readable storage medium storing program for executing |
| CN111291359A (en) * | 2020-01-17 | 2020-06-16 | 国电南瑞科技股份有限公司 | Authority management control method of rail transit information system |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113792030A (en) * | 2021-09-23 | 2021-12-14 | 重庆标能瑞源储能技术研究院有限公司 | Equipment virtual structure management method applied to big data platform |
| CN113792030B (en) * | 2021-09-23 | 2023-11-24 | 重庆标能瑞源储能技术研究院有限公司 | Equipment virtual structure management method applied to big data platform |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10673932B2 (en) | System and method for abstraction of objects for cross virtual universe deployment | |
| Bichsel et al. | A simple algorithm for shape from shading | |
| US8615501B2 (en) | Hypervisor service to provide image version control support | |
| Deris et al. | An efficient replicated data access approach for large-scale distributed systems | |
| CN102638566B (en) | BLOG system running method based on cloud storage | |
| CN105897946A (en) | Obtaining method and system of access address | |
| CN102103518A (en) | System for managing resources in virtual environment and implementation method thereof | |
| CN106993064A (en) | A kind of system and its construction method and application that the storage of mass data scalability is realized based on Openstack cloud platforms | |
| CN108268614B (en) | Distributed management method for forest resource spatial data | |
| Aubakirov et al. | Development of system architecture for e-government cloud platforms | |
| Perri et al. | Implementing a scalable and elastic computing environment based on cloud containers | |
| CN102789392A (en) | Method for constructing power system distributed platform | |
| US20220207165A1 (en) | Information processing method, system, electronic device and computer readable storage medium | |
| CN112231725A (en) | Method for rapidly dividing software permission | |
| WO2022046225A1 (en) | Automated code analysis tool | |
| Yang | From Google file system to omega: a decade of advancement in big data management at Google | |
| US10949197B1 (en) | Analysis of patch impact on a running database application | |
| EP3519985A1 (en) | Flexible in-memory column store placement | |
| CN115543548B (en) | Configuration method, device and equipment of container group and readable storage medium | |
| CN115543549B (en) | Container with application running effect consistent with host machine | |
| Li et al. | Performance analysis and framework optimization of open source cloud storage system | |
| US9229659B2 (en) | Identifying and accessing reference data in an in-memory data grid | |
| Chullipparambil | Big data analytics using Hadoop tools | |
| Yu et al. | Design and implementation of business access control in new generation power grid dispatching and control system | |
| Saxena et al. | Concepts of HBase archetypes in big data engineering |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |