CN112597118A - Method and device for adding shared file - Google Patents

Method and device for adding shared file Download PDF

Info

Publication number
CN112597118A
CN112597118A CN202110010190.5A CN202110010190A CN112597118A CN 112597118 A CN112597118 A CN 112597118A CN 202110010190 A CN202110010190 A CN 202110010190A CN 112597118 A CN112597118 A CN 112597118A
Authority
CN
China
Prior art keywords
shared
information
client
shared file
returned
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110010190.5A
Other languages
Chinese (zh)
Other versions
CN112597118B (en
Inventor
高畅
谭千令
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Mass Storage Technology Co ltd
Original Assignee
Hangzhou Mass Storage Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Mass Storage Technology Co ltd filed Critical Hangzhou Mass Storage Technology Co ltd
Priority to CN202110010190.5A priority Critical patent/CN112597118B/en
Publication of CN112597118A publication Critical patent/CN112597118A/en
Application granted granted Critical
Publication of CN112597118B publication Critical patent/CN112597118B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/17Details of further file system functions
    • G06F16/176Support for shared access to files; File sharing support
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Databases & Information Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Storage Device Security (AREA)

Abstract

The application provides an adding method of a shared file, which can be applied to a shared file device; in the method, the shared file device can generate shared file information by utilizing the shared device information in the storage device and the to-be-shared device information in the client, and send the shared file information to the client, so that the DI client can update the shared file according to the shared file information, the DI client can automatically add the shared file, and the user experience is improved.

Description

Method and device for adding shared file
Technical Field
The present application relates to the field of data storage, and in particular, to a method and an apparatus for adding a shared file.
Background
The Data origin (hereinafter, referred to as DI) platform scans files in a Data storage device, which relates to file storage device scanning in a DI software layer and file scanning in a shared directory, normally, an adding operation needs to be manually performed in the DI platform layer, that is, each shared device needs to be manually added, each shared directory in the device needs to be manually added, and if N stored devices exist and M shared directory files exist in each device, the number of times of the manual operation needs to be N × M times. In most cases, as actual use scenes become more and more complex along with the lapse of time, the number of files stored in a storage system of the storage system becomes more and more messy, more and more devices are stored according to requirements, and the real-time information synchronization of the files cannot be realized by only manual operation. Therefore, a solution is needed to enable the DI client to automatically add the shared file.
Disclosure of Invention
The application provides a method and a device for adding shared files, so that a DI client can automatically add the shared files, and further user experience is improved.
The application provides a method for adding shared files, which is applied to a shared file device and comprises the following steps:
responding to the addition operation of the shared file, generating a shared information reading instruction and an added information reading instruction, and respectively sending user login information to a client and a storage device to obtain a security authentication certificate returned by the client and a security access certificate returned by the storage device;
sending the data reading instruction and the security access certificate to the storage device to acquire shared device information returned by the storage device;
sending the adding information reading instruction and the security authentication certificate to the client to acquire the information of the equipment to be shared, which is returned by the client;
generating shared file information according to the shared device information and the to-be-shared device information;
and sending the shared file information and the security authentication voucher to the client so that the client updates the shared file according to the shared file information.
Optionally, the sending user login information to a client and a storage device respectively to obtain a security authentication credential returned by the client and a security access credential returned by the storage device includes:
sending the user login information to the client, and if the user login information passes the verification of the client, acquiring a security authentication credential returned by the client;
and sending the user login information to the storage equipment, and if the user login information passes the verification of the storage equipment, acquiring a security access credential returned by the client.
Optionally, the shared device information includes existing shared files and sequence identifiers respectively corresponding to the shared files; the information of the equipment to be shared comprises files to be shared; generating shared file information according to the shared device information and the to-be-shared device information, including:
determining sequence identifications corresponding to the files to be shared according to the sequence identifications respectively corresponding to the existing shared files;
and generating shared file information according to the shared device information, the to-be-shared device information and the sequence identification corresponding to the to-be-shared file.
Optionally, after the step of obtaining the security authentication credential returned by the client and the security access credential returned by the storage device, the method further includes:
verifying the security authentication credentials;
if the security authentication certificate passes the verification, establishing communication connection with the client;
and if the security authentication certificate is not verified, disconnecting the communication connection with the client.
Optionally, after the step of obtaining the security authentication credential returned by the client and the security access credential returned by the storage device, the method further includes:
verifying the security access credential;
if the security access certificate passes the verification, establishing communication connection with the storage equipment;
and if the security access certificate is not verified, disconnecting the communication connection with the storage equipment.
Optionally, after generating shared file information according to the shared device information, the to-be-shared device information, and the sequence identifier corresponding to the to-be-shared file, the method further includes:
and performing format conversion on the shared device information to obtain the shared device information after format conversion, wherein the format corresponding to the shared device information after format conversion is a data format which can be processed by the client.
Optionally, before the adding information reading instruction and the security authentication credential are sent to the client to obtain the to-be-shared device information returned by the client, the method further includes:
sending the security authentication credential to the client to verify whether the security authentication credential is valid;
receiving a verification result returned by the client;
and if the verification result is that the safety authentication certificate is valid, executing the step of sending the adding information reading instruction and the safety authentication certificate to the client.
Optionally, after the sending the shared file information and the security authentication credential to the client to enable the client to update the shared file according to the shared file information, the method further includes:
receiving an updating result of the shared file information returned by the client;
determining an updating mode corresponding to the updating result according to the updating result;
and performing operation processing according to the updating mode corresponding to the updating result.
Optionally, the client is a data mining (DI) client.
The application also provides a device for adding shared files, the device is applied to a device for sharing files, and the device for adding shared files comprises:
the response unit is used for responding to the shared file adding operation, generating a shared information reading instruction and an added information reading instruction, and respectively sending user login information to the client and the storage equipment to obtain a security authentication certificate returned by the client and a security access certificate returned by the storage equipment;
a sending unit, configured to send the data reading instruction and the security access credential to the storage device, so as to obtain shared device information returned by the storage device;
the sending unit is further configured to send the addition information reading instruction and the security authentication credential to the client to obtain information of the device to be shared, where the information is returned by the client;
the generating unit is used for generating shared file information according to the shared device information and the to-be-shared device information;
the sending unit is further configured to send the shared file information and the security authentication credential to the client, so that the client updates the shared file according to the shared file information.
Optionally, the response unit is specifically configured to:
sending the user login information to the client, and if the user login information passes the verification of the client, acquiring a security authentication credential returned by the client;
and sending the user login information to the storage equipment, and if the user login information passes the verification of the storage equipment, acquiring a security access credential returned by the client.
Optionally, the shared device information includes existing shared files and sequence identifiers respectively corresponding to the shared files; the information of the equipment to be shared comprises files to be shared; the generating unit is specifically configured to:
determining sequence identifications corresponding to the files to be shared according to the sequence identifications respectively corresponding to the existing shared files;
and generating shared file information according to the shared device information, the to-be-shared device information and the sequence identification corresponding to the to-be-shared file.
Optionally, the apparatus further includes a verification unit, configured to:
verifying the security authentication credentials;
if the security authentication certificate passes the verification, establishing communication connection with the client;
and if the security authentication certificate is not verified, disconnecting the communication connection with the client.
Optionally, the verification unit is further configured to:
verifying the security access credential;
if the security access certificate passes the verification, establishing communication connection with the storage equipment;
and if the security access certificate is not verified, disconnecting the communication connection with the storage equipment.
Optionally, the apparatus further comprises a conversion unit for:
and performing format conversion on the shared device information to obtain the shared device information after format conversion, wherein the format corresponding to the shared device information after format conversion is a data format which can be processed by the client.
Optionally, the verification unit is further configured to:
sending the security authentication credential to the client to verify whether the security authentication credential is valid;
receiving a verification result returned by the client;
and if the verification result is that the safety authentication certificate is valid, executing the step of sending the adding information reading instruction and the safety authentication certificate to the client.
Optionally, the apparatus further includes an updating unit, configured to:
receiving an updating result of the shared file information returned by the client;
determining an updating mode corresponding to the updating result according to the updating result;
and performing operation processing according to the updating mode corresponding to the updating result.
Optionally, the client is a data mining (DI) client.
According to the technical scheme, the method is applied to a shared file device, and can respond to the shared file adding operation, generate a shared information reading instruction and an added information reading instruction, and respectively send user login information to a client and a storage device to obtain a security authentication certificate returned by the client and a security access certificate returned by the storage device; sending the data reading instruction and the security access certificate to the storage device to acquire shared device information returned by the storage device; sending the adding information reading instruction and the security authentication certificate to the client to acquire the information of the device to be shared, which is returned by the storage device; generating shared file information according to the shared device information and the to-be-shared device information; and sending the shared file information and the security authentication voucher to the client so that the client updates the shared file according to the shared file information. In the scheme provided by the application, the shared file device can generate shared file information by using the shared device information in the storage device and the to-be-shared device information in the client, and send the shared file information to the client, so that the DI client can update the shared file according to the shared file information, the DI client can automatically add the shared file, and the user experience is improved.
Further effects of the above-mentioned unconventional preferred modes will be described below in conjunction with specific embodiments.
Drawings
In order to more clearly illustrate the embodiments or prior art solutions of the present application, the drawings needed for describing the embodiments or prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments described in the present application, and that other drawings can be obtained by those skilled in the art without inventive exercise.
Fig. 1 is a schematic flowchart illustrating a method for adding a shared file according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of an adding apparatus for sharing files according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the technical solutions of the present application will be described in detail and completely with reference to the following embodiments and accompanying drawings. It should be apparent that the described embodiments are only some of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The inventor finds that the operation of scanning files in a Data asset (hereinafter, referred to as DI) platform on a Data storage device relates to file storage device scanning in a DI software layer and file scanning in a shared directory, and normally needs to manually add files in the DI platform layer, that is, each shared device needs to be manually added, each shared directory in the device needs to be manually added, and if N stored devices exist and M shared directory files exist in each device, the number of times of manual operation is N × M. In most cases, as actual use scenes become more and more complex along with the lapse of time, the number of files stored in a storage system of the storage system becomes more and more messy, more and more devices are stored according to requirements, and the real-time information synchronization of the files cannot be realized by only manual operation. Therefore, a solution is needed to enable the DI client to automatically add the shared file.
Therefore, the application provides a method for adding a shared file, which is applied to a shared file device, and can respond to a shared file adding operation to generate a shared information reading instruction and an added information reading instruction, and send user login information to a client and a storage device respectively to obtain a security authentication certificate returned by the client and a security access certificate returned by the storage device; sending the data reading instruction and the security access certificate to the storage device to acquire shared device information returned by the storage device; sending the adding information reading instruction and the security authentication certificate to the client to acquire the information of the device to be shared, which is returned by the storage device; generating shared file information according to the shared device information and the to-be-shared device information; and sending the shared file information and the security authentication voucher to the client so that the client updates the shared file according to the shared file information. In the scheme provided by the application, the shared file device can generate shared file information by using the shared device information in the storage device and the to-be-shared device information in the client, and send the shared file information to the client, so that the DI client can update the shared file according to the shared file information, the DI client can automatically add the shared file, and the user experience is improved.
Various non-limiting embodiments of the present application are described in detail below with reference to the accompanying drawings.
Referring to fig. 1, a method for adding a shared file in an embodiment of the present application is shown, where the method may be applied to a shared file apparatus, such as a client (e.g., a mobile device such as a mobile phone, a notebook, an electronic communication watch, etc.) or a server. In this embodiment, the method may include, for example, the steps of:
s101: responding to the shared file adding operation, generating a shared information reading instruction and an added information reading instruction, and respectively sending user login information to a client and a storage device to obtain a security authentication certificate returned by the client and a security access certificate returned by the storage device.
When a user needs to add a shared file to a client (such as a data mining (DI) client), a shared file adding operation (such as clicking a corresponding key) can be input through the shared file device, and login information (such as a user name and a password of the used user name) of the user can be input, so that the shared file device can acquire the user login information and the shared file adding operation. Wherein, the user login information may include at least one of the following information: the IP address of the client (the IP address of the Data Insight client), the IP address of the storage device (the IP address of the Data Insight storage device), the user name used by the user, the password of the user name used, and the domain of the user used; a domain refers to a kind of management unit of an integrated resource, which can be understood as a kind of group of users.
Then, the shared file device may send the user login information to the client, and if the user login information passes the client verification, obtain a security authentication credential returned by the client, and the shared file device may locally store the security authentication credential. Specifically, after the shared file device sends the user login information to the client, the client may verify the user login information, and if the user login information passes the verification, generate a security authentication credential corresponding to the user login information. For example, the client may verify an IP address of the client (an IP address of a Data instance client), a user name used by a user, a password of the user name used, and a domain where the user is located, specifically, the client may locally store a plurality of authenticated user login information in advance, and after receiving the user login information, the client may first determine whether authenticated user login information corresponding to the user login information is locally stored; if not, the operation is stopped, and after waiting for the preset duration, the client can acquire the user login information again; if so, the user login information passes the verification, a security authentication certificate corresponding to the user login information is generated, and the security authentication certificate is returned to the shared file device. Specifically, since the client locally may pre-store the port number for providing the service, the management account, the password corresponding to the management account, and the operation authority (for example, which operations may be performed) corresponding to each user, so that the user login information passes the verification, the shared file device may obtain the security authentication credential corresponding to the user login information (the security authentication credential is a security authentication method, in order to ensure that each access is the operation of the user who has actually logged in, and in order to not require that the client for each legitimate operation is a specific certain machine, the method using the credential (TOKEN) is used, the user who has successfully logged in may obtain a string of characters, and as long as the string of characters is included in the subsequent operations, the subsequent operations may be identified as legitimate requests by the client and the storage device, allowing the operations, and this method is a credential authentication method, that string of characters is a so-called security authentication credential). It should be noted that, when the client is a DI client, the format of the user login information may be a URL format.
And the shared file device can send the user login information to the storage equipment, if the user login information passes the verification of the storage equipment, the secure access certificate returned by the client is obtained, and the shared file device can locally store the secure access certificate. Specifically, after the shared file apparatus may send the user login information to the storage device, the storage device may verify the user login information, and if the user login information passes the verification, generate a security access credential corresponding to the user login information. For example, the storage device may verify an IP address of the storage device (an IP address of a Data attribute storage device), a user name used by a user, a password of the user name used, and a domain where the user is located, specifically, the storage device may locally store a plurality of authenticated user login information in advance, and after receiving the user login information, the storage device may first determine whether authenticated user login information corresponding to the user login information is locally stored; if not, the operation is stopped, and after waiting for the preset time length, the storage equipment can acquire the user login information again; if so, the user login information passes the verification, a security access certificate corresponding to the user login information is generated, and the security access certificate is returned to the shared file device. Specifically, since the storage device may locally and pre-store a port number for providing a service, a management account, a password corresponding to the management account, and operation permissions (e.g., which operations may be performed) corresponding to each user, so that the user login information is verified, the shared file device may obtain a security access credential corresponding to the user login information (the security access credential is a security authentication method, in order to ensure that each access is an operation of a user who has actually logged in, and in order to not require that a storage device for each legitimate operation is a specific machine, a credential (TOKEN) method is used, a user who has successfully logged in may obtain a string of characters, and as long as the string of characters is included in subsequent operations, the storage device and the storage device may be identified as a legitimate request, allowing the operation, and the method is a credential authentication method, that string of characters is a so-called secure access credential). It is emphasized that the time of acquiring the security authentication credentials and the time of acquiring the security access credentials may be the same or different, for example, the security access credentials may be acquired first and then the security authentication credentials may be acquired.
It should be noted that, in an implementation manner, the user login information may include request header information (header), request header parameters (params), and return status information parameters (response). Specifically, the user login information is required to add request header information, so that deterministic parameter acquisition and security guarantee can be ensured. For example, all request headers would require the addition of the following parameters: the method comprises the steps of receiving Content Type (Accept), compressed coding Type (Accept-Encoding), received Language Type (Accept-Language), Cache mechanism (Cache-Control) of request and response, whether persistent Connection (Connection) is needed, domain name and port number (Host) of a server for specifying request, and Content of User-Agent comprising User information (User-Agent) for sending request, Date and time (Date) for sending request, MIME information (Content-Type) corresponding to an entity of request, Content-Length (Content-Length) of request, Cookie value (Cookie), request Type (X-Requested-With), and credential random code (iBaseToken). All subsequent url operations from login carry out communication in the same data format by using the parameters as standards, so that the safety and consistency of communication are ensured. In this way, the request header information may include some information including security, and all the urls of the requests have the same standard request header information, so that security is relatively guaranteed.
It should be noted that, in an implementation manner, after the step of acquiring the security authentication credential returned by the client and the security access credential returned by the storage device, the method further includes:
verifying the security authentication credentials;
if the security authentication certificate passes the verification, establishing communication connection with the client;
and if the security authentication certificate is not verified, disconnecting the communication connection with the client.
Specifically, the shared file device may first verify the security authentication credential, for example, perform a legalization verification (for example, may decode the security authentication credential to determine whether the client corresponding to the decoded character string is an authenticated client), if the security authentication credential passes the legalization verification, for example, the security authentication credential does not have a format error or a legal date, establish a communication connection with the client, that is, after the security authentication credential is verified to be correct, maintain a connection with the client, and record the security authentication credential; if the security authentication voucher has the problems of wrong format, exceeding legal date and the like, and the security authentication voucher is not verified, the security authentication voucher can be disconnected from the client side in a communication way, for example, the verification result can be visually fed back, and the existing connection with the client side is disconnected.
It should be noted that, in an implementation manner, after the step of acquiring the security authentication credential returned by the client and the security access credential returned by the storage device, the method further includes:
verifying the security access credential;
if the security access certificate passes the verification, establishing communication connection with the storage equipment;
and if the security access certificate is not verified, disconnecting the communication connection with the storage equipment.
Specifically, the shared file apparatus may first verify the security access credential, for example, perform a legalization verification (for example, may decode the security access credential and determine whether the storage device corresponding to the decoded character string is an authenticated storage device), and if the security access credential passes the legalization verification, for example, the security access credential does not have a format error or a legal date exceeding problem, establish a communication connection with the storage device, that is, after the security access credential is verified to be correct, maintain a connection with the storage device, and record the security access credential; if the security access certificate has a problem of wrong format or exceeding legal date, etc., and the security access certificate is not verified, the security access certificate can be disconnected from the storage device, for example, the verification result can be visually fed back, and the existing connection with the storage device can be disconnected.
S102: and sending the data reading instruction and the security access certificate to the storage device to acquire shared device information returned by the storage device.
After the shared file device generates the data reading instruction and obtains the security access credential, the shared file device may send the data reading instruction and the security access credential to the storage device.
After receiving the data reading instruction and the security access credential, the storage device may determine shared device information according to the data reading instruction and the security access credential. Specifically, the storage device may first verify the security access credential, and if the security access credential passes the verification, the storage device may determine shared device information according to the data reading instruction, and return the shared device information to the shared file apparatus.
For example, the storage device may locally store the corresponding security access credential in advance, and after receiving the data reading instruction sent by the shared file apparatus, the storage device may first determine whether the security access credential sent by the shared file apparatus matches the security access credential stored in advance and corresponding to the security access credential; if not, stopping the operation, and after waiting for a preset time length, the storage device can acquire the data reading instruction and the security access certificate again; if the shared device information is verified, the security access certificate passes verification, shared device information is determined and returned to the shared file device, and the shared device information can be stored locally after the shared device information is acquired by the shared file device.
It should be noted that the shared device information may include at least the following information: the storage device platform address information, the storage device platform port information, the storage device platform sharing type information, shared files existing in the storage device platform (such as shared file structure information and storage device platform shared file names), and sequence identifications (i.e. shared file identifier information in the storage device platform) respectively corresponding to the shared files.
It should be noted that, in an implementation manner, after generating shared file information according to the shared device information, the to-be-shared device information, and the sequence identifier corresponding to the to-be-shared file, the method further includes:
and performing format conversion on the shared device information to obtain the shared device information after format conversion, wherein the format corresponding to the shared device information after format conversion is a data format which can be processed by the client.
The shared file device may perform format conversion on the shared device information to obtain the shared device information after format conversion, where a format corresponding to the shared device information after format conversion is a data format that can be processed by the client. For example, format conversion refers to that a DI client needs specific data in a structure format to be able to successfully process shared device information (i.e., the DI client can only process data in a specific format), and therefore the shared device information returned by a storage device needs to be converted into a data format required by the DI client, which may be referred to as structured data, i.e., format conversion; for example, assuming that the shared device information returned by the storage device is in XML format, the shared device information is converted (i.e. format conversion) into dictionary format by deconstruction, and assembled into data information in dictionary format required by the DI client, i.e. the shared device information after format conversion.
S103: and sending the adding information reading instruction and the security authentication voucher to the client to acquire the information of the equipment to be shared, which is returned by the client.
After the shared file device generates the addition information reading instruction and obtains the security authentication credential, the shared file device may send the addition information reading instruction and the security authentication credential to the client.
After receiving the addition information reading instruction and the security authentication credential, the client may determine information of the device to be shared according to the addition information reading instruction and the security authentication credential. Specifically, the client may first verify the security authentication credential, and if the security authentication credential passes the verification, the client may determine the information of the device to be shared according to the added information reading instruction, and return the information of the device to be shared to the shared file apparatus.
For example, the client may locally store a corresponding security authentication credential in advance, and after receiving a data reading instruction sent by the shared file apparatus, the storage device may first determine whether the security authentication credential sent by the shared file apparatus matches the security authentication credential stored in advance; if not, stopping the operation, and after waiting for a preset time length, the client can acquire the addition information reading instruction and the security authentication voucher again; if the equipment information to be shared is verified to be passed, the safety certification certificate is verified to be passed, the equipment information to be shared is determined and returned to the shared file device, and after the shared file device obtains the equipment information to be shared, the equipment information to be shared can be stored locally.
It should be noted that the device information to be shared may at least include the following information: the shared file device id to be added, the shared file device name to be added, the file to be shared, and the sharing event information corresponding to the file to be shared (the sharing time information may include at least one of operation code, target path, target type, target sid, user name of the adder, domain of the adder, adding timestamp, and address of the adder, for example).
In one implementation, before the sending the adding information reading instruction and the security authentication credential to the client to obtain the device to be shared information returned by the client, the method further includes:
sending the security authentication credential to the client to verify whether the security authentication credential is valid;
receiving a verification result returned by the client;
and if the verification result is that the safety authentication certificate is valid, executing the step of sending the adding information reading instruction and the safety authentication certificate to the client.
Before the shared file device sends the adding information reading instruction and the security authentication certificate to the client, the shared file device may verify whether the security authentication certificate of the preamble operation is still valid. Specifically, the shared file device may send the security authentication credential to the client to verify whether the security authentication credential is valid, for example, the shared file device may send a request for querying shared directory information to the client, and the client may return a verification result to the shared file device according to whether the shared directory information is queried to store the security authentication credential. Specifically, if the client can query that the shared directory information still stores the security authentication credential, a verification result is returned to the shared file device, and the verification result is that the security authentication credential is valid (for example, if the security authentication credential still takes effect, the verification result may be a status code of 200), at this time, the shared file device may perform the step of sending the addition information reading instruction and the security authentication credential to the client. If the client can inquire that the security authentication credential is not stored in the shared directory information, a verification result is returned to the shared file device, and the verification result is that the security authentication credential is invalid (for example, if the security authentication credential is invalid, the verification result may be a state code of 401 and information that the credential is invalid), at this time, the shared file device does not execute the step of sending the addition information reading instruction and the security authentication credential to the client, but can apply for the security authentication credential again from the client.
S104: and generating shared file information according to the shared device information and the to-be-shared device information.
In this embodiment, the shared device information includes existing shared files and sequence identifiers respectively corresponding to the shared files; the information of the device to be shared comprises a file to be shared. In one implementation manner, the shared file device may first determine the sequence identifier corresponding to the file to be shared according to the sequence identifiers respectively corresponding to the existing shared files, and it can be understood that the shared file device may calculate the sequence identifier corresponding to the file to be shared according to the sequence identifiers respectively corresponding to the existing shared files; for example, the DI client configures a unique sequence identifier, which may also be called an ID, for each added shared file, where the ID is an incremented sequence of numbers, for example, 20 shared files have been added, and the IDs of the 20 shared files are respectively 1-20 continuously, so that when a new shared file (i.e., a file to be shared) is added, the ID number of the file to be shared will be 21, and qangdiao is required, and the ID cannot be repeated, so that when the new file to be shared is added, the largest sequence identifier in the original shared file is queried first, and an increment operation of adding 1 is performed on the largest sequence identifier in the shared file, that is, a sequence identifier obtained by adding 1 to the largest sequence identifier in the shared file is used as the sequence identifier of the file to be shared.
Then, the file sharing apparatus may generate shared file information according to the shared device information, the information of the device to be shared, and the sequence identifier corresponding to the file to be shared. For example, a set of the sharing device information, the device information to be shared (such as the sharing device information after format conversion), and the sequence identifier corresponding to the file to be shared may be used as sharing file information, that is, the sharing file information may include the sharing device information, the device information to be shared (such as the sharing device information after format conversion), and the sequence identifier corresponding to the file to be shared.
S105: and sending the shared file information and the security authentication voucher to the client so that the client updates the shared file according to the shared file information.
After the shared file device determines shared file information, the shared file device may send the shared file information and the security authentication credential to the client. The client may first verify the security authentication credential (for example, the security authentication credential may be decoded to determine whether a device corresponding to the decoded character string is a certified legal device), and if the verification is passed, may receive the shared file information and update the shared file according to the shared file information.
In one implementation, before the sending the shared file information and the security authentication credentials to the client, the method further comprises:
sending the security authentication credential to the client to verify whether the security authentication credential is valid;
receiving a verification result returned by the client;
and if the verification result is that the security authentication certificate is valid, executing the step of sending the audit log to be updated and the security authentication certificate to the client.
The shared file device may prior to sending the shared file information and the security authentication credentials to the client, verify whether the security authentication credentials of the preceding operation are still valid. Specifically, the shared file device may send the security authentication credential to the client to verify whether the security authentication credential is valid, for example, the shared file device may send a request for querying shared directory information to the client, and the client may return a verification result to the shared file device according to whether the shared directory information is queried to store the security authentication credential. Specifically, if the client can query that the shared directory information still stores the security authentication credential, a verification result is returned to the shared file device, and the verification result is that the security authentication credential is valid (for example, if the security authentication credential still takes effect, the verification result may be a state code of 200), at this time, the shared file device may perform the step of sending the shared file information and the security authentication credential to the client. If the client can inquire that the shared directory information does not store the security authentication credential, a verification result is returned to the shared file device, and the verification result is that the security authentication credential is invalid (for example, if the security authentication credential is invalid, the verification result may be a state code of 401 and information that the credential is invalid), at this time, the shared file device does not perform the step of sending the shared file information and the security authentication credential to the client, but can apply for the security authentication credential again to the client.
According to the technical scheme, the method is applied to a shared file device, and can respond to the shared file adding operation, generate a shared information reading instruction and an added information reading instruction, and respectively send user login information to a client and a storage device to obtain a security authentication certificate returned by the client and a security access certificate returned by the storage device; sending the data reading instruction and the security access certificate to the storage device to acquire shared device information returned by the storage device; sending the adding information reading instruction and the security authentication certificate to the client to acquire the information of the device to be shared, which is returned by the storage device; generating shared file information according to the shared device information and the to-be-shared device information; and sending the shared file information and the security authentication voucher to the client so that the client updates the shared file according to the shared file information. In the scheme provided by the application, the shared file device can generate shared file information by using the shared device information in the storage device and the to-be-shared device information in the client, and send the shared file information to the client, so that the DI client can update the shared file according to the shared file information, the DI client can automatically add the shared file, and the user experience is improved.
In one implementation, after the sending the shared file information and the security authentication credential to the client to enable the client to update the shared file according to the shared file information, the method further includes:
receiving an updating result of the shared file information returned by the client;
determining an updating mode corresponding to the updating result according to the updating result;
and performing operation processing according to the updating mode corresponding to the updating result.
It should be noted that the update result may be a status code, and the status code may reflect the update result of the shared file information and the reason of the failure when the update result is a failure, for example, a status code of 200 indicates that the update of the audit log is successful, an error may occur in some parameters if the status code is 500, which may cause the update of the shared file information to fail, and an update failure of the shared file information if the status code is 401.
In this embodiment, if the client successfully updates the shared file information, the client may return an update result of the shared file information (i.e., successful update) to the shared file device, so that after the shared file device receives the update result of the shared file information returned by the client, according to the update result, it may be determined that an update manner corresponding to the update result is: recording a success result, and waiting for next execution; and the shared file device can perform operation processing according to the updating mode corresponding to the updating result.
After the client fails to update the shared file information, the client can return an update result (namely, update failure) of the shared file information to the shared file device, so that after the shared file device receives the update result of the shared file information returned by the client, the update mode corresponding to the update result can be determined as a recording failure result according to the update result, an error prompt is returned to the shared file device, the result is fed back, and the execution plan is terminated to wait for next re-execution; and the shared file device can perform operation processing according to the updating mode corresponding to the updating result.
It should be noted that the active feedback of the client will prompt when the refresh function is actively executed, and the relevant state will not be actively prompted in the background automatic running process.
Therefore, after the client fails to update the shared file information, the shared file device can be conveniently notified, and the shared file device can give a failure prompt to the user and notify the reason, so that the user experience is improved.
Fig. 2 shows a specific embodiment of the adding apparatus for shared files according to the present application. The apparatus of this embodiment is a physical apparatus for executing the method of the above embodiment. The technical solution is essentially the same as that in the above embodiment, and the corresponding description in the above embodiment is also applicable to this embodiment. In this embodiment, the device for adding a shared file is applied to a shared file device, and the device for adding a shared file includes:
a response unit 201, configured to generate a shared information reading instruction and an added information reading instruction in response to a shared file adding operation, and send user login information to a client and a storage device respectively to obtain a security authentication credential returned by the client and a security access credential returned by the storage device;
a sending unit 202, configured to send the data reading instruction and the security access credential to the storage device, so as to obtain shared device information returned by the storage device;
the sending unit 202 is further configured to send the addition information reading instruction and the security authentication credential to the client, so as to obtain information of the device to be shared, where the information is returned by the client;
a generating unit 203, configured to generate shared file information according to the shared device information and the to-be-shared device information;
the sending unit 202 is further configured to send the shared file information and the security authentication credential to the client, so that the client updates the shared file according to the shared file information.
Optionally, the response unit 201 is specifically configured to:
sending the user login information to the client, and if the user login information passes the verification of the client, acquiring a security authentication credential returned by the client;
and sending the user login information to the storage equipment, and if the user login information passes the verification of the storage equipment, acquiring a security access credential returned by the client.
Optionally, the shared device information includes existing shared files and sequence identifiers respectively corresponding to the shared files; the information of the equipment to be shared comprises files to be shared; the generating unit 203 is specifically configured to:
determining sequence identifications corresponding to the files to be shared according to the sequence identifications respectively corresponding to the existing shared files;
and generating shared file information according to the shared device information, the to-be-shared device information and the sequence identification corresponding to the to-be-shared file.
Optionally, the apparatus further includes a verification unit, configured to:
verifying the security authentication credentials;
if the security authentication certificate passes the verification, establishing communication connection with the client;
and if the security authentication certificate is not verified, disconnecting the communication connection with the client.
Optionally, the verification unit is further configured to:
verifying the security access credential;
if the security access certificate passes the verification, establishing communication connection with the storage equipment;
and if the security access certificate is not verified, disconnecting the communication connection with the storage equipment.
Optionally, the apparatus further comprises a conversion unit for:
and performing format conversion on the shared device information to obtain the shared device information after format conversion, wherein the format corresponding to the shared device information after format conversion is a data format which can be processed by the client.
Optionally, the verification unit is further configured to:
sending the security authentication credential to the client to verify whether the security authentication credential is valid;
receiving a verification result returned by the client;
and if the verification result is that the safety authentication certificate is valid, executing the step of sending the adding information reading instruction and the safety authentication certificate to the client.
Optionally, the apparatus further includes an updating unit, configured to:
receiving an updating result of the shared file information returned by the client;
determining an updating mode corresponding to the updating result according to the updating result;
and performing operation processing according to the updating mode corresponding to the updating result.
Optionally, the client is a data mining (DI) client.
Fig. 3 is a schematic structural diagram of an electronic device according to an embodiment of the present application. On the hardware level, the electronic device comprises a processor and optionally an internal bus, a network interface and a memory. The Memory may include a Memory, such as a Random-Access Memory (RAM), and may further include a non-volatile Memory, such as at least 1 disk Memory. Of course, the electronic device may also include hardware required for other services.
The processor, the network interface, and the memory may be connected to each other via an internal bus, which may be an ISA (Industry Standard Architecture) bus, a PCI (Peripheral Component Interconnect) bus, an EISA (Extended Industry Standard Architecture) bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one double-headed arrow is shown in FIG. 3, but this does not indicate only one bus or one type of bus.
And the memory is used for storing the execution instruction. In particular, a computer program that can be executed by executing instructions. The memory may include both memory and non-volatile storage and provides execution instructions and data to the processor.
In a possible implementation manner, the processor reads the corresponding execution instruction from the nonvolatile memory to the memory and then runs the execution instruction, and may also obtain the corresponding execution instruction from other devices, so as to form the adding method apparatus of the shared file on a logical level. The processor executes the execution instructions stored in the memory, so that the method for adding the shared file provided by any embodiment of the application is realized through the executed execution instructions.
The method executed by the device for adding the shared file according to the embodiment shown in fig. 1 of the present application may be applied to a processor, or may be implemented by the processor. The processor may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware in a processor or instructions in the form of software. The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components. The various methods, steps, and logic blocks disclosed in the embodiments of the present application may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The steps of the method disclosed in connection with the embodiments of the present application may be directly implemented by a hardware decoding processor, or implemented by a combination of hardware and software modules in the decoding processor. The software module may be located in ram, flash memory, rom, prom, or eprom, registers, etc. storage media as is well known in the art. The storage medium is located in a memory, and a processor reads information in the memory and completes the steps of the method in combination with hardware of the processor.
The embodiment of the present application further provides a readable storage medium, where the readable storage medium stores an execution instruction, and when the stored execution instruction is executed by a processor of an electronic device, the electronic device can be caused to execute the method for adding a shared file provided in any embodiment of the present application, and is specifically configured to execute the method for adding a shared file.
The electronic device described in the foregoing embodiments may be a computer.
It will be apparent to those skilled in the art that embodiments of the present application may be provided as a method or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects.
The embodiments in the present application are described in a progressive manner, and the same and similar parts among the embodiments can be referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, as for the apparatus embodiment, since it is substantially similar to the method embodiment, the description is relatively simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, the use of the phrase "comprising a. -. said" to define an element does not exclude the presence of other like elements in the process, method, article, or apparatus that comprises the element.
The above description is only an example of the present application and is not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.

Claims (10)

1. An adding method of a shared file is applied to a shared file device, and the method comprises the following steps:
responding to the addition operation of the shared file, generating a shared information reading instruction and an added information reading instruction, and respectively sending user login information to a client and a storage device to obtain a security authentication certificate returned by the client and a security access certificate returned by the storage device;
sending the data reading instruction and the security access certificate to the storage device to acquire shared device information returned by the storage device;
sending the adding information reading instruction and the security authentication certificate to the client to acquire the information of the equipment to be shared, which is returned by the client;
generating shared file information according to the shared device information and the to-be-shared device information;
and sending the shared file information and the security authentication voucher to the client so that the client updates the shared file according to the shared file information.
2. The method according to claim 1, wherein the sending user login information to a client and a storage device respectively to obtain a security authentication credential returned by the client and a security access credential returned by the storage device comprises:
sending the user login information to the client, and if the user login information passes the verification of the client, acquiring a security authentication credential returned by the client;
and sending the user login information to the storage equipment, and if the user login information passes the verification of the storage equipment, acquiring a security access credential returned by the client.
3. The method according to claim 1, wherein the shared device information includes existing shared files and sequence identifiers corresponding to the shared files respectively; the information of the equipment to be shared comprises files to be shared; generating shared file information according to the shared device information and the to-be-shared device information, including:
determining sequence identifications corresponding to the files to be shared according to the sequence identifications respectively corresponding to the existing shared files;
and generating shared file information according to the shared device information, the to-be-shared device information and the sequence identification corresponding to the to-be-shared file.
4. The method according to any one of claims 1-3, wherein after the step of obtaining the security authentication credential returned by the client and the security access credential returned by the storage device, the method further comprises:
verifying the security authentication credentials;
if the security authentication certificate passes the verification, establishing communication connection with the client;
and if the security authentication certificate is not verified, disconnecting the communication connection with the client.
5. The method according to any one of claims 1-3, wherein after the step of obtaining the security authentication credential returned by the client and the security access credential returned by the storage device, the method further comprises:
verifying the security access credential;
if the security access certificate passes the verification, establishing communication connection with the storage equipment;
and if the security access certificate is not verified, disconnecting the communication connection with the storage equipment.
6. The method according to claim 3, wherein after generating shared file information according to the sequence identifier corresponding to the shared device information, the to-be-shared device information, and the to-be-shared file, the method further comprises:
and performing format conversion on the shared device information to obtain the shared device information after format conversion, wherein the format corresponding to the shared device information after format conversion is a data format which can be processed by the client.
7. The method according to any one of claims 1 to 3, wherein before the sending the adding information reading instruction and the security authentication credential to the client to obtain the device to be shared information returned by the client, the method further comprises:
sending the security authentication credential to the client to verify whether the security authentication credential is valid;
receiving a verification result returned by the client;
and if the verification result is that the safety authentication certificate is valid, executing the step of sending the adding information reading instruction and the safety authentication certificate to the client.
8. The method according to any one of claims 1-3, wherein after the sending the shared file information and the security authentication credential to the client to enable the client to perform shared file update according to the shared file information, the method further comprises:
receiving an updating result of the shared file information returned by the client;
determining an updating mode corresponding to the updating result according to the updating result;
and performing operation processing according to the updating mode corresponding to the updating result.
9. The method of any of claims 1-3, wherein the client is a data mining (DI) client.
10. An adding device of a shared file, which is applied to a shared file device, the adding device of the shared file comprises:
the response unit is used for responding to the shared file adding operation, generating a shared information reading instruction and an added information reading instruction, and respectively sending user login information to the client and the storage equipment to obtain a security authentication certificate returned by the client and a security access certificate returned by the storage equipment;
a sending unit, configured to send the data reading instruction and the security access credential to the storage device, so as to obtain shared device information returned by the storage device;
the sending unit is further configured to send the addition information reading instruction and the security authentication credential to the client to obtain information of the device to be shared, where the information is returned by the client;
the generating unit is used for generating shared file information according to the shared device information and the to-be-shared device information;
the sending unit is further configured to send the shared file information and the security authentication credential to the client, so that the client updates the shared file according to the shared file information.
CN202110010190.5A 2021-01-04 2021-01-04 Shared file adding method and device Active CN112597118B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110010190.5A CN112597118B (en) 2021-01-04 2021-01-04 Shared file adding method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110010190.5A CN112597118B (en) 2021-01-04 2021-01-04 Shared file adding method and device

Publications (2)

Publication Number Publication Date
CN112597118A true CN112597118A (en) 2021-04-02
CN112597118B CN112597118B (en) 2024-03-29

Family

ID=75207463

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110010190.5A Active CN112597118B (en) 2021-01-04 2021-01-04 Shared file adding method and device

Country Status (1)

Country Link
CN (1) CN112597118B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115442332A (en) * 2022-08-30 2022-12-06 潍柴动力股份有限公司 Resource sharing method and device, electronic equipment and storage medium

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101841537A (en) * 2010-04-13 2010-09-22 北京时代亿信科技有限公司 Method and system for realizing file sharing access control based on protocol proxy
CN101877650A (en) * 2010-05-20 2010-11-03 中兴通讯股份有限公司 Method and system for updating software version automatically
CN102480494A (en) * 2010-11-23 2012-05-30 金蝶软件(中国)有限公司 File updating method, device and system
CN102882985A (en) * 2012-10-23 2013-01-16 上海够快网络科技有限公司 File sharing method based on cloud storage
US9805115B1 (en) * 2014-03-13 2017-10-31 Symantec Corporation Systems and methods for updating generic file-classification definitions
CN107682453A (en) * 2017-11-02 2018-02-09 郑州云海信息技术有限公司 A kind of file sharing method based on HTTP, system and equipment
WO2018085870A1 (en) * 2016-11-09 2018-05-17 Ait Austrian Institute Of Technology Gmbh Method for exchanging data fields of certified documents
CN111880874A (en) * 2020-07-13 2020-11-03 腾讯科技(深圳)有限公司 Media file sharing method, device and equipment and computer readable storage medium

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101841537A (en) * 2010-04-13 2010-09-22 北京时代亿信科技有限公司 Method and system for realizing file sharing access control based on protocol proxy
CN101877650A (en) * 2010-05-20 2010-11-03 中兴通讯股份有限公司 Method and system for updating software version automatically
CN102480494A (en) * 2010-11-23 2012-05-30 金蝶软件(中国)有限公司 File updating method, device and system
CN102882985A (en) * 2012-10-23 2013-01-16 上海够快网络科技有限公司 File sharing method based on cloud storage
US9805115B1 (en) * 2014-03-13 2017-10-31 Symantec Corporation Systems and methods for updating generic file-classification definitions
WO2018085870A1 (en) * 2016-11-09 2018-05-17 Ait Austrian Institute Of Technology Gmbh Method for exchanging data fields of certified documents
CN107682453A (en) * 2017-11-02 2018-02-09 郑州云海信息技术有限公司 A kind of file sharing method based on HTTP, system and equipment
CN111880874A (en) * 2020-07-13 2020-11-03 腾讯科技(深圳)有限公司 Media file sharing method, device and equipment and computer readable storage medium

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
A.LEVINE等: "WebDava:an administrator-free approach to web file-sharing", 《WET ICE 2003.PROCEEDING.TWELFTH IEEE INTERNATIONAL WORKSHOPS ON ENABLING TECHNOLOGIES》, 15 September 2003 (2003-09-15), pages 1 - 2 *
谷宁静: "基于区块链的电子政务数据共享设计研究", 《信息安全与通信保密》, no. 4, 10 April 2020 (2020-04-10), pages 91 - 87 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115442332A (en) * 2022-08-30 2022-12-06 潍柴动力股份有限公司 Resource sharing method and device, electronic equipment and storage medium
CN115442332B (en) * 2022-08-30 2023-06-23 潍柴动力股份有限公司 Resource sharing method and device, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN112597118B (en) 2024-03-29

Similar Documents

Publication Publication Date Title
CN111935094B (en) Database access method, device, system and computer readable storage medium
CN111556006B (en) Third-party application system login method, device, terminal and SSO service platform
US9923906B2 (en) System, method and computer program product for access authentication
CN109547458B (en) Login verification method and device, computer equipment and storage medium
WO2015143855A1 (en) Method, apparatus and system for accessing data resources
CN112434054A (en) Audit log updating method and device
CN108259457B (en) WEB authentication method and device
CN101426009A (en) Identity management platform, service server, uniform login system and method
CN111062023B (en) Method and device for realizing single sign-on of multi-application system
CN111698250A (en) Access request processing method and device, electronic equipment and computer storage medium
CN108259502A (en) For obtaining the identification method of interface access rights, server-side and storage medium
CN111818088A (en) Authorization mode management method and device, computer equipment and readable storage medium
CN113360868A (en) Application program login method and device, computer equipment and storage medium
CN112860778A (en) Database management method, device, equipment and medium for desktop application program
CN115022047B (en) Account login method and device based on multi-cloud gateway, computer equipment and medium
CN112887284A (en) Access authentication method and device
CN108234122B (en) Token checking method and device
RU2638779C1 (en) Method and server for executing authorization of application on electronic device
CN112929388B (en) Network identity cross-device application rapid authentication method and system, and user agent device
CN114430340A (en) Cross-domain single sign-on method, device and equipment
CN113901429A (en) Access method and device of multi-tenant system
CN112597118A (en) Method and device for adding shared file
CN112966242A (en) User name and password authentication method, device and equipment and readable storage medium
CN114915500B (en) Self-media account management method and device based on PC desktop client
CN116015824A (en) Unified authentication method, equipment and medium for platform

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant