CN113901524B - Method, device and storage medium for dynamically adjusting authority through link - Google Patents

Method, device and storage medium for dynamically adjusting authority through link Download PDF

Info

Publication number
CN113901524B
CN113901524B CN202111494480.8A CN202111494480A CN113901524B CN 113901524 B CN113901524 B CN 113901524B CN 202111494480 A CN202111494480 A CN 202111494480A CN 113901524 B CN113901524 B CN 113901524B
Authority
CN
China
Prior art keywords
link
authority
password
receiving
instruction
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202111494480.8A
Other languages
Chinese (zh)
Other versions
CN113901524A (en
Inventor
陈雄
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tianjin Lenovo Collaboration Technology Inc
Original Assignee
Tianjin Lenovo Collaboration Technology Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tianjin Lenovo Collaboration Technology Inc filed Critical Tianjin Lenovo Collaboration Technology Inc
Priority to CN202111494480.8A priority Critical patent/CN113901524B/en
Publication of CN113901524A publication Critical patent/CN113901524A/en
Application granted granted Critical
Publication of CN113901524B publication Critical patent/CN113901524B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2137Time limited access, e.g. to a computer or data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Automation & Control Theory (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)
  • Document Processing Apparatus (AREA)

Abstract

The invention provides a method, a device and a storage medium for dynamically adjusting authority through a link, which are used for receiving a link establishing instruction of a creator, wherein the link establishing instruction comprises authority adjusting information and a password for unlocking authority adjustment; generating a link for authority adjustment according to the link establishing instruction, and sending the link to the adjusted person; receiving the action of the adjusted person for accessing the link, providing the action to the link page of the adjusted person and receiving the password of the adjusted person on the link page; and adjusting the unlocking authority according to the password. According to the invention, the operation of batch permission adjustment is carried out through the link and the password, so that the tedious operation of adjusting the user permission one by one is avoided, the efficiency is improved, and the possibility that an irrelevant user clicks the link by mistake to obtain the permission is avoided.

Description

Method, device and storage medium for dynamically adjusting authority through link
Technical Field
The invention belongs to the technical field of network disks, and particularly relates to a method, a device and a storage medium for dynamically adjusting authority through links.
Background
In the network disk system, the adjustment of the authority of the user (including the giving of the authority, the releasing of the authority, and the like) is a very important operation, each user is given a certain authority one by one through the authority setting interface of the network disk system, and when the authority of the user changes, the authority of the user is also adjusted in the authority setting interface.
The operations are conventional operations aiming at user permissions under normal conditions, but when batch authorization is carried out under certain special scenes, for example, the same permission needs to be given to a batch of users, and the permission of the batch of users is removed after a certain time, if the user permissions are adjusted one by one according to a conventional method, the operation is very complicated, and the efficiency is low; for example, different authorities need to be given to a batch of users respectively, and the user authorities are adjusted one by one according to a conventional method, so that the operation is complicated, the efficiency is low, and errors are easy to generate.
Disclosure of Invention
The invention aims to provide a method, a device and a storage medium for dynamically adjusting authority through linking, which simplify the operation of batch authority adjustment, improve the efficiency and avoid errors.
In order to achieve the purpose, the technical scheme of the invention is realized as follows:
a method of dynamically adjusting permissions through links, comprising: receiving a link establishing instruction of a creator, wherein the link establishing instruction comprises authority adjustment information and a password for unlocking authority adjustment; generating a link for authority adjustment according to the link establishing instruction, and sending the link to the adjusted person; receiving the action of the adjusted person for accessing the link, providing the action to the link page of the adjusted person and receiving the password of the adjusted person on the link page; and adjusting the unlocking authority according to the password.
Further, the link creation instruction further includes aging information for setting an effective period of the link; after receiving the action of the adjusted person for accessing the link, judging the validity period of the link.
Furthermore, the password is one of a mouse gesture, a touch gesture, a character, a picture and a file.
Furthermore, the authority adjustment information in the link creation instruction is multiple, the password is multiple, and each authority adjustment information corresponds to a different password.
Furthermore, the password comprises one or more of mouse gestures, touch gestures, characters, pictures and files, and each password comprises one or more different passwords.
The present invention further provides an apparatus for dynamically adjusting permissions through links, including:
the system comprises a receiving instruction module, a link establishing instruction module and a password module, wherein the receiving instruction module is used for receiving a link establishing instruction of a creator, and the link establishing instruction comprises authority adjustment information and a password for unlocking authority adjustment;
the link generation module is used for generating a link for authority adjustment according to the link creation instruction and sending the link to the adjusted person;
the secret order receiving module is used for receiving the action of the adjusted person for accessing the link, providing the action for the adjusted person to link the page and receiving the secret order of the adjusted person on the link page;
and the authority adjusting module is used for adjusting the unlocking authority according to the password.
Further, in the instruction receiving module, the link creation instruction of the creator further includes time efficiency information for setting a validity period of the link; after receiving the action of the adjusted person for accessing the link, judging the validity period of the link.
Furthermore, in the instruction receiving module, the link creation instruction of the creator includes multiple types of permission adjustment information and multiple types of password, and each type of permission adjustment information corresponds to a different password.
Furthermore, the password comprises one or more of mouse gestures, touch gestures, characters, pictures and files, and each password comprises one or more different passwords.
The present invention also provides a computer-readable storage medium storing a computer program for executing the above-mentioned method of dynamically adjusting permissions through links.
Compared with the prior art, the invention has the following beneficial effects:
1. according to the invention, the operations such as batch authorization, batch permission relief and the like are carried out through the link and the password, so that the complicated operation of adjusting the user permission one by one is avoided, the efficiency is improved, and the possibility that an irrelevant user clicks the link by mistake to obtain the permission is avoided;
2. according to the invention, through the setting of the aging information, the validity period of the link is limited, and the condition that the operation of the adjustment authority is always existed due to the long-term existence of the link and is utilized as a loophole without worry or with the worry is avoided;
3. according to the invention, different authority adjustment information corresponds to different passwords, different authorities can be respectively given to different users through one link, the working efficiency is improved, and misoperation is avoided.
Drawings
Fig. 1 is a schematic flowchart of a method for dynamically adjusting permissions through links according to an embodiment of the present invention;
fig. 2 is a flowchart illustrating a method for dynamically adjusting permissions through links according to a second embodiment of the present invention;
fig. 3 is a schematic flowchart of a method for dynamically adjusting permissions through links according to a third embodiment of the present invention;
fig. 4 is a schematic structural diagram of an apparatus for dynamically adjusting permissions through links according to a fourth embodiment of the present invention.
Detailed Description
It should be noted that the embodiments and features of the embodiments may be combined with each other without conflict.
The present invention will be described in detail below with reference to the embodiments with reference to the attached drawings.
The first embodiment is as follows:
the first embodiment of the present invention mainly deals with the situation that the same permission adjustment is performed on batch users in the network disk system, for example, when a manager needs to grant the same permission to a plurality of users at the same time and subsequently remove the same permission from the users in the network disk system, the method of the first embodiment may be applied to quickly implement the batch permission adjustment in a link manner.
The method of the first embodiment of the present invention is applied to a server side of a network disk, and specifically includes, as shown in fig. 1:
s1, receiving a link creating instruction of a creator, wherein the link creating instruction comprises authority adjustment information and a password for unlocking authority adjustment;
the creator is a manager who wants to perform the authority adjustment, the creator sends a link creation instruction to the network disk system, and the authority adjustment is performed in a link sharing mode, wherein the instruction includes the authority adjustment information to be achieved.
The authority adjustment information refers to the network disk data and an authority list thereof, the network disk data is data such as files, folders, logs, organizational structures and the like of the network disk, the authority adjustment information can be identified by using metadata id of the data, the authority list comprises all authority items such as checking, editing and deleting, and assignment of the authority items indicates whether the authority is available.
The permission adjustment information is included in the link content to be created, and all users who click the link can obtain the permissions, such as log viewing permission, team management permission, file editing permission and the like, in the permission list of the network disk data contained in the permission adjustment information.
In order to avoid that an irrelevant user (a user not in the authority adjustment list) mistakenly clicks the link after learning the link so as to obtain authority adjustment, the invention also sets a mode of carrying out authority adjustment unlocking through a secret password.
The creator sets an encrypted password for unlocking the authority adjustment in the link creation instruction besides the authority adjustment information, and clicks the user of the link to obtain the authority adjustment only if the encrypted password is input.
For the sake of security, the password in this embodiment does not adopt a simple password form, but adopts one of a mouse gesture, a touch gesture, a text, a picture, and a file. The mouse gesture is a mouse gesture and/or a touch gesture set for a user at a PC end, the touch gesture is a user at a mobile end, the mouse gesture and/or the touch gesture can be a simple line graph provided by a creator, such as a circle or a square, a W-shape and the like, a more complex graph can be set, and the password can be considered to be correct as long as the mouse gesture or the touch gesture is similar to the graph; the characters, pictures and files are also used as passwords which are set by the creator, and the password can be considered to be correct as long as the characters, pictures and files with the same content are provided by clicking the linker.
S2, generating a link for authority adjustment according to the link creation instruction, and sending the link to the person to be adjusted;
after receiving a link establishing instruction which contains authority adjustment information and password and is provided by a creator, a network disk system generates a link, and sends a notification of changing authority of a manager to the group of users, namely the adjusted people, in a mode of work group, mail and the like according to user information which is provided by the creator and needs to adjust the authority, wherein the link and the password are sent separately, for example, the link and the password are sent twice in the same mode, and the link and the password are sent respectively, or the link and the password are sent in one mode in different modes; the system can not send the information to the irrelevant user, and the irrelevant user can not acquire the password information at the same time even if the irrelevant user unintentionally acquires the link information.
S3, receiving the action of the adjusted person accessing the link, providing the action to the adjusted person link page and receiving the password of the adjusted person on the link page;
after receiving the notice, the regulated person clicks the link to access according to the requirement of the manager; the method comprises the steps that after receiving an action of accessing a link by an adjusted person, a network disk system pops up a page to the adjusted person, an area for inputting secret codes is provided in the page for the adjusted person to input the secret codes, the adjusted person inputs according to the obtained secret codes, for example, corresponding characters are input in the area, or corresponding pictures or files are dragged in, or a mouse gesture graph is drawn on a PC end screen by a mouse, a touch gesture graph is drawn on a mobile end touch screen by fingers, and the like.
And S4, adjusting the unlocking authority according to the password.
After receiving the password input by the adjusted person, the network disk system judges whether the password meets the password set by the creator, the judgment on characters, pictures and files is simple, and the network disk system can directly judge through comparison; for the judgment of the mouse gesture and the touch gesture, various modes can be adopted, for example, an image drawn by the mouse gesture or the touch gesture is obtained, the image is subjected to graying, binarization and denoising in sequence, then pixel dot matrix images are obtained through normalization, a characteristic vector is extracted, the characteristic vector can be input into a neural network so as to obtain a recognized pattern, and the recognized pattern is compared with a password pattern set by a creator; or a coordinate system of the moving position of the mouse or the finger can be established in the password input area, the current position is taken as the origin, the left and right moving direction is taken as the X axis, and the up and down moving direction is taken as the Y axis; obtaining the coordinates of the movement of the mouse or the finger, calculating the distance and the path, and comparing and judging the distance and the path with the graph set by the creator through a certain algorithm.
And if the password input is not correct, the network disk system prompts an error and terminates the access of the regulated person. If the password is judged to be correct, the network disk system adjusts the authority of the adjusted person according to the authority adjustment information set by the creator.
After all the adjusted persons obtain the authority adjustment by clicking the link to input the password, the purpose of the manager is achieved, the tedious operation of adjusting the user authority one by one is avoided, the efficiency is improved, and the possibility that the unrelated user mistakenly clicks the link to obtain the authority is avoided.
Example two:
the second embodiment is further optimized on the basis of the first embodiment, and mainly deals with the situation that multiple different permissions of batch users are adjusted in the network disk system, for example, in the network disk system, when a manager needs to adjust the permissions of multiple users at the same time, one part of the users need to grant a certain permission, another part of the users need to grant another permission, another part of the users need to release a certain permission, and the like, the method of the second embodiment can be applied, and batch adjustment of multiple permissions can be quickly realized through a link mode.
The method of the second embodiment of the present invention is shown in fig. 2, and specifically includes:
s1-1, receiving a link creating instruction of a creator, wherein the link creating instruction comprises authority adjustment information and a password for unlocking authority adjustment; the authority adjustment information in the link creation instruction is multiple, the password is multiple, and each authority adjustment information corresponds to a different password;
the creator is a manager who wants to perform the authority adjustment, the creator sends a link creation instruction to the network disk system, and the authority adjustment is performed in a link sharing mode, wherein the instruction includes the authority adjustment information to be achieved.
The authority adjustment information refers to the network disk data and an authority list thereof, the network disk data is data such as files, folders, logs, organizational structures and the like of the network disk, the authority adjustment information can be identified by using metadata id of the data, the authority list comprises all authority items such as checking, editing and deleting, and assignment of the authority items indicates whether the authority is available.
The permission adjustment information is included in the link content to be created, and all users who click the link can obtain the permissions, such as log viewing permission, team management permission, file editing permission and the like, in the permission list of the network disk data contained in the permission adjustment information.
In order to avoid that an irrelevant user (a user not in the authority adjustment list) mistakenly clicks the link after learning the link so as to obtain authority adjustment, the invention also sets a mode of carrying out authority adjustment unlocking through a secret password.
The creator sets an encrypted password for unlocking the authority adjustment in the link creation instruction besides the authority adjustment information, clicks a user of the link, and can obtain the authority adjustment only if the encrypted password is input; in this embodiment, the permission adjustment information is multiple, and each permission adjustment information corresponds to a different secret code; and the user can obtain the authority adjustment corresponding to the password by inputting which password.
For safety, all passwords in this embodiment do not adopt a simple password form, but adopt one or more of a mouse gesture, a touch gesture, characters, pictures and files, where each password adopted is one or more, for example, a mouse gesture password one corresponds to a file viewing permission to be granted by a first part of users, a mouse gesture password two corresponds to a folder permission to be granted by a second part of users, a character password one corresponds to a management permission to be released by a third part of users, a character password two corresponds to a file editing permission to be released by a fourth part of users, a picture password one corresponds to a log viewing permission to be released by a fifth part of users, and the like.
For the secret password, the mouse gesture is for a user at the PC end, the touch gesture is for a user at the mobile end, the set mouse gesture and/or touch gesture can be a simple line graph provided by a creator, such as a circle or a square, or a W-shape, etc., or a more complex graph can be set, and the secret password can be considered to be correct as long as a similar graph is made by the mouse gesture or touch gesture; the characters, pictures and files are also used as secret passwords which are set by a creator, and the secret passwords can be considered to be correct as long as the characters, pictures and files with the same contents are provided by clicking a linker;
s2, generating a link for authority adjustment according to the link creation instruction, and sending the link to the person to be adjusted;
after receiving a link establishing instruction which contains authority adjustment information and password and is provided by a creator, a network disk system generates a link, and sends a notification of changing authority of a manager to the group of users, namely the adjusted people, in a mode of work group, mail and the like according to user information which is provided by the creator and needs to adjust the authority, wherein the link and the password are sent separately, for example, the link and the password are sent twice in the same mode, and the link and the password are sent respectively, or the link and the password are sent in one mode in different modes; the system can not send the information to the irrelevant user, and the irrelevant user can not acquire the password information at the same time even if the irrelevant user unintentionally acquires the link information; when sending, the linked notice content is the same, but for the secret password, the corresponding secret password is sent according to the authority which needs to be adjusted by the adjusted person;
s3, receiving the action of the adjusted person accessing the link, providing the action to the adjusted person link page and receiving the password of the adjusted person on the link page;
after receiving the notice, the regulated person clicks the link to access according to the requirement of the manager; the method comprises the steps that after receiving an action of accessing a link by an adjusted person, a network disk system pops up a page to the adjusted person, an area for inputting secret codes is provided in the page for the adjusted person to input the secret codes, the adjusted person inputs according to the obtained secret codes, for example, corresponding characters are input in the area, or corresponding pictures or files are dragged in, or a mouse gesture graph is drawn on a PC end screen by a mouse, a touch gesture graph is drawn on a mobile end touch screen by fingers, and the like.
And S4, adjusting the unlocking authority according to the password.
After receiving the password input by the adjusted person, the network disk system judges whether the password meets the password set by the creator, the judgment on characters, pictures and files is simple, and the network disk system can directly judge through comparison; for the judgment of the mouse gesture and the touch gesture, various modes can be adopted, for example, an image drawn by the mouse gesture or the touch gesture is obtained, the image is subjected to graying, binarization and denoising in sequence, then pixel dot matrix images are obtained through normalization, a characteristic vector is extracted, the characteristic vector can be input into a neural network so as to obtain a recognized pattern, and the recognized pattern is compared with a password pattern set by a creator; or a coordinate system of the moving position of the mouse or the finger can be established in the password input area, the current position is taken as the origin, the left and right moving direction is taken as the X axis, and the up and down moving direction is taken as the Y axis; obtaining the coordinates of the movement of the mouse or the finger, calculating the distance and the path, and comparing and judging the distance and the path with the graph set by the creator through a certain algorithm.
And if the password input is not correct, the network disk system prompts an error and terminates the access of the regulated person. If the password is judged to be input correctly, the network disk system adjusts the authority of the adjusted person according to the authority adjustment information which is set by the creator and corresponds to the password.
After all adjusted persons obtain the authority adjustment by clicking the link to input the password, the purpose of the manager is achieved, the tedious operation of adjusting the user authority one by one is avoided, different authorities can be respectively given to different users through one link, the working efficiency is improved, and misoperation is avoided.
Example three:
the third embodiment is further optimized on the basis of the first embodiment or the second embodiment, and after the permission of the batch users in the network disk system is mainly adjusted, if the links exist all the time, vulnerabilities are easily utilized; for example, the authority granted in batch temporarily through the link, and after the work is completed and the authority is released, the user can click the link to obtain the authority again.
As shown in fig. 3, the method of the third embodiment of the present invention specifically includes:
s1-2, receiving a link creating instruction of a creator, wherein the link creating instruction comprises authority adjustment information and a password for unlocking authority adjustment; the authority adjustment information in the link creation instruction is multiple, the password is multiple, and each authority adjustment information corresponds to a different password; the link creating instruction further comprises aging information used for setting the validity period of the link;
the creator is a manager who wants to perform the authority adjustment, the creator sends a link creation instruction to the network disk system, and the authority adjustment is performed in a link sharing mode, wherein the instruction includes the authority adjustment information to be achieved.
The authority adjustment information refers to the network disk data and an authority list thereof, the network disk data is data such as files, folders, logs, organizational structures and the like of the network disk, the authority adjustment information can be identified by using metadata id of the data, the authority list comprises all authority items such as checking, editing and deleting, and assignment of the authority items indicates whether the authority is available.
The permission adjustment information is included in the link content to be created, and all users who click the link can obtain the permissions, such as log viewing permission, team management permission, file editing permission and the like, in the permission list of the network disk data contained in the permission adjustment information.
In order to avoid that an irrelevant user (a user not in the authority adjustment list) mistakenly clicks the link after learning the link so as to obtain authority adjustment, the invention also sets a mode of carrying out authority adjustment unlocking through a secret password.
The creator sets an encrypted password for unlocking the authority adjustment in the link creation instruction besides the authority adjustment information, clicks a user of the link, and can obtain the authority adjustment only if the encrypted password is input; in this embodiment, the permission adjustment information is multiple, and each permission adjustment information corresponds to a different secret code; and the user can obtain the authority adjustment corresponding to the password by inputting which password.
For safety, all passwords in this embodiment do not adopt a simple password form, but adopt one or more of a mouse gesture, a touch gesture, characters, pictures and files, where each password adopted is one or more, for example, a mouse gesture password one corresponds to a file viewing permission to be granted by a first part of users, a mouse gesture password two corresponds to a folder permission to be granted by a second part of users, a character password one corresponds to a management permission to be released by a third part of users, a character password two corresponds to a file editing permission to be released by a fourth part of users, a picture password one corresponds to a log viewing permission to be released by a fifth part of users, and the like.
For the secret password, the mouse gesture is for a user at the PC end, the touch gesture is for a user at the mobile end, the set mouse gesture and/or touch gesture can be a simple line graph provided by a creator, such as a circle or a square, or a W-shape, etc., or a more complex graph can be set, and the secret password can be considered to be correct as long as a similar graph is made by the mouse gesture or touch gesture; the characters, pictures and files are also used as secret passwords which are set by a creator, and the secret passwords can be considered to be correct as long as the characters, pictures and files with the same contents are provided by clicking a linker;
s2, generating a link for authority adjustment according to the link creation instruction, and sending the link to the person to be adjusted;
after receiving a link establishing instruction which contains authority adjustment information and password and is provided by a creator, a network disk system generates a link, and sends a notification of changing authority of a manager to the group of users, namely the adjusted people, in a mode of work group, mail and the like according to user information which is provided by the creator and needs to adjust the authority, wherein the link and the password are sent separately, for example, the link and the password are sent twice in the same mode, and the link and the password are sent respectively, or the link and the password are sent in one mode in different modes; the system can not send the information to the irrelevant user, and the irrelevant user can not acquire the password information at the same time even if the irrelevant user unintentionally acquires the link information; when sending, the linked notice content is the same, but for the secret password, the corresponding secret password is sent according to the authority which needs to be adjusted by the adjusted person;
s3-1, receiving the action of the adjusted person to access the link, firstly judging the validity period of the link, providing the link page for the adjusted person in the validity period and receiving the password of the adjusted person in the link page;
after receiving the notice, the regulated person clicks the link to access according to the requirement of the manager; after receiving the action of accessing the link by the adjusted person, the network disk system judges the validity period of the link first, so that the problem caused by the long-term existence of the link can be avoided; if the link is in the validity period, a page is popped up to the adjusted person, an area for inputting the password is provided in the page for the adjusted person to input the password, the adjusted person inputs according to the acquired password, for example, corresponding characters are input in the area, or corresponding pictures or files are dragged in, or a mouse gesture graph is drawn on a PC end screen by using a mouse, a touch gesture graph is drawn on a mobile end touch screen by using fingers, and the like.
And S4, adjusting the unlocking authority according to the password.
After receiving the password input by the adjusted person, the network disk system judges whether the password meets the password set by the creator, the judgment on characters, pictures and files is simple, and the network disk system can directly judge through comparison; for the judgment of the mouse gesture and the touch gesture, various modes can be adopted, for example, an image drawn by the mouse gesture or the touch gesture is obtained, the image is subjected to graying, binarization and denoising in sequence, then pixel dot matrix images are obtained through normalization, a characteristic vector is extracted, the characteristic vector can be input into a neural network so as to obtain a recognized pattern, and the recognized pattern is compared with a password pattern set by a creator; or a coordinate system of the moving position of the mouse or the finger can be established in the password input area, the current position is taken as the origin, the left and right moving direction is taken as the X axis, and the up and down moving direction is taken as the Y axis; obtaining the coordinates of the movement of the mouse or the finger, calculating the distance and the path, and comparing and judging the distance and the path with the graph set by the creator through a certain algorithm.
And if the password input is not correct, the network disk system prompts an error and terminates the access of the regulated person. If the password is judged to be input correctly, the network disk system adjusts the authority of the adjusted person according to the authority adjustment information which is set by the creator and corresponds to the password.
After all adjusted persons obtain the authority adjustment by clicking the link to input the password, the purpose of the manager is achieved, the tedious operation of adjusting the user authority one by one is avoided, different authorities can be respectively given to different users through one link, the working efficiency is improved, and misoperation is avoided.
Example four:
an embodiment of the present invention provides an apparatus for dynamically adjusting permissions through links, as shown in fig. 4, including:
the system comprises a receiving instruction module, a link establishing instruction module and a password module, wherein the receiving instruction module is used for receiving a link establishing instruction of a creator, and the link establishing instruction comprises authority adjustment information and a password for unlocking authority adjustment;
the link generation module is used for generating a link for authority adjustment according to the link creation instruction and sending the link to the adjusted person;
the secret order receiving module is used for receiving the action of the adjusted person for accessing the link, providing the action for the adjusted person to link the page and receiving the secret order of the adjusted person on the link page;
and the authority adjusting module is used for adjusting the unlocking authority according to the password.
In the instruction receiving module, the link creation instruction of the creator further includes time efficiency information for setting the validity period of the link; after receiving the action of the adjusted person for accessing the link, the password receiving module judges the validity period of the link.
In addition, in the instruction receiving module, the link establishing instruction of the creator has multiple types of authority adjustment information and multiple types of password, and each type of authority adjustment information corresponds to one different password; after the password receiving module receives the password input by the adjusted person, the authority adjusting module adjusts the authority of the adjusted person according to the authority adjusting information which is set by the creator and corresponds to the password.
The device for dynamically adjusting the authority through the link, provided by the fourth embodiment of the invention, can execute the methods provided by the first to third embodiments of the invention, and has the corresponding functional modules and beneficial effects of the execution method.
Example five:
fifth, an embodiment of the present invention further provides a storage medium containing computer-executable instructions, which when executed by a computer processor, are configured to perform the method for dynamically adjusting permissions through links according to any of the first to third embodiments.
Computer storage media for embodiments of the invention may employ any combination of one or more computer-readable media. The computer readable medium may be a computer readable signal medium or a computer readable storage medium. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
A computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations for aspects of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
The above-described embodiments are merely exemplary embodiments of the present invention, which should not be construed as limiting the invention, and any modifications, equivalents, improvements, etc. made within the spirit of the present invention should be included in the scope of the present invention.

Claims (7)

1. A method for dynamically adjusting permissions through links, comprising: receiving a link establishing instruction of a creator, wherein the link establishing instruction comprises authority adjustment information and a password for unlocking authority adjustment; generating a link for authority adjustment according to the link establishing instruction, and sending the link to the adjusted person; receiving the action of the adjusted person for accessing the link, providing the action to the link page of the adjusted person and receiving the password of the adjusted person on the link page; adjusting the unlocking authority according to the password;
the authority adjustment information comprises network disk data and an authority list thereof, the metadata id of the network disk data is used as an identifier, the authority list comprises all authority items, and the authority items are assigned to indicate whether the authority is available;
the password is one of a mouse gesture, a touch gesture, a character, a picture and a file;
the authority adjustment information in the link creation instruction is multiple, the password is multiple, and each authority adjustment information corresponds to a different password.
2. The method of claim 1, wherein the link creation instruction further comprises aging information for setting an expiration date of the link; after receiving the action of the adjusted person for accessing the link, judging the validity period of the link.
3. The method for dynamically adjusting authority through links according to claim 1, wherein the password comprises one or more of mouse gestures, touch gestures, words, pictures and files, and each password comprises one or more different passwords.
4. An apparatus for dynamically adjusting permissions through links, comprising:
the system comprises a receiving instruction module, a link establishing instruction module and a password module, wherein the receiving instruction module is used for receiving a link establishing instruction of a creator, and the link establishing instruction comprises authority adjustment information and a password for unlocking authority adjustment; the authority adjustment information comprises network disk data and an authority list thereof, the metadata id of the network disk data is used as an identifier, the authority list comprises all authority items, and the authority items are assigned to indicate whether the authority is available; the password is one of a mouse gesture, a touch gesture, a character, a picture and a file;
the link generation module is used for generating a link for authority adjustment according to the link creation instruction and sending the link to the adjusted person;
the secret order receiving module is used for receiving the action of the adjusted person for accessing the link, providing the action for the adjusted person to link the page and receiving the secret order of the adjusted person on the link page;
the authority adjusting module is used for adjusting the unlocking authority according to the password;
in the instruction receiving module, the link establishing instruction of the creator has multiple types of authority adjustment information and multiple types of password, and each type of authority adjustment information corresponds to a different password.
5. The apparatus for dynamically adjusting privilege through link according to claim 4, wherein in the module for receiving instructions, the link creation instruction of the creator further includes aging information for setting the validity period of the link; after receiving the action of the adjusted person for accessing the link, judging the validity period of the link.
6. The apparatus for dynamically adjusting permissions according to claim 4, wherein the password comprises one or more of mouse gesture, touch gesture, text, picture and file, and each password comprises one or more different passwords.
7. A computer-readable storage medium, in which a computer program is stored, the computer program being adapted to perform the method for dynamically adjusting permissions through links of any of claims 1-3.
CN202111494480.8A 2021-12-09 2021-12-09 Method, device and storage medium for dynamically adjusting authority through link Active CN113901524B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111494480.8A CN113901524B (en) 2021-12-09 2021-12-09 Method, device and storage medium for dynamically adjusting authority through link

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111494480.8A CN113901524B (en) 2021-12-09 2021-12-09 Method, device and storage medium for dynamically adjusting authority through link

Publications (2)

Publication Number Publication Date
CN113901524A CN113901524A (en) 2022-01-07
CN113901524B true CN113901524B (en) 2022-03-15

Family

ID=79025852

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111494480.8A Active CN113901524B (en) 2021-12-09 2021-12-09 Method, device and storage medium for dynamically adjusting authority through link

Country Status (1)

Country Link
CN (1) CN113901524B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014173165A1 (en) * 2013-04-26 2014-10-30 小米科技有限责任公司 Method and system of sharing cloud data
CN104580364A (en) * 2014-12-01 2015-04-29 百度在线网络技术(北京)有限公司 Resource sharing method and device
CN107342966A (en) * 2016-04-29 2017-11-10 北京京东尚科信息技术有限公司 Authority credentials distribution method and device
CN108334755A (en) * 2018-03-30 2018-07-27 广东欧珀移动通信有限公司 Private space creation method and device, storage medium, electronic equipment
CN110336810A (en) * 2019-06-28 2019-10-15 华为技术有限公司 Information sharing method, platform and calculating equipment
CN110457890A (en) * 2019-07-15 2019-11-15 中国平安人寿保险股份有限公司 Right management method and device, electronic equipment and storage medium based on multisystem
CN111817944A (en) * 2020-05-28 2020-10-23 维沃移动通信有限公司 Picture sharing method and device and electronic equipment

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9378389B2 (en) * 2011-09-09 2016-06-28 Microsoft Technology Licensing, Llc Shared item account selection
KR101698558B1 (en) * 2015-05-08 2017-01-23 네이버 주식회사 Method and system for registering service the link in the content
CN110865983A (en) * 2019-09-27 2020-03-06 视联动力信息技术股份有限公司 File sharing method and device based on network disk link

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014173165A1 (en) * 2013-04-26 2014-10-30 小米科技有限责任公司 Method and system of sharing cloud data
CN104580364A (en) * 2014-12-01 2015-04-29 百度在线网络技术(北京)有限公司 Resource sharing method and device
CN107342966A (en) * 2016-04-29 2017-11-10 北京京东尚科信息技术有限公司 Authority credentials distribution method and device
CN108334755A (en) * 2018-03-30 2018-07-27 广东欧珀移动通信有限公司 Private space creation method and device, storage medium, electronic equipment
CN110336810A (en) * 2019-06-28 2019-10-15 华为技术有限公司 Information sharing method, platform and calculating equipment
CN110457890A (en) * 2019-07-15 2019-11-15 中国平安人寿保险股份有限公司 Right management method and device, electronic equipment and storage medium based on multisystem
CN111817944A (en) * 2020-05-28 2020-10-23 维沃移动通信有限公司 Picture sharing method and device and electronic equipment

Also Published As

Publication number Publication date
CN113901524A (en) 2022-01-07

Similar Documents

Publication Publication Date Title
US9860255B2 (en) Shareable content item links with use restrictions
US9542563B2 (en) Accessing protected content for archiving
US10616210B2 (en) Protection feature for data stored at storage service
US10547601B2 (en) System and method to allow third-party developer to debug code in customer environment
US10616240B2 (en) Protocols for accessing hosts
US20220286448A1 (en) Access to data stored in a cloud
US20060279761A1 (en) Approach for securely printing electronic documents
US20130061335A1 (en) Method, Apparatus, Computer Readable Media for a Storage Virtualization Middleware System
US11729158B2 (en) Systems and methods for identity verification via third party accounts
US20110219424A1 (en) Information protection using zones
US11677696B2 (en) Architecture for performing action in a third-party service by an email client
US20140173714A1 (en) Information processing apparatus, and lock execution method
US20140245375A1 (en) Document authority management system, terminal device, document authority management method, and computer-readable recording medium
US20200050744A1 (en) Authetication using features extracted based on cursor locations
US9276918B2 (en) Computer-readable medium, information processing device, information processing method and information processing system
CN104022876B (en) Method for authenticating user identity, equipment and system
CN113901524B (en) Method, device and storage medium for dynamically adjusting authority through link
US11671415B2 (en) Application module for creating an assured record of a user interaction
Jo et al. Vulnerability analysis on smartphone fingerprint templates
KR20200048011A (en) Document security systems using a biometrics module and Controlling Method for the Same
US20230205933A1 (en) Verification method, non-transitory computer-readable recording medium storing verification program, and information processing device
US11870805B2 (en) Systems and methods that perform filtering, linking, and rendering
Silverstein et al. Computer architectures for health care and biomedicine
CN114139127A (en) Authority management method of computer system
Barros et al. User Authentication to Provide a Secure Cloud Clipboard

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant