CN109657485B - Authority processing method and device, terminal equipment and storage medium - Google Patents
Authority processing method and device, terminal equipment and storage medium Download PDFInfo
- Publication number
- CN109657485B CN109657485B CN201811525855.0A CN201811525855A CN109657485B CN 109657485 B CN109657485 B CN 109657485B CN 201811525855 A CN201811525855 A CN 201811525855A CN 109657485 B CN109657485 B CN 109657485B
- Authority
- CN
- China
- Prior art keywords
- service
- request
- authority
- permission
- service request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Automation & Control Theory (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the application discloses a permission processing method, a permission processing device, terminal equipment and a storage medium, wherein the method comprises the following steps: when a service request sent by a request terminal is received, determining an authority configuration component corresponding to the request terminal from a first storage area; calling the permission configuration component to configure service permission for the service request; and returning the service authority to the request terminal as a request response. By the technical scheme, different service modules can acquire the corresponding authority configuration components from the first storage area, and can perform unified authority management on the different service modules in the system without modifying the algorithm logic of the service modules by configuring the authority to the service request through the authority configuration components, so that the development efficiency of the system is improved, and the development cost is reduced.
Description
Technical Field
The embodiment of the application relates to the technical field of computers, in particular to a permission processing method, a permission processing device, terminal equipment and a storage medium.
Background
The background management system includes service modules for different services, and many service modules need to manage the authority of user operation, for example, to judge the limitation of user operation. In the prior art, many service modules are used for realizing authority management of user operation by embedding codes for identifying authority in service logic, but the method can cause the problems of repeated design, development and debugging of different service modules in a background management system, thereby causing waste of manpower and material resources.
Disclosure of Invention
The embodiment of the application provides a permission processing method, a permission processing device, terminal equipment and a storage medium, and can perform unified permission identification on different service modules in a system.
In a first aspect, an embodiment of the present application provides an authority processing method, including:
when a service request sent by a request terminal is received, determining an authority configuration component corresponding to the request terminal from a first storage area;
calling the permission configuration component to configure service permission for the service request;
and returning the service authority to the request terminal as a request response.
Further, the permission configuration component is configured to determine a judgment factor corresponding to the service request, and judge whether the service request meets a judgment condition corresponding to the judgment factor;
if yes, the service authority is configured to be passed, and if not, the service authority is configured to be rejected.
Further, after the invoking the permission configuration component configures the service permission for the service request, the method further includes:
judging whether the service request and the service authority meet preset updating conditions or not;
and if so, updating the authority configuration component corresponding to the request terminal in the first storage area according to the updating rule information corresponding to the preset updating condition.
Further, the determining whether the service request and the service permission meet a preset update condition includes:
determining user information corresponding to the service request;
acquiring a service authority of a service request corresponding to the user information in a preset time period from a second storage area;
determining the number of target service requests, wherein the service authority of the target service requests is a preset authority;
and if the number is larger than the preset number, determining that the preset updating condition is met.
Further, the updating the authority configuration component corresponding to the request terminal in the first storage area according to the update rule information corresponding to the preset update condition includes:
and writing the user information into a blacklist of the authority configuration component corresponding to the request terminal in a first storage area.
Further, after the invoking the permission configuration component configures the service permission for the service request, the method further includes:
and writing the service request and the service authority into a storage queue.
Further, after writing the service request and the service right into a storage queue, the method further includes:
reading the service request and the service permission from the storage queue;
and storing the service request and the service authority in a second storage area.
In a second aspect, an embodiment of the present application further provides an authority processing apparatus, including:
the request receiving module is used for determining an authority configuration component corresponding to a request end from a first storage area when a service request sent by the request end is received;
the authority configuration module is used for calling the authority configuration component to configure the service authority for the service request;
and the response module is used for returning the service permission serving as a request response to the request end.
In a third aspect, an embodiment of the present application further provides a terminal device, which includes a memory, a processor, and a computer program that is stored in the memory and is executable on the processor, where the processor implements the permission processing method according to any embodiment of the present application when executing the program.
In a fourth aspect, the present application further provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the authority processing method according to any embodiment of the present application.
The embodiment of the application discloses an authority processing scheme, wherein when a service request sent by a request end is received, an authority configuration component corresponding to the request end is determined from a first storage area; calling the permission configuration component to configure service permission for the service request; and returning the service authority to the request terminal as a request response. By the technical scheme, different service modules can acquire the corresponding authority configuration components from the first storage area, and can perform unified authority management on the different service modules in the system without modifying the algorithm logic of the service modules by configuring the authority to the service request through the authority configuration components, so that the development efficiency of the system is improved, and the development cost is reduced.
Drawings
Fig. 1 is a flowchart of a permission processing method according to an embodiment of the present application;
fig. 2 is a flowchart of a permission processing method provided in the second embodiment of the present application;
fig. 3 is a flowchart of a permission processing method provided in the third embodiment of the present application;
fig. 4 is a flowchart of another permission processing method provided in the third embodiment of the present application;
fig. 5 is a schematic structural diagram of a background management system according to a third embodiment of the present application;
fig. 6 is a schematic structural diagram of a right processing device in the fourth embodiment of the present application;
fig. 7 is a schematic hardware structure diagram of a terminal device in a sixth embodiment of the present application.
Detailed Description
The present application will be described in further detail with reference to the following drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the application and are not limiting of the application. It should be further noted that, for the convenience of description, only some of the structures related to the present application are shown in the drawings, not all of the structures.
Example one
Fig. 1 is a flowchart of a privilege processing method provided in an embodiment of the present application, where the method may be executed by a privilege processing apparatus, where the apparatus may be implemented by software and/or hardware, and may be generally integrated on a hardware platform, and specifically includes the following steps:
s110, when a service request sent by a request end is received, an authority configuration component corresponding to the request end is determined from a first storage area.
The embodiment of the application can be applied to a background management system, the background management system can be a system for managing user interaction websites, and the user interaction websites can receive input information of users and return corresponding interaction information according to the input information of the users.
The user interaction website generally comprises different function modules, and the user can send input information in the different function modules to use different interaction functions. Each function module is provided with a corresponding service module in a background management system, and each service module manages input information of a user in the corresponding interactive function.
Authority authentication is required for some specific input information, for example, the input information sent by the user in the restricted list needs to be authenticated, and the authority authentication is passed so that corresponding information can be returned according to the input information sent by the user. The service request is input information needing authority identification.
Each service module is provided with a corresponding request end, the request end is used for receiving a service request sent by a user terminal, the user end is a terminal device used by a user of a user interaction website, and the terminal device can be a smart phone, a tablet computer or other electronic devices with corresponding operating systems. When receiving a service request sent by a request end, the user of the user end needs to perform authority authentication on input information sent by the user.
The first storage area is a specific storage area set in a background management system, optionally, the first storage area is a key-value storage system, and the key-value storage system is a storage system with high query speed, large data storage amount and high support for concurrency. Illustratively, the first storage area may be a Redis library.
Because different service modules have different authority management requirements, the first storage area stores authority configuration components corresponding to each service module, and the authority configuration components are used for performing authority identification on service requests in the corresponding service modules. And the authority configuration component corresponds to the request end, namely the authority configuration component corresponds to the service module of the request end.
And S111, calling the permission configuration component to configure the service permission for the service request.
After determining the permission configuration component corresponding to the request end, the service request may be subjected to permission authentication according to the permission configuration component, and a corresponding service permission is configured, where the service permission is a result of whether the service request passes or not.
The authority configuration component is a function which is written in advance and used for configuring service authority for the service request, and the authority configuration component comprises an authority identification rule of a corresponding service module.
Optionally, the authority configuration rule and the authority configuration component may be set by a manager at a management end, and may be written into the first storage area by adding an interception rule and adding a blacklist.
The authority configuration component is stored in the first storage area, when authority authentication is needed to be carried out on the service request, the authority configuration component can be called from the first storage area, the service authority is configured on the service request through the authority configuration component, an authority authentication code is not required to be embedded into the algorithm logic of the service module in the background management system, and only reading operation is needed to be carried out from the first storage area to call the authority configuration component.
Optionally, the permission configuration component is configured to determine a determination factor corresponding to the service request, and determine whether the service request meets a determination condition corresponding to the determination factor; if yes, the service authority is configured to be passed, and if not, the service authority is configured to be rejected.
The website rules of different user interaction websites are different, and the module rules of different functional modules in each user interaction website are also different; different service requests may correspond to different functional modules, so that different service requests have different judgment factors, and the judgment factors include: user information, region information, time information, content information and the like, wherein the content information can be character information and/or picture information. The judgment condition is a judgment basis corresponding to the judgment factor and is used for judging whether the service request passes or not. After determining the judgment factor corresponding to the service request, the corresponding key information in the service request can be determined according to the judgment factor, and then whether the key information meets the judgment condition can be judged to realize the judgment of the service request.
Illustratively, if the service request is input information for replacing the avatar of the user, and the rule of the functional module of the user interaction website corresponding to the service request is as follows: the blacklist user does not allow the avatar to be replaced, and the corresponding authority configuration component also comprises an authority identification rule of 'the blacklist user does not allow the avatar to be replaced'. If the user of the service request is a blacklist user, the service request of replacing the head portrait is rejected; and if the user of the service request is not the blacklist user, the service request of the head portrait is replaced by the user. According to the authority configuration component, the judgment factor of the service request can be determined to be user information, and the corresponding judgment condition is that the service request is passed if the user information of the service request is not a blacklist user. And judging whether the service request meets the judgment condition according to whether the user information of the service request is blacklisted or not by the user, and configuring corresponding service authority.
And S112, returning the service authority to the request terminal as a request response.
After the service authority of the service request is determined, the service authority is returned to the request end as a request response, so that the request end can send corresponding interactive information to the service request of the user end. For example, if the service right is pass, the service request of the user side is allowed and corresponding pass prompt information is returned to the user side; and if the service authority is refused, the service request is not passed and corresponding refusing prompt information is returned.
Optionally, the service request and the service authority may also be uploaded to the monitoring platform, so that the manager may manage the service request more effectively.
The embodiment of the application discloses an authority processing method, which comprises the steps that when a service request sent by a request end is received, an authority configuration component corresponding to the request end is determined from a first storage area; calling the permission configuration component to configure service permission for the service request; and returning the service authority to the request terminal as a request response. By the technical scheme, different service modules can acquire the corresponding authority configuration components from the first storage area, and can perform unified authority management on the different service modules in the system without modifying the algorithm logic of the service modules by configuring the authority to the service request through the authority configuration components, so that the development efficiency of the system is improved, and the development cost is reduced.
Example two
Fig. 2 is a flowchart of a permission processing method provided in the second embodiment of the present application, where the method may be executed by a permission processing apparatus, where the apparatus may be implemented by software and/or hardware, and may be generally integrated on a hardware platform, and specifically includes the following steps:
s120, when a service request sent by a request end is received, determining an authority configuration component corresponding to the request end from a first storage area.
And S121, calling the permission configuration component to configure the service permission for the service request.
And S122, returning the service authority serving as a request response to the request end.
For the above-mentioned specific implementation of the operations, reference may be made to the above-mentioned related description, and further description is omitted here.
And S123, writing the service request and the service authority into a storage queue.
The storage queue is a queue for temporarily storing data. The background management system may receive a large number of service requests, so that new service permissions are generated continuously, and the background management system may need to perform next operation on the service requests and the corresponding service permissions, so that the service requests and the corresponding service permissions need to be temporarily stored to perform subsequent operations.
Illustratively, the storage queue is a kafka cluster, which is a high-throughput distributed publish-subscribe messaging system, and can temporarily store data received in the background management system and classify the data so as to enable subsequent processing operations. After the service request and the service authority are written into the kafka cluster, if the background management system needs to perform the next processing on the service request and the corresponding service authority, the service request and the service authority can be read from the kafka cluster. Wherein, the service request and the service authority can be asynchronously downloaded into a storage queue.
Optionally, the method further comprises:
and reading the service request and the service authority from the storage queue, and storing the service request and the service authority into a second storage area.
The second storage area may be a Data (DB) library, and may store the service request and the service permission as a service request log in the Database, so that the service request log may be read from the Database when the service request log is needed in a subsequent operation. The service requests and the service permissions are read from the storage barriers and stored in a second storage area, and when a plurality of service requests are received by a background management system, the service requests and the corresponding service permissions can be stored in the second storage area, so that message blocking is avoided.
Optionally, the second storage area may include a master second storage area and a slave second storage area, and the service request and the service permission may be preferentially stored in the master second storage area, and then the service request and the service permission are asynchronously written into the slave second storage area, so that duplicate storage of the service request and the service permission is realized.
According to the embodiment of the application, the service requests and the service permissions are written into the storage queue, so that when a plurality of service requests are received, the service requests can be managed and stored, and the data processing efficiency is improved.
EXAMPLE III
Fig. 3 is a flowchart of a permission processing method provided in the second embodiment of the present application, where the method may be executed by a permission processing apparatus, where the apparatus may be implemented by software and/or hardware, and may be generally integrated on a hardware platform, and specifically includes the following steps:
s130, when a service request sent by a request end is received, determining an authority configuration component corresponding to the request end from a first storage area.
S131, calling the authority configuration component to configure the service authority for the service request.
S132, the service authority is returned to the request end as a request response.
For the above-mentioned specific implementation of the operations, reference may be made to the above-mentioned related description, and further description is omitted here.
S133, judging whether the service request and the service authority meet preset updating conditions; if so, operation S134 is performed.
And S134, updating the authority configuration component corresponding to the request terminal in the first storage area according to the updating rule information corresponding to the preset updating condition.
After the service authority is configured for the service request, the authority configuration component can be adjusted according to the service request and the service authority, so that the authority configuration component can be dynamically adjusted according to the latest service request and the corresponding service authority, and the authority identification rule can be updated immediately.
The preset updating condition is a condition for judging whether the permission configuration component needs to be dynamically updated, and the preset updating condition can be set according to website rules of different user interaction websites or module rules of different functional modules, which is not limited herein. The update rule information is a specific implementation manner for updating the permission configuration component, and the update rule information may be set according to a website rule of different user interaction websites or a module rule of different function modules, which is not limited herein.
Exemplarily, if the service authority of the service request is a denial, indicating that the service request may violate a website rule of a user interaction website or a module rule of a function module, then limiting an account corresponding to the service request, that is, adding the account to an account list of the limitation processing recorded in the authority configuration component.
Optionally, as shown in fig. 4, the operation of determining whether the service request and the service permission meet the preset update condition may be implemented in the following manner:
s1330, determining the user information corresponding to the service request.
The service request is originated from a user side, each user side has corresponding user information, and the user information may be, for example, an account code of a user. The corresponding user information can be determined according to the service request, and after the user information is determined, all service requests operated by the user before can be obtained.
And S1331, acquiring the service authority of the service request corresponding to the user information in a preset time period from the second storage area.
The second storage area may be the second storage area described in the second embodiment. The second storage area stores a service request log, and the service request log in a preset time period can be obtained, where the service request log includes a historical service request and a service permission, and also includes a latest service request and a latest service permission, that is, the service request and the service permission described in the above embodiment. The service authority of the service request within a preset time period may be acquired, and the preset time period may be a preset historical time interval, and may be, for example, within the past month or within the past week, and the like.
S1332, determining the number of the target service requests, wherein the service authority of the target service requests is a preset authority.
The target service request is of a type which may need to update the service permission component, that is, one target service request does not reach a program which needs to update the service permission component, but if a plurality of target service requests exist, the service permission component needs to be updated. The preset permissions may be for determining compliance with a service request that may require updating of the service permissions component.
The type of the service authority comprises pass and reject, and the preset authority can be pass or reject. The target service request and the preset authority may be set according to a specific implementation manner, which is not limited herein. And if the service authority corresponding to one service request is the preset authority, the service request is the target service request.
Multiple service requests corresponding to the user information may be received within a preset time period, a target service request is determined from the multiple service requests, and the number of the target service requests within the preset time period is determined.
And S1333, if the number is larger than the preset number, determining that the preset updating condition is met.
If the number is larger than the preset number, the number of the target service requests is accumulated to a certain degree, and the service permission components can be updated by determining that the preset updating conditions are met.
Correspondingly, the operation of updating the authority configuration component corresponding to the request terminal in the first storage area according to the update rule information corresponding to the preset update condition may be implemented in the following manner:
and writing the user information into a blacklist of the authority configuration component corresponding to the request terminal in a first storage area.
The authority corresponding to the service request of the user information in the blacklist is configured to be rejected, that is, the service request sent by the user information belonging to the blacklist is rejected. It should be noted that the service request of the user information that has not been added to the blacklist may also be rejected because other permission authentication rules in the permission configuration component are rejected, and when the number of times of rejection reaches a preset number, the service request may be added to the blacklist, that is, the permission authentication operation of the service request received thereafter may be directly rejected according to the blacklist. Illustratively, when a user A executes a service request for replacing the head portrait, and the user refuses the service request for replacing the head portrait three times in one day, the user A is added into a blacklist, and the user can not perform the operation of replacing the head portrait again within a preset limit time.
Optionally, the first storage area of the embodiment of the present application may include a master first storage area and a slave first storage area. When the authority configuration component corresponding to the request terminal in the first storage area is updated, data needs to be written into the first storage area, the write operation can be written into the main first storage area preferentially, and then written into the secondary first storage area asynchronously, so that duplicate storage is realized. Corresponding first storage areas can be set for different areas, so that the storage device can comprise a first storage area A and a storage area B, the first storage area A can also comprise a main first storage area A and a slave first storage area A, and the first storage area B can also comprise a main first storage area B and a slave first storage area B.
Exemplarily, fig. 5 is a schematic structural diagram of a background management system according to an embodiment of the present application, and as shown in fig. 5, the background management system includes a first storage area, a second storage area, and a plurality of service modules, where, for example, one service module is taken as an example, each service module includes a request end, a policy service unit, a storage queue, and an analysis service unit. The request end is used for receiving a service request sent by a user end (not shown) and sending the service request to the policy service unit. The policy service unit is used for determining an authority configuration component corresponding to the request terminal from a first storage area, calling the authority configuration component to configure service authority for the service request, and returning the service authority to the request terminal as a request response. The policy service unit is further configured to write the service request and the service permission to a storage queue. The analysis service unit is used for reading the service request and the service authority from the storage queue and storing the service request and the service authority into a second storage area.
According to the embodiment of the application, whether the service request and the service permission meet the preset updating condition or not is judged, and the permission configuration component corresponding to the request end in the first storage area is updated according to the updating rule information corresponding to the preset updating condition, so that the permission configuration rule in the permission configuration component can be dynamically updated, and the management efficiency of the background management system is improved.
Example four
Fig. 6 is a schematic structural diagram of a rights processing device according to a fourth embodiment of the present application, where the rights processing device may be implemented by software and/or hardware, and may be generally integrated on a hardware platform. As shown in fig. 6, the authority processing device includes:
the request receiving module 201 is configured to, when receiving a service request sent by a request end, determine an authorization configuration component corresponding to the request end from a first storage area.
And the permission configuration module 202 is used for calling the permission configuration component to configure the service permission for the service request.
A response module 203, configured to return the service right to the request end as a request response.
The embodiment of the application discloses an authority processing device, which determines an authority configuration component corresponding to a request end from a first storage area when receiving a service request sent by the request end; calling the permission configuration component to configure service permission for the service request; and returning the service authority to the request terminal as a request response. By the technical scheme, different service modules can acquire the corresponding authority configuration components from the first storage area, and can perform unified authority management on the different service modules in the system without modifying the algorithm logic of the service modules by configuring the authority to the service request through the authority configuration components, so that the development efficiency of the system is improved, and the development cost is reduced.
Optionally, the permission configuration component is configured to determine a determination factor corresponding to the service request, and determine whether the service request meets a determination condition corresponding to the determination factor;
if yes, the service authority is configured to be passed, and if not, the service authority is configured to be rejected.
Optionally, the method further comprises:
the updating judgment module is used for judging whether the service request and the service authority meet a preset updating condition after the authority configuration component is called to configure the service authority for the service request;
and if so, updating the authority configuration component corresponding to the request terminal in the first storage area according to the updating rule information corresponding to the preset updating condition.
Optionally, the update determining module is specifically configured to:
determining user information corresponding to the service request;
acquiring a service authority of a service request corresponding to the user information in a preset time period from a second storage area;
determining the number of target service requests, wherein the service authority of the target service requests is a preset authority;
and if the number is larger than the preset number, determining that the preset updating condition is met.
Optionally, the update execution module is specifically configured to:
and writing the user information into a blacklist of the authority configuration component corresponding to the request terminal in a first storage area.
Optionally, the method further comprises:
and the queue storage module is used for writing the service request and the service authority into a storage queue after the authority configuration component is called to configure the service authority for the service request.
Optionally, the method further comprises:
the reading module is used for reading the service request and the service authority from a storage queue after writing the service request and the service authority into the storage queue;
and the data storage module is used for storing the service request and the service authority into a second storage area.
Example four
Embodiments of the present application also provide a storage medium containing computer-executable instructions, which when executed by a computer processor, are configured to perform a method for processing permissions, the method including:
when a service request sent by a request terminal is received, determining an authority configuration component corresponding to the request terminal from a first storage area;
calling the permission configuration component to configure service permission for the service request;
and returning the service authority to the request terminal as a request response.
Optionally, the computer executable instructions, when executed by the computer processor, may also be used to perform the method for processing rights provided in any embodiment of the present application.
From the above description of the embodiments, it is obvious for those skilled in the art that the present application can be implemented by software and necessary general hardware, and certainly can be implemented by hardware, but the former is a better embodiment in many cases. Based on such understanding, the technical solutions of the present application may be embodied in the form of a software product, which may be stored in a computer-readable storage medium, such as a floppy disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a FLASH Memory (FLASH), a hard disk or an optical disk of a computer, and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device) to execute the methods described in the embodiments of the present application.
EXAMPLE five
As shown in fig. 7, a schematic diagram of a hardware structure of a terminal device provided in the fifth embodiment of the present application is shown in fig. 7, where the terminal device includes:
one or more processors 410, one processor 410 being exemplified in FIG. 7;
a memory 420;
the terminal device may further include: an input device 430 and an output device 440.
The processor 410, the memory 420, the input device 430 and the output device 440 in the terminal device may be connected by a bus or other means, and fig. 7 illustrates the connection by the bus as an example.
The memory 420, which is a non-transitory computer-readable storage medium, may be used to store software programs, computer-executable programs, and modules, such as program instructions/modules corresponding to a rights processing method in the embodiments of the present application (for example, the request receiving module 201, the rights configuration module 202, and the response module 203 shown in fig. 6). The processor 410 executes various functional applications and data processing of the terminal device by executing software programs, instructions and modules stored in the memory 420, that is, implements a rights processing method of the above-described method embodiment.
The memory 420 may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created according to the use of the terminal device, and the like. Further, the memory 420 may include high speed random access memory, and may also include non-transitory memory, such as at least one magnetic disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, memory 420 may optionally include memory located remotely from processor 410, which may be connected to the terminal device via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The input means 430 may be used to receive input numeric or character information and generate key signal inputs related to user settings and function control of the terminal device. The output device 440 may include a display device such as a display screen.
It is to be noted that the foregoing is only illustrative of the preferred embodiments of the present application and the technical principles employed. It will be understood by those skilled in the art that the present application is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the application. Therefore, although the present application has been described in more detail with reference to the above embodiments, the present application is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present application, and the scope of the present application is determined by the scope of the appended claims.
Claims (9)
1. A method of privilege processing, comprising:
when a service request sent by a request end is received, determining an authority configuration component corresponding to the request end from a first storage area, wherein the authority configuration component is used for carrying out authority identification on the service request in the corresponding request end, and the request end is arranged in a service module corresponding to the service request;
calling the permission configuration component to configure service permission for the service request;
returning the service authority as a request response to the request terminal;
the authority configuration component is used for determining a judgment factor corresponding to the service request and judging whether the service request meets a judgment condition corresponding to the judgment factor;
if yes, the service authority is configured to be passed, and if not, the service authority is configured to be rejected.
2. The method of claim 1, wherein after invoking the permission configuration component to configure the service permission for the service request, further comprising:
judging whether the service request and the service authority meet preset updating conditions or not;
and if so, updating the authority configuration component corresponding to the request terminal in the first storage area according to the updating rule information corresponding to the preset updating condition.
3. The method of claim 2, wherein the determining whether the service request and the service permission meet a preset update condition comprises:
determining user information corresponding to the service request;
acquiring a service authority of a service request corresponding to the user information in a preset time period from a second storage area;
determining the number of target service requests, wherein the service authority of the target service requests is a preset authority;
and if the number is larger than the preset number, determining that the preset updating condition is met.
4. The method according to claim 3, wherein the updating the permission configuration component corresponding to the request side in the first storage area according to the update rule information corresponding to the preset update condition includes:
and writing the user information into a blacklist of the authority configuration component corresponding to the request terminal in a first storage area.
5. The method of claim 1, wherein after invoking the permission configuration component to configure the service permission for the service request, further comprising:
and writing the service request and the service authority into a storage queue.
6. The method of claim 5, wherein after writing the service request and the service right to a storage queue, further comprising:
reading the service request and the service permission from the storage queue;
and storing the service request and the service authority in a second storage area.
7. An authority processing apparatus characterized by comprising:
the system comprises a request receiving module, a permission configuration module and a permission configuration module, wherein the request receiving module is used for determining a permission configuration component corresponding to a request end from a first storage area when receiving a service request sent by the request end, the permission configuration component is used for carrying out permission authentication on the service request in the corresponding request end, and the request end is arranged in a service module corresponding to the service request;
the authority configuration module is used for calling the authority configuration component to configure the service authority for the service request;
the response module is used for returning the service permission serving as a request response to the request end;
the authority configuration component is used for determining a judgment factor corresponding to the service request and judging whether the service request meets a judgment condition corresponding to the judgment factor;
if yes, the service authority is configured to be passed, and if not, the service authority is configured to be rejected.
8. A terminal device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the rights processing method according to any of claims 1-6 when executing the program.
9. A computer-readable storage medium on which a computer program is stored, the program, when executed by a processor, implementing the rights processing method as claimed in any one of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811525855.0A CN109657485B (en) | 2018-12-13 | 2018-12-13 | Authority processing method and device, terminal equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811525855.0A CN109657485B (en) | 2018-12-13 | 2018-12-13 | Authority processing method and device, terminal equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109657485A CN109657485A (en) | 2019-04-19 |
| CN109657485B true CN109657485B (en) | 2021-10-22 |
Family
ID=66113148
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811525855.0A Active CN109657485B (en) | 2018-12-13 | 2018-12-13 | Authority processing method and device, terminal equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109657485B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110795709B (en) * | 2019-10-31 | 2022-08-12 | 北京达佳互联信息技术有限公司 | Method and device for performing business operation, electronic equipment and storage medium |
| CN112836187B (en) * | 2019-11-25 | 2024-02-02 | 杭州海康威视系统技术有限公司 | Authority management method and device and electronic equipment |
| CN111695092A (en) * | 2020-05-29 | 2020-09-22 | 腾讯科技(深圳)有限公司 | Authority management method, device, electronic equipment and medium |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104392299A (en) * | 2014-10-29 | 2015-03-04 | 中国建设银行股份有限公司 | Business information processing method and system |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103870727B (en) * | 2012-12-17 | 2018-02-02 | 百度在线网络技术(北京)有限公司 | A kind of method and system for being managed collectively authority |
| CN105337978B (en) * | 2015-11-17 | 2019-01-22 | 浪潮(北京)电子信息产业有限公司 | A kind of section method for verifying authority and system based on security service blocking |
| CN105786630B (en) * | 2016-02-26 | 2019-02-15 | 浪潮通用软件有限公司 | A kind of Web API regulation method based on middleware |
| CN107436920A (en) * | 2017-07-01 | 2017-12-05 | 武汉斗鱼网络科技有限公司 | Node.js authority control methods, storage medium, electronic equipment and system |
| CN107483294B (en) * | 2017-09-15 | 2020-06-19 | 北京奇艺世纪科技有限公司 | Method and device for monitoring network request |
| CN108304704B (en) * | 2018-02-07 | 2021-02-09 | 平安普惠企业管理有限公司 | Authority control method and device, computer equipment and storage medium |
-
2018
- 2018-12-13 CN CN201811525855.0A patent/CN109657485B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104392299A (en) * | 2014-10-29 | 2015-03-04 | 中国建设银行股份有限公司 | Business information processing method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109657485A (en) | 2019-04-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108683604B (en) | Concurrent access control method, terminal device, and medium | |
| CN109873803B (en) | Permission control method and device of application program, storage medium and computer equipment | |
| CN109542361B (en) | Distributed storage system file reading method, system and related device | |
| CN109600441B (en) | Alliance link information publishing control method and terminal equipment | |
| CN110363026B (en) | File operation method, device, equipment, system and computer readable storage medium | |
| CN109657485B (en) | Authority processing method and device, terminal equipment and storage medium | |
| CN111274214B (en) | File lock processing method and device, electronic equipment and storage medium | |
| CN109618176B (en) | Processing method, equipment and storage medium for live broadcast service | |
| CN107465687B (en) | Method, device and terminal for realizing permission configuration | |
| CN105550584A (en) | RBAC based malicious program interception and processing method in Android platform | |
| CN113361838A (en) | Business wind control method and device, electronic equipment and storage medium | |
| CN107957905A (en) | Method, apparatus, storage medium and the intelligent terminal of self-starting are applied in limitation | |
| CN114223177A (en) | Access control method, device, server and computer readable medium | |
| CN112464214A (en) | Authority detection method and device, electronic equipment and readable storage medium | |
| CN113098854B (en) | Task arranging method, system, storage medium and electronic equipment | |
| CN113010238A (en) | Permission determination method, device and system for micro application call interface | |
| US20150163246A1 (en) | System and method for activation of personas based on activation parameters related to a multiple-persona mobile technology platform (mtp) | |
| CN111147496B (en) | Data processing method and device | |
| CN117389655A (en) | Task execution method, device, equipment and storage medium in cloud native environment | |
| CN109740328B (en) | Authority identification method and device, computer equipment and storage medium | |
| CN111240998A (en) | Test case processing method and device | |
| CN110908881A (en) | Method and device for sending buried point data, electronic equipment and computer readable storage medium | |
| CN116319810A (en) | Flow control method, device, equipment, medium and product of distributed system | |
| CN110120963B (en) | Data processing method, device, equipment and machine readable medium | |
| CN110351719A (en) | A kind of wireless network management method, system and electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |