CN110909369A - Data authority control method based on report platform - Google Patents

Data authority control method based on report platform Download PDF

Info

Publication number
CN110909369A
CN110909369A CN201911087917.9A CN201911087917A CN110909369A CN 110909369 A CN110909369 A CN 110909369A CN 201911087917 A CN201911087917 A CN 201911087917A CN 110909369 A CN110909369 A CN 110909369A
Authority
CN
China
Prior art keywords
user
data
report
authority
parameter
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911087917.9A
Other languages
Chinese (zh)
Inventor
施甘图
庭治宏
张寒雪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hongtu Intelligent Logistics Co Ltd
La Gongbao Network Technology Co Ltd
Original Assignee
Hongtu Intelligent Logistics Co Ltd
La Gongbao Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hongtu Intelligent Logistics Co Ltd, La Gongbao Network Technology Co Ltd filed Critical Hongtu Intelligent Logistics Co Ltd
Priority to CN201911087917.9A priority Critical patent/CN110909369A/en
Publication of CN110909369A publication Critical patent/CN110909369A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Automation & Control Theory (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a data authority control method based on a report platform, which relates to the technical field of data authority system development and comprises the following steps: (1) a user logs in a WEB report platform through an account; (2) selecting a menu to be inquired in a menu bar; (3) transmitting the identified user account and the menu bar report ID to a parameter data set; (4) calling a function in the limiting condition of the parameter data set, and returning the data authority which can be accessed by the user by inquiring the user authority data in the configuration table; (5) and the data authority set list returned by the user is used as a limiting condition of the report data set for display to carry out data filtering, so that later maintenance is more convenient, and the workload of report making is reduced.

Description

Data authority control method based on report platform
Technical Field
The invention relates to the technical field of data authority system development, in particular to a data authority control method based on a report platform.
Background
In the information explosion age, data is also an important resource in an enterprise, and the data is processed into various analysis charts according to different rules, so that a manager can be assisted to effectively manage the enterprise. The data graph can better reflect the value of the data, and the WEB report platform can effectively manage various graphs.
The existing common WEB platforms can be divided into two types, one type is a complete WEB report platform independently developed by front-end developers, but the development cost of the report platform is very high, particularly the processing of a graph; therefore, the data team generally selects the existing WEB report tool on the market, and the development is smaller.
In an actual application environment, different roles may have different access rights to data, and in the existing web report tool in the market, the requirement can be solved by directly screening out a required data making template from an SQL statement, but under the condition of more roles, a plurality of reports with the same style and different data sets need to be made, so that later maintenance is not facilitated, and the workload of report making is increased.
Disclosure of Invention
The technical problem to be solved by the invention is as follows: how to improve the technical problem that the WEB report tool is too complex to control the data authority, which causes huge workload and inconvenient maintenance.
The invention provides a data authority control method based on a report platform, which comprises the following steps:
(1) a user logs in a WEB report platform through an account;
(2) selecting a menu to be inquired in a menu bar;
(3) transmitting the identified user account and the menu bar report ID to a parameter data set;
(4) calling a function in the limiting condition of the parameter data set, and returning the data authority which can be accessed by the user by inquiring the user authority data in the configuration table;
(5) and performing data filtering by taking the data authority set list returned by the user as a limiting condition of the report data set for displaying.
Further, the step (3) specifically comprises the following steps,
(31) when a report template is made, configuring a data set for distinguishing user data access authority;
(32) the data set comprises two parameters, one is a user name, the user name of the built-in parameter of the report platform is directly bound, and when a user logs in by using an account, the user name of the user can be directly transmitted;
(33) the other parameter is a template name and is also a built-in parameter of the directly bound report platform, and when a user clicks a menu bar, the template name and the path used by the menu bar are transmitted into the menu bar;
(34) converting the user name and the template name into a corresponding user ID and a report ID through a database configured by a report platform; this has no effect when the user name or the report template name is modified.
Further, the step (4) specifically comprises the following steps,
(41) adding a white list configuration table controlled by data authority;
(42) adding a user row-level authority limit table;
(43) and adding a user authority function.
Further, the white list in step (41) includes a global white list, a table-level white list, and a menu-level white list.
Further, the restriction table in step (42) includes a user ID, a table in which data restriction is required, a field of data restriction, and the content of the field of data restriction.
Furthermore, the function in step (43) is an incoming parameter, specifically including,
incoming parameters of the table that control data authority limits;
controlling incoming parameters of column names in a data authority limit table;
controlling incoming parameters of content in the data permission limit table;
an incoming parameter for an account user id;
and transmitting parameters of id of the report menu.
Further, the subject judgment logic of the function in the step (43) comprises the following steps,
(431) the default value of the return value of the given function is false;
(432) firstly, judging whether the user is a global white list, if the user is the global white list, the return value is true, exiting the logic judgment, and if not, carrying out the next logic judgment;
(433) then judging whether the user is a surface-level white list, if so, judging that the return value is true, exiting the logic judgment, and otherwise, entering the next logic judgment;
(434) judging whether the user is a menu level white list or not, if so, if the returned value is true, exiting the logic judgment, otherwise entering the next logic judgment;
(435) finally, judging the row-level data authority of the user, if the corresponding content is found in the row-level authority table, returning the value to be true, otherwise, returning the value to be false, and exiting the judgment logic;
(436) return values are returned to the parameter data set conditional limits.
Further, the step (5) specifically comprises the following steps,
(51) clicking for query, inserting the result of the parameter data set into the limiting condition of the report data set, and rendering a table or a graph;
(52) the user can only see the data of the configured scope of authority.
By adopting the technical scheme, the invention has the beneficial effects that: through the data authority control method based on the WEB report platform, the later maintenance is more convenient, and the workload of report making is reduced.
Drawings
The invention will now be described, by way of example, with reference to the accompanying drawings, in which:
FIG. 1 is a flowchart of a data authority control method based on a report platform.
Detailed Description
All of the features disclosed in this specification, or all of the steps in any method or process so disclosed, may be combined in any combination, except combinations of features and/or steps that are mutually exclusive.
Any feature disclosed in this specification may be replaced by alternative features serving equivalent or similar purposes, unless expressly stated otherwise. That is, unless expressly stated otherwise, each feature is only an example of a generic series of equivalent or similar features.
The invention aims to provide a data authority control method based on a WEB report platform, which solves the technical problems of huge workload and inconvenient maintenance caused by too complicated data authority control of a WEB report tool.
The invention provides a data authority control method based on a WEB report platform, which specifically comprises the following steps:
1. a user logs in a WEB report platform through an account;
2. selecting a menu to be inquired in a menu bar;
3. transmitting the identified user account and the menu bar report ID to a parameter data set;
3.1 when making a report template, configuring a data set for distinguishing the access of user data authority;
3.2 the data set contains two parameters, one is a user name, the user name of the built-in parameter of the report platform is directly bound, and when a user logs in by using an account, the user name of the user can be directly transmitted;
3.3 another parameter is the template name, also is the built-in parameter of the direct binding report form platform, when the user clicks the menu bar, introduce the template name and its route used in the menu bar;
3.4 converting the user name and the template name into a corresponding user ID and a report ID through a database configured by a report platform; this has no effect when the user name or the report template name is modified.
4. Calling a function in the limiting condition of the parameter data set, and returning the data authority which can be accessed by the user by inquiring the user authority data in the configuration table;
4.1 adding a white list configuration table controlled by data authority, wherein the white list is divided into three types:
the first is a global white list which shows that all records of all reports can be accessed, and the first is an applicable scene, a report administrator, a company leader and the highest priority;
the second type is a table-level white list, which indicates that all records of a table which needs to be used for limiting the records can be accessed, the applicable scene is realized, the data in a certain table data authority can be accessed, the common use is realized for different report forms templates, and the priority is the second type;
the third menu level white list represents all records of the report form which can access a certain menu, is applicable to a scene, uses data limitation of the same report form, and only shows limited partial content of one report form, but needs to show all records of a limited report form for another report form;
4.2 adding user row level authority limit table, mainly including the table whose field has user ID and needs to make data limit, data limit field content, etc. The user row-level authority indicates that part of records in the restriction table can be accessed, and several items can be configured in the configuration table by accessing the records, so that the applicable scenes are available, and all users, particularly the data access authority is low;
4.3 adding a user authority function, wherein the specific content of the function is as follows:
the method comprises the following steps of (1) inputting a parameter, I _ PERMISS _ TABLE _ NAME, a type character string, a TABLE for controlling data authority limit, a TABLE NAME for configuring a data authority TABLE in a parameter data set, and a TABLE NAME for performing data limit in an S42 configuration TABLE;
an incoming parameter, I _ PERMISS _ COLUMN _ NAME, type string, representing a COLUMN NAME used to control the data permission restriction table, for configuring a field in the data permission table in the parameter dataset, consistent with the field in the configuration table used to perform the data restriction table in S42;
an incoming parameter, I _ PERMISS _ CONTENT, type string, representing the CONTENT used to control the data rights restriction table, configuring the CONTENT of the data rights table field in the parameter dataset, consistent with the CONTENT used to perform the data restrictions table field in the configuration table of S42;
the incoming parameter, I _ USER _ ID, type-integer, is the account USER ID in step S33
An incoming parameter, I _ REPORT _ ID, type word integer, that is, the ID return value type of the REPORT menu in step S34 is boolean, and if true, it indicates that the user can access the incoming content in the table; otherwise, the access is not authorized
The decision logic of the function body is summarized as the following sub-steps:
4.31 the default value for the given function return value is false;
4.32 firstly judging whether the user is a global white list, if so, judging the return value is true, quitting the logic judgment, and if not, carrying out the next logic judgment;
4.33 then judging whether the user is a surface-level white list, if so, returning a value to be true, exiting the logic judgment, and otherwise, entering the next logic judgment;
4.34 judging whether the user is the menu level white list, if so, returning the value to be true, exiting the logic judgment, otherwise entering the next logic judgment;
4.35 finally judging the user to judge the row-level data authority, if finding the corresponding content in the row-level authority table, the return value is true, otherwise, the return value is false, and exiting the judging logic;
4.36 return value to parameter data set condition limit;
5. and performing data filtering by taking the data authority set list returned by the user as a limiting condition of the report data set for displaying.
5.1 clicking to inquire, inserting the result of the parameter data set into the limit condition of the report data set, and rendering a table or a graph;
5.2 the user can only see the data of the configured scope of authority.
While the foregoing description shows and describes a preferred embodiment of the invention, it is to be understood, as noted above, that the invention is not limited to the form disclosed herein, but is not intended to be exhaustive or to exclude other embodiments and may be used in various other combinations, modifications, and environments and may be modified within the scope of the inventive concept described herein by the above teachings or the skill or knowledge of the relevant art. And that modifications and variations may be effected by those skilled in the art without departing from the spirit and scope of the invention as defined by the appended claims.

Claims (8)

1. A data authority control method based on a report platform is characterized in that: the method comprises the following steps:
(1) a user logs in a WEB report platform through an account;
(2) selecting a menu to be inquired in a menu bar;
(3) transmitting the identified user account and the menu bar report ID to a parameter data set;
(4) calling a function in the limiting condition of the parameter data set, and returning the data authority which can be accessed by the user by inquiring the user authority data in the configuration table;
(5) and performing data filtering by taking the data authority set list returned by the user as a limiting condition of the report data set for displaying.
2. The report platform based data authority control method according to claim 1, wherein the step (3) comprises the following steps,
(31) when a report template is made, configuring a data set for distinguishing user data access authority;
(32) the data set comprises two parameters, one is a user name, the user name of the built-in parameter of the report platform is directly bound, and when a user logs in by using an account, the user name of the user can be directly transmitted;
(33) the other parameter is a template name and is also a built-in parameter of the directly bound report platform, and when a user clicks a menu bar, the template name and the path used by the menu bar are transmitted into the menu bar;
(34) converting the user name and the template name into a corresponding user ID and a report ID through a database configured by a report platform; this has no effect when the user name or the report template name is modified.
3. The report platform based data authority control method according to claim 1, wherein the step (4) comprises the following steps,
(41) adding a white list configuration table controlled by data authority;
(42) adding a user row-level authority limit table;
(43) and adding a user authority function.
4. The report platform based data right control method according to claim 3, wherein the white list in step (41) comprises a global white list, a table level white list and a menu level white list.
5. The report platform based data right control method according to claim 3, wherein the limitation table in the step (42) comprises a user ID, a table requiring data limitation, a data limitation field and the content of the data limitation field.
6. The report platform based data right control method according to claim 3, wherein the function in the step (43) is an incoming parameter, specifically comprising,
incoming parameters of the table that control data authority limits;
controlling incoming parameters of column names in a data authority limit table;
controlling incoming parameters of content in the data permission limit table;
an incoming parameter for an account user id;
and transmitting parameters of id of the report menu.
7. The report platform based data authority control method according to claim 3, wherein the subject judgment logic of the function in the step (43) comprises the following steps,
(431) the default value of the return value of the given function is false;
(432) firstly, judging whether the user is a global white list, if the user is the global white list, the return value is true, exiting the logic judgment, and if not, carrying out the next logic judgment;
(433) then judging whether the user is a surface-level white list, if so, judging that the return value is true, exiting the logic judgment, and otherwise, entering the next logic judgment;
(434) judging whether the user is a menu level white list or not, if so, if the returned value is true, exiting the logic judgment, otherwise entering the next logic judgment;
(435) finally, judging the row-level data authority of the user, if the corresponding content is found in the row-level authority table, returning the value to be true, otherwise, returning the value to be false, and exiting the judgment logic;
(436) return values are returned to the parameter data set conditional limits.
8. The report platform based data authority control method according to claim 1, wherein the step (5) comprises the following steps,
(51) clicking for query, inserting the result of the parameter data set into the limiting condition of the report data set, and rendering a table or a graph;
(52) the user can only see the data of the configured scope of authority.
CN201911087917.9A 2019-11-08 2019-11-08 Data authority control method based on report platform Pending CN110909369A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911087917.9A CN110909369A (en) 2019-11-08 2019-11-08 Data authority control method based on report platform

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911087917.9A CN110909369A (en) 2019-11-08 2019-11-08 Data authority control method based on report platform

Publications (1)

Publication Number Publication Date
CN110909369A true CN110909369A (en) 2020-03-24

Family

ID=69816913

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911087917.9A Pending CN110909369A (en) 2019-11-08 2019-11-08 Data authority control method based on report platform

Country Status (1)

Country Link
CN (1) CN110909369A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112069539A (en) * 2020-09-05 2020-12-11 蔡春梅 Information protection method and artificial intelligence platform based on cloud computing and block chain service

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101075254A (en) * 2007-06-08 2007-11-21 北京神舟航天软件技术有限公司 Autonomous access control method for row-level data of database table
CN104636393A (en) * 2013-11-13 2015-05-20 航天信息股份有限公司 Self-adaptation report form establishing method based on user self-definition behavior analysis
CN105243533A (en) * 2015-09-22 2016-01-13 武汉达策信息技术有限公司 Unified publishing platform and method for various types of reports
CN106254451A (en) * 2016-08-01 2016-12-21 迈普通信技术股份有限公司 Embedded device web menu control system and method
CN106293740A (en) * 2016-08-10 2017-01-04 桐乡华锐自控技术装备有限公司 A kind of report form developing method being applied to PLC, DCS device data
CN108874760A (en) * 2018-05-23 2018-11-23 中国平安人寿保险股份有限公司 Report file generation method, device, computer equipment and storage medium
US20180342312A1 (en) * 2017-05-26 2018-11-29 Christopher Khatchig Kaypekian Method and system for direct access to medical patient records
CN109522707A (en) * 2018-10-30 2019-03-26 珠海伟诚科技股份有限公司 A kind of the user data read-write security permission control method and system of based role and resource
CN109902100A (en) * 2019-01-31 2019-06-18 平安科技(深圳)有限公司 Report form inquiring method, device and storage medium

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101075254A (en) * 2007-06-08 2007-11-21 北京神舟航天软件技术有限公司 Autonomous access control method for row-level data of database table
CN104636393A (en) * 2013-11-13 2015-05-20 航天信息股份有限公司 Self-adaptation report form establishing method based on user self-definition behavior analysis
CN105243533A (en) * 2015-09-22 2016-01-13 武汉达策信息技术有限公司 Unified publishing platform and method for various types of reports
CN106254451A (en) * 2016-08-01 2016-12-21 迈普通信技术股份有限公司 Embedded device web menu control system and method
CN106293740A (en) * 2016-08-10 2017-01-04 桐乡华锐自控技术装备有限公司 A kind of report form developing method being applied to PLC, DCS device data
US20180342312A1 (en) * 2017-05-26 2018-11-29 Christopher Khatchig Kaypekian Method and system for direct access to medical patient records
CN108874760A (en) * 2018-05-23 2018-11-23 中国平安人寿保险股份有限公司 Report file generation method, device, computer equipment and storage medium
CN109522707A (en) * 2018-10-30 2019-03-26 珠海伟诚科技股份有限公司 A kind of the user data read-write security permission control method and system of based role and resource
CN109902100A (en) * 2019-01-31 2019-06-18 平安科技(深圳)有限公司 Report form inquiring method, device and storage medium

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112069539A (en) * 2020-09-05 2020-12-11 蔡春梅 Information protection method and artificial intelligence platform based on cloud computing and block chain service
CN112069539B (en) * 2020-09-05 2021-10-29 蔡春梅 Information protection method and artificial intelligence platform based on cloud computing and block chain service

Similar Documents

Publication Publication Date Title
JP7460689B2 (en) Software application development based on spreadsheets
US10810361B1 (en) Role-agnostic interaction management and real time workflow sequence generation from a live document
US9003295B2 (en) User interface driven access control system and method
CN100492357C (en) Systems and methods that optimize row level database security
JP7490729B2 (en) Development of spreadsheet-based software applications
KR101422859B1 (en) Permission-based document server
US10114964B2 (en) Role-based content rendering
US8832556B2 (en) Systems and methods for implementation of a structured query language interface in a distributed database environment
US7730410B2 (en) System and method for customizing form elements in a form building application
US9886481B2 (en) Query optimization on VPD protected columns
US20220156394A1 (en) Data aggregation system for enabling query operations on restricted data that originates from multiple independent multiple sources
CN107908695A (en) Operation system operation method, device, system and readable storage medium storing program for executing
US20090132496A1 (en) System And Method For Technique Document Analysis, And Patent Analysis System
US20100218092A1 (en) Method and system for generating a personalized report with reusable parameters
US11276039B2 (en) Role-agnostic interaction management and workflow sequence generation
US6751618B1 (en) Method and apparatus for a web application server to upload multiple files and invoke a script to use the files in a single browser request
KR101201019B1 (en) Declarative sequenced report parameterization
AU2016302371A1 (en) Building and managing data-processing attributes for modeled data sources
US20090222454A1 (en) Method and data processing system for restructuring web content
CN110909369A (en) Data authority control method based on report platform
JP4671753B2 (en) Document management system, document management method, information processing apparatus, program, and storage medium
CN107944288B (en) Data access control method and device
KR100635733B1 (en) A Proposal Making System And The Method Using The Same
US9047338B2 (en) Managing drill-through targets
CN115390840A (en) Visual page generation method, device and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20200324