CN112953815B

CN112953815B - Information access control method, device, equipment and storage medium

Info

Publication number: CN112953815B
Application number: CN202110183701.3A
Authority: CN
Inventors: 徐倩怡
Original assignee: Beijing Zitiao Network Technology Co Ltd
Current assignee: Beijing Zitiao Network Technology Co Ltd
Priority date: 2021-02-08
Filing date: 2021-02-08
Publication date: 2022-07-15
Anticipated expiration: 2041-02-08
Also published as: CN112953815A

Abstract

The invention discloses a method, a device, equipment and a storage medium for controlling information access. The method comprises the following steps: receiving an information sharing request in a group session interface of instant messaging; sending request information to an authority granter of target information indicated by the information sharing request according to the existence condition of a specific user in the group, wherein the request information is used for asking whether to open the access authority of the target information for the specific user; acquiring a feedback instruction of the authority grantor for the request information, and controlling the access authority by an information service end according to the feedback instruction; and sharing the target information according to the control result of the access authority. According to the method, the authority application and the authority control of the information are embedded into the group conversation process, two systems which are originally independent from each other are opened, so that a specific user can access the target information more conveniently, and the information access efficiency is improved.

Description

Information access control method, device, equipment and storage medium

Technical Field

Embodiments of the present invention relate to the field of information sharing technologies, and in particular, to a method, an apparatus, a device, and a storage medium for controlling information access.

Background

At present, people can communicate information in the form of groups, and can also share information to be discussed in the groups. Taking a group as an example of a teleconference, the teleconference may allow multiple people to join the conference to participate in information exchange. Meanwhile, in order to facilitate the mutual communication of the participants, the speaker of the conference can share the content to be discussed in the conference, and the content is used as the subject of the conference to develop the information communication in all aspects. However, when a user without information access authority joins the group, the conventional information access method causes the information access efficiency of the user to be low.

Disclosure of Invention

The invention provides a method, a device, equipment and a storage medium for controlling information access, which are used for improving the information access efficiency of a user when the user without information access authority joins in a group.

In a first aspect, an embodiment of the present invention provides a method for controlling information access, including:

receiving an information sharing request in a group session interface of instant messaging;

sending request information to an authority granter of target information indicated by the information sharing request according to the existence condition of a specific user in the group, wherein the request information is used for asking whether to open the access authority of the target information for the specific user;

acquiring a feedback instruction of the authority grantor for the request information, and indicating an information service end to control the access authority according to the feedback instruction;

and sharing the target information according to the control result of the access authority.

In a second aspect, an embodiment of the present invention provides an apparatus for controlling information access, including:

the receiving module is used for receiving an information sharing request in a group session interface of instant messaging;

a first sending module, configured to send solicitation information to an authority granter of target information indicated by the information sharing request according to existence of a specific user in the group, where the solicitation information is used to ask whether to open an access authority of the target information for the specific user;

the first processing module is used for acquiring a feedback instruction of the authority grantor for the request information and controlling the access authority according to the feedback instruction indicating information service end;

and the sharing module is used for sharing the target information according to the control result of the access authority.

In a third aspect, an embodiment of the present invention provides an electronic device, which includes a memory and a processor, where the memory stores a computer program, and the processor implements the steps of the method for controlling information access provided in the first aspect of the embodiment of the present invention when executing the computer program.

In a fourth aspect, an embodiment of the present invention provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the steps of the method for controlling information access provided in the first aspect of the embodiment of the present invention.

The method, the device, the equipment and the storage medium for controlling information access provided by the embodiment of the invention receive an information sharing request in a group session interface of instant messaging, send request information to an authority granter of target information according to the existence condition of a specific user in a group, acquire a feedback instruction of the authority granter for the request information, instruct an information service terminal to control the access authority according to the feedback instruction, and further share the target information according to a control result of the access authority. When target information is shared in an instant messaging group session interface, the electronic device can actively send request information to a permission granter of the target information based on the existence condition of a specific user in a group to ask whether to open the access permission of the target information for the specific user, that is, when information authorization needs to be carried out for the specific user in an instant messaging group session process, the electronic device can actively apply the access permission of the target information for the specific user, namely, the permission application and permission control of the information are embedded into the group session process, and two originally independent systems (the two systems are instant messaging and information permission management systems) are opened, so that the specific user can access the target information more conveniently, and the information access efficiency is improved.

Drawings

The above and other features, advantages, and aspects of embodiments of the present disclosure will become more apparent by referring to the following detailed description when taken in conjunction with the accompanying drawings. Throughout the drawings, the same or similar reference numbers refer to the same or similar elements. It should be understood that the drawings are schematic and that elements and features are not necessarily drawn to scale.

Fig. 1 is a system architecture diagram applicable to the method for controlling information access according to the embodiment of the present invention;

fig. 2 is a schematic flowchart of a method for controlling information access according to an embodiment of the present invention;

fig. 3 is a schematic view of a pop-up window according to an embodiment of the present invention;

FIG. 4 is a schematic view of another pop-up window provided in the embodiments of the present invention;

fig. 5 is a schematic flowchart of sending request information to a right granter of target information according to an embodiment of the present invention;

fig. 6 is another schematic flow chart of sending request information to an authority granter of target information according to the embodiment of the present invention;

fig. 7 is a schematic structural diagram of a control device for information access according to an embodiment of the present invention;

fig. 8 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.

Detailed Description

Embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While certain embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be construed as limited to the embodiments set forth herein, but rather are provided for a more complete and thorough understanding of the present disclosure. It should be understood that the drawings and embodiments of the disclosure are for illustration purposes only and are not intended to limit the scope of the disclosure.

It should be understood that the various steps recited in the method embodiments of the present disclosure may be performed in a different order, and/or performed in parallel. Moreover, method embodiments may include additional steps and/or omit performing the illustrated steps. The scope of the present disclosure is not limited in this respect.

The term "include" and variations thereof as used herein are open-ended, i.e., "including but not limited to". The term "based on" is "based at least in part on". The term "one embodiment" means "at least one embodiment"; the term "another embodiment" means "at least one additional embodiment"; the term "some embodiments" means "at least some embodiments". Relevant definitions for other terms will be given in the following description.

It should be noted that the terms "first", "second", and the like in the present disclosure are only used for distinguishing different devices, modules or units, and are not used for limiting the order or interdependence of the functions performed by the devices, modules or units.

It is noted that references to "a", "an", and "the" modifications in this disclosure are intended to be illustrative rather than limiting, and that those skilled in the art will recognize that "one or more" may be used unless the context clearly dictates otherwise.

The names of messages or information exchanged between devices in the embodiments of the present disclosure are for illustrative purposes only, and are not intended to limit the scope of the messages or information.

Fig. 1 is a system architecture diagram applicable to the method for controlling information access according to the embodiment of the present invention. As shown in fig. 1, the system may include a group client 101 for instant messaging, a group server 102 for instant messaging, and an information server 103 in an information authority management system. The group server 102 is electrically connected to the group client 101 and the information server 103, respectively. The group clients 101 may join in the group session of the instant messaging as needed, and the first group client 101 joining in the group session may access the target information shared by the group server 102. The information server 103 is configured to store various information that needs to be accessed in instant messaging, and manage access rights of the various information. Optionally, the group client 101 may be a terminal such as a mobile phone, a notebook computer, a tablet computer, and a personal digital assistant, which has data processing capability and can perform information interaction with other devices, the group server 102 may be an independent server or a server cluster formed by a plurality of servers, and the information server 103 may also be an independent server or a server cluster formed by a plurality of servers, and the specific forms of the group client 101, the group server 102, and the information server 103 are not limited in the embodiment of the present invention.

In order to make the objects, technical solutions and advantages of the present invention more apparent, embodiments of the present invention will be described in detail below with reference to the accompanying drawings. It should be noted that the embodiments and features of the embodiments of the present invention may be arbitrarily combined with each other without conflict.

It should be noted that the execution subject of the method embodiments described below may be a control device for information access, and the device may be implemented as part or all of an electronic device (such as the group service end 102 described above) by software, hardware, or a combination of software and hardware. The following method embodiments are described taking as an example that the execution subject is an electronic device.

Fig. 2 is a schematic flowchart of a method for controlling information access according to an embodiment of the present invention. The embodiment relates to a specific process of how the electronic device controls the access right of the target information for a specific user in the process of sharing the target information. As shown in fig. 2, the method may include:

s201, receiving an information sharing request in a group session interface of instant messaging.

In practical application, people can communicate information in a group form. In order to facilitate communication of information, the group client can join in the group session of instant messaging according to needs. Meanwhile, in order to further facilitate information communication, the instant messaging may also support a sharing function, the electronic device may share target information required for the communication in a group session interface through the sharing function, and each group client may communicate based on the target information shared in the group session interface. Optionally, the group may be a teleconference, the group session interface may be a teleconference interface, and the members in the group are at least part of participants of the teleconference. Taking a group as a teleconference as an example, each participating terminal may join in the teleconference, and one of the participating terminals (such as an organization terminal of the teleconference) may share a target document to be discussed in the teleconference, and take the target document as a discussion topic of the teleconference to participate in the discussion.

Optionally, an information sharing control may be set in the group session interface of the instant messaging. When information sharing is needed, the information sharer can input the identification of the target information needing to be shared in the group session interface based on a search function or other information input functions provided in the group session interface, and trigger an information sharing control in the group session interface. At this time, after detecting the triggering operation of the information sharer on the information sharing control, the group client may generate an information sharing request according to the identifier of the acquired target information, and send the information sharing request to the group server. After receiving the information sharing request of the group client, the group server needs to determine whether the target information indicated by the information sharing request has the sharing authority from the information server. If the authority of the target information in the information service end is not allowed to be shared, the electronic equipment returns error notification information to the group client so as to notify the group client that the target information cannot be shared. If the authority of the target information in the information service end is allowed to be shared, the group service end also needs to authenticate the members in the group to determine whether each member has the access authority of the target information. Generally, the member having the same organization identifier as the sharer of the target information has the access right of the target information, and the user can be directly authorized in the information server. However, a member who does not have the same organization identifier as the sharer of the target information generally does not have access rights to the target information. For this reason, temporary access rights need to be opened for such users. Optionally, the target information may include at least one of a video, a document, a picture, and a voice.

S202, sending request information to the authority grantor of the target information indicated by the information sharing request according to the existence condition of the specific user in the group.

Optionally, the specific user has logged in the instant messaging and has a different organization identifier from the target information sharer, for example, the specific user and the sharer do not belong to the same tenant or the same organization, or the specific user does not log in the instant messaging, that is, the specific user may join the group session after logging in the instant messaging or join the group session without logging in the instant messaging. The request information is used for requesting whether to open the access right of the target information for the specific user. The authority grantor can manage the access authority of the target information.

For such specific users, since the specific users also need to communicate with other participants in the group session by using the target information as a discussion topic, temporary access rights for the target information need to be applied for such users. Therefore, the electronic device can send request information to the authority grantor of the target information based on the existence condition of the specific user in the group so as to ask whether the authority grantor opens the access authority of the target information for the specific user. Optionally, the electronic device may send the solicitation information to the authority grantor of the target information by means of a hyperlink or a popup. Taking the example that the electronic device sends the request information to the authority granter of the target information in a pop-up window manner, as shown in fig. 3, the content title in the pop-up window may be: and if the group has a specific user, whether the access authority of the target information is opened for the specific user or not is judged. Meanwhile, the popup window may further include two selection controls provided for the content title, where one of the selection controls is "yes" and is used to indicate that the access right to open the target information for the specific user is open, and the other selection control is "no" and is used to indicate that the access right to open the target information for the specific user is denied. The permission grantor can perform trigger operation on the corresponding selection control so as to send a corresponding feedback instruction to the electronic device.

S203, obtaining a feedback instruction of the authority grantor for the request information, and indicating an information service end to control the access authority according to the feedback instruction.

Specifically, after the permission grantor receives the request message, the permission grantor can determine whether the access permission of the specific user needs to be authorized, and reply a feedback instruction to the electronic device. The feedback command may be a confirm command or a deny command. The confirmation instruction is used for expressing the access authority for opening the target information for the specific user, and the denial instruction is used for expressing the access authority for refusing opening the target information for the specific user. Certainly, in practical applications, the electronic device may also set a receiving duration, and if the receiving duration is exceeded and the electronic device still does not receive the feedback instruction returned by the permission grantor, the electronic device determines to obtain the confirmation instruction. After the feedback instruction replied by the authority granter is obtained, the electronic equipment can indicate the information service end to control the access authority of the target information according to the feedback instruction.

Optionally, when the feedback instruction is a confirmation instruction, the electronic device instructs the information service end to open the access right of the target information for the specific user; when the feedback instruction is a denial instruction, the electronic equipment does not send any indication information to the information service end, namely, authorization of access authority of the target information for the specific user is refused, and at the moment, the specific user still cannot access the target information.

And S204, sharing the target information according to the control result of the access authority.

After the information server opens the access right of the target information for the specific user, the electronic equipment can share the target information with the specific user in the group. If the authority grantor refuses to open the access authority of the target information for the specific user, the electronic equipment does not share the target information with the specific user in the group, namely the specific user cannot access the target information.

The method for controlling information access provided by the embodiment of the invention receives an information sharing request in a group session interface of instant messaging, sends request information to an authority granter of target information according to the existence condition of a specific user in a group, acquires a feedback instruction of the authority granter for the request information, controls the access authority according to the feedback instruction, and further shares the target information according to the control result of the access authority. When target information is shared in an instant messaging group session interface, the electronic equipment can actively send request information to a permission granter of the target information based on the existence condition of a specific user in a group, so as to ask whether to open the access permission of the target information for the specific user, namely, when information authorization needs to be carried out for the specific user in an instant messaging group session process, the electronic equipment can actively apply the access permission of the target information for the specific user, namely, the permission application and permission control of the information are embedded into the group session process, and two originally mutually independent systems (the two systems are instant messaging and information permission management systems) are opened, so that the specific user can access the target information more conveniently, and the information access efficiency is improved.

In practical applications, the sharer of the target information may be the same as or different from the authority grantor of the target information. For this case, the process described with reference to the following embodiment may be used to apply for the access right of the target information for a specific user. On the basis of the foregoing embodiment, as an optional implementation manner, the process of sending the request information to the authority granter of the target information in S202 may be: and when the sharer of the target information is the same as the authority granter, sending first request information to the sharer, wherein the first request information is used for requesting the sharer whether to open the access authority of the target information for the specific user.

Specifically, in the case that the sharer of the target information is the same as the authority grantor, it indicates that the authority grantor also participates in the group session and the authority grantor is the sharer of the target information, so that the sharer has the management right of the access authority of the target information. At this time, the electronic device may directly send the first request information to the sharer of the target information to request whether the sharer of the target information opens the access right of the target information for the specific user. Optionally, the electronic device may display the first solicitation information within the group session interface. Therefore, the sharer can acquire the sent request information without switching the group session interface, so that the sharer can quickly authorize the access authority of the request information, the authorization efficiency of the access authority of a specific user is improved, and the communication efficiency of the group is improved. The electronic device may send the first request information to the sharer in a hyperlink or a popup manner in the group session interface of the sharer, where the first request information may be as shown in fig. 3, for example, in a popup manner.

After receiving the first request message, the sharer can decide whether to authorize the access right of the specific user, and reply a feedback instruction to the electronic device. And when the feedback instruction is a confirmation instruction, the electronic equipment indicates the information server to open the access authority of the target information for the specific user according to the feedback instruction. And when the feedback instruction is a denial instruction, the electronic equipment refuses the authorization of the access authority of the target information for the specific user.

As another optional implementation manner, the process of sending the request message to the authority granter of the target message in S202 may be: when the sharer of the target information is different from the authority grantor, sending second request information to the sharer; and acquiring a confirmation instruction of the sharer for the second request information, calling a message notification interface of an information service terminal according to the confirmation instruction, and sending third request information to the authority granter, wherein the second request information is used for asking the sharer whether to request the authority granter to open the access authority of the target information for the specific user, and the third request information is used for asking the authority granter whether to open the access authority of the target information for the specific user.

Specifically, in the case where the sharer of the target information is different from the authority grantor, only the authority grantor has the management right of the access authority of the target information. Therefore, the electronic device may first send the second request information to the sharer of the target information to request whether the sharer of the target information requests the authority granter to open the access authority of the target information for the specific user. After the confirmation instruction of the sharer for the second request information is obtained, the electronic equipment continues to call the message notification interface of the information service end according to the confirmation instruction, and sends third request information to the permission granter through the message notification interface so as to ask whether the permission granter starts the access permission of the target information for the specific user. Optionally, the electronic device may display the second solicitation information within the group session interface. Therefore, the sharer can acquire the sent request information without switching the group session interface, so that the sharer can quickly feed back the request information, the authorization efficiency of the access authority of a specific user is improved, and the communication efficiency of the group is improved. In addition, the third solicitation information may be carried in a bot message. The authority grantor can reply a feedback instruction to the bot message, and at the moment, the electronic equipment can instruct the information service end to control the access authority of the target information according to the feedback instruction replied by the authority grantor.

When a denial instruction of the sharer for the second request information is acquired, the electronic equipment does not send any information to the authorization grantor, and at the moment, the specific user cannot access the target information. Taking the example that the electronic device sends the second request information to the sharer in a pop-up window manner, as shown in fig. 4, the content title in the pop-up window displayed in the group session interface of the sharer may be: and if the group has a specific user, the authority grantor is requested to open the access authority of the target information for the specific user. Meanwhile, the popup window may further include two selection controls provided for the content title, where one of the selection controls is "yes" and is used to indicate that the request permission granter opens the access permission of the target information for the specific user, and the other selection control is "no" and is used to indicate that the request permission granter refuses to open the access permission of the target information for the specific user.

Of course, when the sharer of the target information is different from the authority grantor, the electronic device may also directly call the message notification interface of the information service end, and send the request information to the authority grantor to request whether to open the access authority of the target information for the specific user.

In practical applications, after the permission granter opens the access permission of the target information for the specific user, optionally, on the basis of the above embodiment, in order to improve the security of information access, optionally, the method may further include: when the group session is ended, sending fourth request information to the authority authorizer; and acquiring a feedback instruction of the authority granter for the fourth request information, and controlling the access authority by an information service end according to the feedback instruction, wherein the fourth request information is used for requesting whether to close the access authority of the target information for the specific user.

During the sharing of the target information, the authority granter opens the access authority of the target information for the specific user, and in order to prevent the target information from being leaked and improve the safety of information access, the electronic device actively sends fourth request information to the authority granter to request whether to close the access authority of the specific user on the target information or not when the group session is finished. And when a feedback instruction of the authority granter for the fourth request information is obtained, the electronic equipment indicates the information service end to control the access authority of the target information according to the feedback instruction. Optionally, when the feedback instruction is a confirmation instruction, the electronic device instructs the information service end to close the access right of the specific user to the target information. When the feedback instruction is a denial instruction, the electronic equipment does not send any information to the information server, namely, the access authority of the target information is continuously opened for the specific user.

Optionally, when the sharer of the target information is the same as the authority granter, the electronic device may directly send the fourth request information to the sharer. When the sharer of the target information is different from the authority grantor, the electronic device can firstly send fifth request information to the sharer; and acquiring a confirmation instruction of the sharer for the fifth request information, calling a message notification interface of the information server according to the confirmation instruction, and sending sixth request information to the authority grantor, wherein the fifth request information is used for asking the sharer whether to request the authority grantor to close the access authority of the target information for the specific user, and the sixth request information is used for asking the authority grantor whether to close the access authority of the target information for the specific user.

Of course, after the group session is ended, the electronic device may also directly instruct the information service end to close the access right of the specific user to the target information. Therefore, when the next group session is carried out, if a specific user exists in the group or the specific user joins the group, the electronic device also needs to send request information to the authority granter of the target information to request whether to open the temporary access authority for the specific user, so that the safety of information access is improved.

In the embodiment, the electronic device can send the solicitation information to the authority grantor in a corresponding manner according to different conditions of whether the target information sharer is the authority grantor of the target information, namely, under different conditions, the authority application and the authority control of the information can be embedded into the group conversation process, two originally independent systems are opened, the target information can be accessed by a specific user more conveniently, and the information access efficiency is further improved.

In practical applications, there is also a case where a specific user is already present in the group when the electronic devices share the target information, and for this case, the solicitation information may be sent to the authority granter according to the procedure of the following embodiment. On the basis of the foregoing embodiment, optionally, as shown in fig. 5, the foregoing S202 may include:

s501, determining whether a specific user exists in the group.

Specifically, the user joining the group session may be an authorized user having the access right to the target information, or may be a specific user not having the access right to the target information. For an authorized user, he may first access the target information. For a specific user, the specific user may not access the target information because it does not have access rights for the target information. In order to ensure the security of accessing the target information and to enable each user participating in the group session to communicate based on the target information, the electronic device needs to determine whether a specific user exists in the group.

Alternatively, the process of determining a specific user in the group may be: matching the user identification of each user in the group with the access authority set corresponding to the target information; and determining the user corresponding to the unmatched user identification as the specific user, wherein the access authority set comprises the user identification of the authorized user with the access authority of the target information.

The electronic device may establish a corresponding access right set for the target information in advance, so as to store the user identifier of the authorized user having the access right of the target information. The user identifier may be an account of the user or an identifier of a group to which the user belongs (for example, an identifier of a company in which the user is located, and users belonging to the same company have the same user identifier). In this way, the electronic device can match the user identifier of each user in the group with the access right set, and determine the user corresponding to the user identifier that is not matched as the specific user.

And S502, if the target information exists, sending request information to the authority grantor of the target information.

Wherein, when it is determined that a specific user without access right exists in the group, the electronic device may send request information to a right granter of the target information. Optionally, under the condition that the sharer of the target information is the same as the authority grantor, the electronic device may directly send the request information to the sharer of the target information to request the sharer whether to open the access authority of the target information for the specific user, or to directly open the access authority of the target information for the specific user. In addition, the electronic device may also send a prompt message to the sharer to prompt that access rights of the target information to the specific user are allowed to be closed after the group session is ended.

Optionally, when the sharer of the target information is different from the authority granter, the electronic device may send the second request information to the sharer, obtain a confirmation instruction of the sharer for the second request information, call a message notification interface of the information service end according to the confirmation instruction, and send the third request information to the authority granter, where the second request information is used to ask the sharer whether to request the authority granter to open the access authority of the target information for the specific user, and the third request information is used to ask the authority granter whether to open the access authority of the target information for the specific user.

There is also another case where a specific user joins the group during the sharing of the target information, and for this case, the solicitation information may be transmitted to the authority granter according to the procedure of the following embodiment. On the basis of the foregoing embodiment, optionally, as shown in fig. 6, the foregoing S202 may include:

s601, when the current user joins the group, determining whether the current user is a specific user.

Wherein the current user is a user joining in the group session during the sharing of the target information. In order to ensure the security of target information access and enable each user joining the group to communicate based on the target information, the electronic device needs to determine whether the current user is a specific user when the current user joins the group. If the current user is determined to be the specific user, the electronic device does not allow the specific user to access the target information, and needs to apply temporary access authority for the specific user.

Optionally, the process of the electronic device determining that the current user is the specific user may be: and matching the user identification of the current user with the access authority set corresponding to the target information, and determining the current user as a specific user under the condition of no matching.

And S602, if yes, sending request information to the authority grantor of the target information.

When the current user is determined to be the specific user, the electronic device can send the request information to the authority granter of the target information. Optionally, under the condition that the sharer of the target information is the same as the authority grantor, the electronic device may directly send the request information to the sharer of the target information to request the sharer whether to open the access authority of the target information for the specific user, or to directly open the access authority of the target information for the specific user. Optionally, when the sharer of the target information is different from the authority grantor, the electronic device may send second request information to the sharer, obtain a confirmation instruction of the sharer for the second request information, call a message notification interface of the information service end according to the confirmation instruction, and send third request information to the authority grantor, where the second request information is used to ask the sharer whether to request the authority grantor to open the access authority of the target information for the specific user, and the third request information is used to ask the authority grantor whether to open the access authority of the target information for the specific user.

On the basis of the foregoing embodiment, optionally, before the foregoing S202, the method may further include: and determining the authority grantor of the target information.

The electronic device can send a query request to the information server and receive a response of the information server to the query request. The query request is used for requesting an authority grantor of target information, and the reply response carries information of the authority grantor.

As another alternative, the process of the electronic device determining the authority grantor of the target information may be: and determining the creator or the uploader of the target information as the authority granter of the target information.

The users participating in the group session can create target information which needs to be shared during the group session by themselves, at this time, each user can edit the shared target information during the group session, and at this time, the electronic device can determine a creator for creating the target information as an authority granter of the target information. Of course, the users participating in the group user may also select and upload the target information from the local storage. At this time, the electronic device determines the uploader who uploads the target information as the authority granter of the target information.

In practical application, the specific user may be a user who has logged in the instant messaging and has a different organization identifier from the sharer of the target information, or may be a user who has not logged in the instant messaging. In particular implementations, different levels of access rights may be set for different types of particular users. For example, for a user who has logged in instant messaging, when the electronic device receives a determination instruction of an authority granter for requesting information, the electronic device instructs the information server to open external access authority, so that a specific user who has logged in instant messaging can access target information. For the users who do not log in the instant messaging, when the electronic equipment receives a determination instruction of the authority grantor for requesting information, the electronic equipment instructs the information server to open the internet access authority, and at the moment, the specific users who do not log in the instant messaging or the specific users who do not log in the instant messaging can access the target information.

In this embodiment, the electronic device may send the request information to the permission grantor in a corresponding manner for a situation that a specific user exists in the group when the target information is shared and a situation that the specific user joins the group during the target information sharing, that is, under different situations, permission application and permission control of the information can be embedded into a group session flow, and two systems that are originally independent from each other are opened, so that the target information is accessed by the specific user more conveniently, and the efficiency of information access is further improved.

Fig. 7 is a schematic structural diagram of a control apparatus for information access according to an embodiment of the present invention. As shown in fig. 7, the apparatus may include: a receiving module 701, a first sending module 702, a first processing module 703 and a sharing module 704.

Specifically, the receiving module 701 is configured to receive an information sharing request in a group session interface of instant messaging;

the first sending module 702 is configured to send request information to an authority granter of target information indicated by the information sharing request according to the existence of a specific user in the group, where the request information is used to request whether to open an access authority of the target information for the specific user;

the first processing module 703 is configured to obtain a feedback instruction of the permission grantor for the request information, and control the access permission according to an instruction of the feedback instruction by the information server;

a sharing module 704, configured to share the target information according to the control result of the access right.

The control device for information access provided by the embodiment of the invention receives an information sharing request in a group session interface of instant messaging, sends request information to an authority granter of target information according to the existence condition of a specific user in a group, acquires a feedback instruction of the authority granter for the request information, instructs an information service end to control the access authority according to the feedback instruction, and further shares the target information according to the control result of the access authority. When target information is shared in an instant messaging group session interface, the electronic device can actively send request information to a permission granter of the target information based on the existence condition of a specific user in a group to ask whether to open the access permission of the target information for the specific user, that is, when information authorization needs to be carried out for the specific user in an instant messaging group session process, the electronic device can actively apply the access permission of the target information for the specific user, namely, the permission application and permission control of the information are embedded into the group session process, and two originally independent systems (the two systems are instant messaging and information permission management systems) are opened, so that the specific user can access the target information more conveniently, and the information access efficiency is improved.

Based on the foregoing embodiment, optionally, the first sending module 702 is specifically configured to send first request information to the sharer when the sharer of the target information is the same as the authority grantor, where the first request information is used to request the sharer whether to open the access authority of the target information for the specific user.

Optionally, the apparatus further comprises: a first display module;

specifically, the first display module is configured to display the first request information in the group session interface. On the basis of the foregoing embodiment, optionally, the first sending module 702 is specifically configured to send the second request message to the sharer when the sharer of the target message is different from the authority granter; and acquiring a confirmation instruction of the sharer for the second request information, calling a message notification interface of an information service terminal according to the confirmation instruction, and sending third request information to the authority granter, wherein the second request information is used for asking the sharer whether to request the authority granter to open the access authority of the target information for the specific user, and the third request information is used for asking the authority granter whether to open the access authority of the target information for the specific user.

Optionally, the apparatus further comprises: a second display module;

specifically, the second display module is configured to display the second solicitation information in the group session interface. On the basis of the foregoing embodiment, optionally, the first sending module 702 may include: a first determining unit and a first sending unit.

Specifically, the first determining unit is configured to determine whether a specific user exists in the group;

the first sending unit is used for sending request information to the authority grantor of the target information when the first determining unit determines that the specific user exists in the group.

On the basis of the foregoing embodiment, optionally, the first determining unit is specifically configured to match a user identifier of each user in the group with the access right set corresponding to the target information; and determining the user corresponding to the unmatched user identification as the specific user, wherein the access authority set comprises the user identification of the authorized user with the access authority of the target information.

On the basis of the foregoing embodiment, optionally, the first sending module 702 may include: a second determining unit and a second transmitting unit.

Specifically, the second determining unit is configured to determine whether the current user is a specific user when the current user joins the group;

the second sending unit is used for sending request information to the authority grantor of the target information when the second determining unit determines that the current user is the specific user.

On the basis of the above embodiment, optionally, the apparatus further includes: the device comprises a second sending module and a second processing module.

Specifically, the second sending module is configured to send fourth request information to the authority authorizer when the group session is ended, where the fourth request information is used to request whether to close the access authority of the target information for the specific user;

the second processing module is used for acquiring a feedback instruction of the authority grantor for the fourth request information, and instructing an information service end to control the access authority according to the feedback instruction.

On the basis of the above embodiment, optionally, the apparatus further includes: and determining a module.

Specifically, the determining module is configured to determine the authority granter of the target information before the first sending module 702 sends the solicitation information to the authority granter of the target information according to the existence condition of the specific user in the group.

On the basis of the foregoing embodiment, optionally, the determining module is specifically configured to determine a creator or an uploader of the target information as an authority granter of the target information.

On the basis of the foregoing embodiment, optionally, the first sending module 702 is specifically configured to send solicitation information to the authority grantor of the target information in a manner of hyperlink or pop-up window.

Optionally, the specific user has logged in the instant messaging and has a different organization identifier from the sharer of the target information, or the specific user has not logged in the instant messaging.

Optionally, the target information includes at least one of a video, a document, a picture, and a voice.

Optionally, the group session interface is a remote conference interface; the members of the group are at least a portion of participants of a teleconference.

Referring now to fig. 8, shown is a schematic diagram of an electronic device 800 (such as the group server described above) suitable for use in implementing embodiments of the present disclosure. The electronic devices in the embodiments of the present disclosure may also include, but are not limited to, mobile terminals such as mobile phones, notebook computers, digital broadcast receivers, PDAs (personal digital assistants), PADs (tablet computers), PMPs (portable multimedia players), in-vehicle terminals (e.g., in-vehicle navigation terminals), and the like, and fixed terminals such as digital TVs, desktop computers, and the like. The electronic device shown in fig. 8 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present disclosure.

As shown in fig. 8, electronic device 800 may include a processing means (e.g., central processing unit, graphics processor, etc.) 801 that may perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)802 or a program loaded from a storage means 806 into a Random Access Memory (RAM) 803. In the RAM803, various programs and data necessary for the operation of the electronic apparatus 800 are also stored. The processing apparatus 801, the ROM 802, and the RAM803 are connected to each other by a bus 804. An input/output (I/O) interface 805 is also connected to bus 804.

Generally, the following devices may be connected to the I/O interface 805: input devices 806 including, for example, a touch screen, touch pad, keyboard, mouse, camera, microphone, accelerometer, gyroscope, etc.; output devices 807 including, for example, a Liquid Crystal Display (LCD), speakers, vibrators, or the like; storage 806 including, for example, magnetic tape, hard disk, etc.; and a communication device 809. The communication means 809 may allow the electronic device 800 to communicate wirelessly or by wire with other devices to exchange data. While fig. 8 illustrates an electronic device 800 having various means, it is to be understood that not all illustrated means are required to be implemented or provided. More or fewer devices may alternatively be implemented or provided.

In particular, according to an embodiment of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program carried on a non-transitory computer readable medium, the computer program containing program code for performing the method illustrated by the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network via the communication means 809, or installed from the storage means 806, or installed from the ROM 802. The computer program, when executed by the processing apparatus 801, performs the above-described functions defined in the methods of the embodiments of the present disclosure.

It should be noted that the computer readable medium in the present disclosure can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In contrast, in the present disclosure, a computer readable signal medium may comprise a propagated data signal with computer readable program code embodied therein, either in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, optical cables, RF (radio frequency), etc., or any suitable combination of the foregoing.

In some embodiments, the clients, servers may communicate using any currently known or future developed network Protocol, such as HTTP (HyperText Transfer Protocol), and may be interconnected with any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include a local area network ("LAN"), a wide area network ("WAN"), the Internet (e.g., the Internet), and peer-to-peer networks (e.g., ad hoc peer-to-peer networks), as well as any currently known or future developed network.

The computer readable medium may be embodied in the electronic device; or may exist separately without being assembled into the electronic device.

The computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to: acquiring at least two internet protocol addresses; sending a node evaluation request comprising the at least two internet protocol addresses to node evaluation equipment, wherein the node evaluation equipment selects the internet protocol addresses from the at least two internet protocol addresses and returns the internet protocol addresses; receiving an internet protocol address returned by the node evaluation equipment; wherein the obtained internet protocol address indicates an edge node in the content distribution network.

Alternatively, the computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to: receiving a node evaluation request comprising at least two internet protocol addresses; selecting an internet protocol address from the at least two internet protocol addresses; returning the selected internet protocol address; wherein the received internet protocol address indicates an edge node in the content distribution network.

Computer program code for carrying out operations for the present disclosure may be written in any combination of one or more programming languages, including but not limited to an object oriented programming language such as Java, Smalltalk, C + +, and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).

The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.

The units described in the embodiments of the present disclosure may be implemented by software or hardware. Where the name of a unit does not in some cases constitute a limitation of the unit itself, for example, the first obtaining unit may also be described as a "unit obtaining at least two internet protocol addresses".

The functions described herein above may be performed, at least in part, by one or more hardware logic components. For example, without limitation, exemplary types of hardware logic components that may be used include: field Programmable Gate Arrays (FPGAs), Application Specific Integrated Circuits (ASICs), Application Specific Standard Products (ASSPs), systems on a chip (SOCs), Complex Programmable Logic Devices (CPLDs), and the like.

In the context of this disclosure, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. A machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.

In one embodiment, there is also provided an electronic device comprising a memory and a processor, the memory storing a computer program, the processor implementing the following steps when executing the computer program:

sending request information to an authority granter of target information indicated by the information sharing request according to the existence condition of a specific user in the group, wherein the request information is used for asking whether the access authority of the target information for the specific user needs to be opened or not;

acquiring a feedback instruction of the authority grantor for the request information, and controlling the access authority by an information service end according to the feedback instruction;

In one embodiment, the processor when executing the computer program further performs the steps of: and when the sharer of the target information is the same as the authority grantor, sending first request information to the sharer, wherein the first request information is used for requesting the sharer whether to open the access authority of the target information for the specific user.

In one embodiment, the processor when executing the computer program further performs the steps of: and displaying the first solicitation information in the group session interface.

In one embodiment, the processor, when executing the computer program, further performs the steps of: when the sharer of the target information is different from the authority grantor, sending second request information to the sharer; and acquiring a confirmation instruction of the sharer for the second request information, calling a message notification interface of an information service terminal according to the confirmation instruction, and sending third request information to the authority granter, wherein the second request information is used for asking the sharer whether to request the authority granter to open the access authority of the target information for the specific user, and the third request information is used for asking the authority granter whether to open the access authority of the target information for the specific user.

In one embodiment, the processor when executing the computer program further performs the steps of: and displaying the second request information in the group session interface.

In one embodiment, the processor, when executing the computer program, further performs the steps of: determining whether a particular user is present in the group; and if so, sending request information to the authority grantor of the target information.

In one embodiment, the processor when executing the computer program further performs the steps of: matching the user identification of each user in the group with the access authority set corresponding to the target information; and determining the user corresponding to the unmatched user identification as the specific user, wherein the access authority set comprises the user identification of the authorized user with the access authority of the target information.

In one embodiment, the processor, when executing the computer program, further performs the steps of: when a current user joins the group, determining whether the current user is a specific user; and if so, sending request information to the authority grantor of the target information.

In one embodiment, the processor, when executing the computer program, further performs the steps of: when the group session is ended, sending fourth request information to the authority authorizer; and obtaining a feedback instruction of the authority grantor for the fourth request information, and instructing an information service end to control the access authority according to the feedback instruction, wherein the fourth request information is used for requesting whether to close the access authority of the target information for the specific user.

In one embodiment, the processor, when executing the computer program, further performs the steps of: and determining the authority grantor of the target information.

In one embodiment, the processor, when executing the computer program, further performs the steps of: and determining the creator or the uploader of the target information as the authority granter of the target information.

In one embodiment, the processor, when executing the computer program, further performs the steps of: and sending request information to the authority grantor of the target information in a hyperlink or popup mode.

In one embodiment, there is also provided a computer readable storage medium having a computer program stored thereon, the computer program when executed by a processor implementing the steps of:

The control device, the apparatus and the storage medium for information access provided in the above embodiments may execute the control method for information access provided in any embodiment of the present invention, and have corresponding functional modules and beneficial effects for executing the method. Technical details that are not described in detail in the above embodiments may be referred to a control method of information access provided in any embodiment of the present invention.

According to one or more embodiments of the present disclosure, there is provided an information access control method including:

According to one or more embodiments of the present disclosure, there is provided the above method for controlling information access, further including: and when the target information sharer is the same as the authority granter, sending first request information to the sharer, wherein the first request information is used for requesting the sharer whether to open the access authority of the target information for the specific user.

According to one or more embodiments of the present disclosure, there is provided the above method for controlling information access, further including: and displaying the first solicitation information in the group session interface.

According to one or more embodiments of the present disclosure, there is provided the above information access control method, further including: when the sharer of the target information is different from the authority grantor, sending second request information to the sharer; and acquiring a confirmation instruction of the sharer for the second request information, calling a message notification interface of an information service terminal according to the confirmation instruction, and sending third request information to the authority granter, wherein the second request information is used for asking the sharer whether to request the authority granter to open the access authority of the target information for the specific user, and the third request information is used for asking the authority granter whether to open the access authority of the target information for the specific user.

According to one or more embodiments of the present disclosure, there is provided the above information access control method, further including: and displaying the second solicitation information in the group session interface.

According to one or more embodiments of the present disclosure, there is provided the above information access control method, further including: determining whether a particular user is present in the group; and if so, sending request information to the authority grantor of the target information.

According to one or more embodiments of the present disclosure, there is provided the above information access control method, further including: matching the user identification of each user in the group with the access authority set corresponding to the target information; and determining the user corresponding to the unmatched user identification as the specific user, wherein the access authority set comprises the user identification of the authorized user with the access authority of the target information.

According to one or more embodiments of the present disclosure, there is provided the above method for controlling information access, further including: when a current user joins the group, determining whether the current user is a specific user; and if so, sending request information to the authority grantor of the target information.

According to one or more embodiments of the present disclosure, there is provided the above information access control method, further including: when the group session is ended, sending fourth request information to the authority authorizer; and acquiring a feedback instruction of the authority granter for the fourth request information, and controlling the access authority by an information service end according to the feedback instruction, wherein the fourth request information is used for requesting whether to close the access authority of the target information for the specific user.

According to one or more embodiments of the present disclosure, there is provided the above method for controlling information access, further including: and determining the authority grantor of the target information.

According to one or more embodiments of the present disclosure, there is provided the above method for controlling information access, further including: and determining the creator or the uploader of the target information as the authority granter of the target information.

According to one or more embodiments of the present disclosure, there is provided the above method for controlling information access, further including: and sending request information to the authority grantor of the target information in a hyperlink or popup mode.

The foregoing description is only exemplary of the preferred embodiments of the disclosure and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the disclosure herein is not limited to the particular combination of features described above, but also encompasses other combinations of features described above or equivalents thereof without departing from the spirit of the disclosure. For example, the above features and the technical features disclosed in the present disclosure (but not limited to) having similar functions are replaced with each other to form the technical solution.

Further, while operations are depicted in a particular order, this should not be understood as requiring that such operations be performed in the particular order shown or in sequential order. Under certain circumstances, multitasking and parallel processing may be advantageous. Likewise, while several specific implementation details are included in the above discussion, these should not be construed as limitations on the scope of the disclosure. Certain features that are described in the context of separate embodiments can also be implemented in combination in a single embodiment. Conversely, various features that are described in the context of a single embodiment can also be implemented in multiple embodiments separately or in any suitable subcombination.

Although the subject matter has been described in language specific to structural features and/or methodological acts, it is to be understood that the subject matter defined in the appended claims is not necessarily limited to the specific features or acts described above. Rather, the specific features and acts described above are disclosed as example forms of implementing the claims.

Claims

1. A method for controlling access to information, comprising:

receiving an information sharing request in a group session interface of instant messaging, wherein the information sharing request is used for requesting to share target information in the group session interface;

determining whether the target information indicated by the information sharing request has sharing authority;

if the target information has sharing authority, directly authorizing members in the group, which have the same organization identification as the sharer of the target information, in an information server;

2. The method according to claim 1, wherein the sending request information to the authority grantor of the target information indicated by the information sharing request comprises:

and when the sharer of the target information is the same as the authority grantor, sending first request information to the sharer, wherein the first request information is used for requesting the sharer whether to open the access authority of the target information for the specific user.

3. The method of claim 2, further comprising:

and displaying the first solicitation information in the group session interface.

4. The method of claim 1, wherein the sending request information to the authority grantor of the target information indicated by the information sharing request comprises:

when the sharer of the target information is different from the authority grantor, sending second request information to the sharer, wherein the second request information is used for asking the sharer whether to request the authority grantor to open the access authority of the target information for the specific user;

and acquiring a confirmation instruction of the sharer for the second request information, calling a message notification interface of an information server according to the confirmation instruction, and sending third request information to the authority grantor, wherein the third request information is used for asking the authority grantor whether to start the access authority of the target information for the specific user.

5. The method of claim 4, further comprising:

and displaying the second solicitation information in the group session interface.

6. The method according to claim 1, wherein the sending a request message to the authority granter of the target information according to the existence of the specific user in the group comprises:

determining whether a particular user is present in the group;

and if so, sending request information to the authority grantor of the target information.

7. The method of claim 6, wherein the determining the specific user in the group comprises:

matching the user identification of each user in the group with an access authority set corresponding to the target information, wherein the access authority set comprises the user identification of an authorized user with the access authority of the target information;

and determining the user corresponding to the unmatched user identification as the specific user.

8. The method of claim 1, wherein sending solicitation information to the rights grantor of the target information according to the existence of the specific user in the group comprises:

when a current user joins the group, determining whether the current user is a specific user;

9. The method of claim 1, further comprising:

when the group session is ended, sending fourth request information to the authority authorizer, wherein the fourth request information is used for requesting whether to close the access authority of the target information for the specific user;

and acquiring a feedback instruction of the authority grantor for the fourth request information, and indicating an information service end to control the access authority according to the feedback instruction.

10. The method according to any one of claims 1 to 9, wherein before sending solicitation information to the rights grantor of the target information according to the presence of a specific user in the group, the method further comprises:

and determining the authority grantor of the target information.

11. The method of claim 10, wherein the determining the authority grantor of the target information comprises:

and determining the creator or the uploader of the target information as the authority grantor of the target information.

12. The method according to any one of claims 1 to 9, wherein the sending of the solicitation information to the authority granter of the target information comprises:

and sending request information to the authority grantor of the target information in a hyperlink or popup mode.

13. The method of any of claims 1-9, wherein the particular user has logged into the instant messaging and has a different organizational identity than a sharer of the target information, or wherein the particular user has not logged into the instant messaging.

14. The method of any one of claims 1 to 9, wherein the target information comprises at least one of video, document, picture, and voice.

15. The method of any of claims 1-9, wherein the group session interface is a teleconferencing interface; the members of the group are at least a portion of participants of a teleconference.

16. An information access control device, comprising:

the system comprises a receiving module, a sending module and a receiving module, wherein the receiving module is used for receiving an information sharing request in a group session interface of instant messaging, and the information sharing request is used for requesting to share target information in the group session interface;

a first sending module, configured to send request information to an authority granter of target information indicated by the information sharing request according to a presence of a specific user in the group, where the request information is used to request whether to open an access authority of the target information for the specific user;

17. An electronic device comprising a memory and a processor, the memory storing a computer program, wherein the processor implements the steps of the method of any one of claims 1 to 15 when executing the computer program.

18. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 15.