CN114584380A - Authority management method, device, equipment and storage medium of multidimensional system platform - Google Patents
Authority management method, device, equipment and storage medium of multidimensional system platform Download PDFInfo
- Publication number
- CN114584380A CN114584380A CN202210225851.0A CN202210225851A CN114584380A CN 114584380 A CN114584380 A CN 114584380A CN 202210225851 A CN202210225851 A CN 202210225851A CN 114584380 A CN114584380 A CN 114584380A
- Authority
- CN
- China
- Prior art keywords
- authority
- role
- system platform
- acquiring
- identification code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000007726 management method Methods 0.000 title claims description 29
- 238000000034 method Methods 0.000 claims abstract description 42
- 230000006870 function Effects 0.000 claims description 90
- 238000004590 computer program Methods 0.000 claims description 14
- 238000012545 processing Methods 0.000 claims description 14
- 230000006978 adaptation Effects 0.000 claims description 13
- 238000013473 artificial intelligence Methods 0.000 abstract description 2
- 238000010586 diagram Methods 0.000 description 7
- 230000008569 process Effects 0.000 description 7
- 238000012795 verification Methods 0.000 description 6
- 238000013507 mapping Methods 0.000 description 5
- 230000001960 triggered effect Effects 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004422 calculation algorithm Methods 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The application relates to the field of artificial intelligence and information security, and provides a method, a device, equipment and a storage medium for managing the authority of a multidimensional system platform, wherein the method comprises the following steps: acquiring the role type of a login user, and acquiring a role identification code list corresponding to the role type; acquiring a plurality of authority identifications of a login user from a role authority table of a multi-dimensional system platform and an external system according to a plurality of role identification codes in a role identification code list; and acquiring the functional module information corresponding to each authority identifier, and generating an authority page corresponding to the login user according to the functional module information corresponding to each authority identifier. According to the method and the device, the independence of each system function authority in the multi-dimensional system platform is improved, and the data security is improved. The present application also relates to the field of blockchain, and the storage medium may store data created according to the use of blockchain nodes.
Description
Technical Field
The present application relates to the field of information security technologies, and in particular, to a method, an apparatus, a device, and a storage medium for managing permissions of a multidimensional system platform.
Background
The multidimensional system platform not only supports a core Service module and an infrastructure public module of the multidimensional system platform, but also supports an external system to be accessed in a Software as a Service (saas) mode, and in order to ensure data security and reliability, functional authority control needs to be performed on a functional module of the multidimensional system platform and a functional module of the accessed external system. At present, a traditional functional authority solution mainly takes users as a center, which roles are owned and which corresponding function points are configured, the function points correspond to specific operation authority points (one-to-one mode) and are used for binding the responsibilities of various service functions, and the ownership authority points are managed in a centralized manner, strong association relations exist among system module authorities, users and roles, the authorities corresponding to all access service systems of different users are difficult to distinguish and control, so that intersection is generated among system function authority data during independent deployment, and complete isolation cannot be achieved.
Disclosure of Invention
The embodiment of the application provides a method, a device, equipment and a storage medium for managing the authority of a multidimensional system platform, and aims to improve the independence of each system function authority in the multidimensional system platform so as to improve the data security.
In a first aspect, an embodiment of the present application provides a method for rights management of a multidimensional system platform, where at least one external system accesses the multidimensional system platform, and the method includes:
acquiring a role type of a login user, and acquiring a role identification code list corresponding to the role type;
acquiring a plurality of authority identifications of the login user from the role authority tables of the multidimensional system platform and the external system according to the plurality of role identification codes in the role identification code list;
and acquiring the functional module information corresponding to each authority identifier, and generating an authority page corresponding to the login user according to the functional module information corresponding to each authority identifier.
In a second aspect, an embodiment of the present application further provides a rights management apparatus for a multidimensional system platform, where at least one external system accesses the multidimensional system platform, and the rights management apparatus for the multidimensional system platform includes:
the list acquisition module is used for acquiring the role type of the login user and acquiring a role identification code list corresponding to the role type;
the authority acquisition module is used for acquiring a plurality of authority identifications of the login user from the role authority tables of the multidimensional system platform and the external system according to a plurality of role identification codes in the role identification code list;
and the page generation module is used for acquiring the functional module information corresponding to each authority identifier and generating the authority page corresponding to the login user according to the functional module information corresponding to each authority identifier.
In a third aspect, an embodiment of the present application further provides a computer device, where the computer device includes a processor, a memory, and a computer program stored on the memory and executable by the processor, where the computer program, when executed by the processor, implements the steps of the method for managing rights of a multidimensional system platform as described above.
In a fourth aspect, the present application further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, where the computer program, when executed by a processor, implements the steps of the method for managing rights of a multidimensional system platform as described above.
The embodiment of the application provides a method, a device, equipment and a storage medium for managing the authority of a multidimensional system platform, wherein the method comprises the steps of acquiring the role type of a login user, acquiring a role identification code list corresponding to the role type, acquiring a plurality of authority identifications of the login user from role authority lists of the multidimensional system platform and an external system according to the plurality of role identification codes in the role identification code list, finally acquiring function module information corresponding to each authority identification, and generating an authority page corresponding to the login user according to the function module information corresponding to each authority identification, so that the independence of the function authorities of each system in the multidimensional system platform can be realized, and the data safety and reliability can be improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic flowchart of a rights management method for a multidimensional system platform according to an embodiment of the present application;
FIG. 2 is a schematic block diagram of a rights management apparatus of a multidimensional system platform according to an embodiment of the present application;
FIG. 3 is a schematic block diagram of sub-modules of the rights management arrangement of the multidimensional system platform of FIG. 2;
fig. 4 is a schematic block diagram of a structure of a computer device according to an embodiment of the present application.
The implementation, functional features and advantages of the objectives of the present application will be further described with reference to the accompanying drawings.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some, but not all, embodiments of the present application. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments in the present application without making any creative effort belong to the protection scope of the present application.
The flow diagrams depicted in the figures are merely illustrative and do not necessarily include all of the elements and operations/steps, nor do they necessarily have to be performed in the order depicted. For example, some operations/steps may be decomposed, combined or partially combined, so that the actual execution sequence may be changed according to the actual situation.
The embodiment of the application provides a method and a device for managing the authority of a multi-dimensional system platform, computer equipment and a storage medium. The authority management method of the multidimensional system platform can be applied to the multidimensional system platform or a server. The server may be an independent server, or may be a cloud server that provides basic cloud computing services such as a cloud service, a cloud database, cloud computing, a cloud function, cloud storage, a Network service, cloud communication, a middleware service, a domain name service, a security service, a Content Delivery Network (CDN), and a big data and artificial intelligence platform.
Some embodiments of the present application will be described in detail below with reference to the accompanying drawings. The embodiments and features of the embodiments described below can be combined with each other without conflict.
Referring to fig. 1, fig. 1 is a flowchart illustrating a rights management method for a multidimensional system platform according to an embodiment of the present disclosure.
As shown in fig. 1, the rights management method of the multidimensional system platform includes steps S101 to S103.
Step S101, obtaining the role type of the login user and obtaining a role identification code list corresponding to the role type.
The multidimensional system platform may include one or more servers, at least one external system is accessed to the multidimensional system platform, the external system may include one or more servers, the external system is different from a network environment where the multidimensional system platform is located, and the external system is accessed to the multidimensional system platform in a Software as a Service (saas) manner.
In an embodiment, a role identification code and a permission identification are allocated to each function module in the multidimensional system platform and each function module in an external system accessed to the multidimensional system platform, and a role permission table of the multidimensional system platform and the external system is established and stored based on the role identification code and the permission identification of each function module in the multidimensional system platform and the role identification code and the permission identification of each function module in the external system. And the role identification code and the authority identification in the role authority table are changed along with the change of the functional module. For example, after a function module is newly added to the multidimensional system platform, the role authority table is added with a role identification code and an authority identification of the newly added function module.
In one embodiment, a first role authority table of the multi-dimensional system platform is established based on the role identification code and the authority identifier of each functional module in the multi-dimensional system platform, a second role authority table of the external system is established based on the role identification code and the authority identifier of each functional module in the external system, and the first role authority table and the second role authority table are stored in the multi-dimensional system platform.
In one embodiment, a login request sent by a terminal device is obtained, and authentication verification is performed on the login request; and when the login request passes the authentication verification, acquiring the role type of the login user from the login request. The server stores a role identification code list of registered users, and different role types correspond to different role identification code lists.
For example, the authentication verification for the login request may be: the method comprises the steps of obtaining a first login account and a first login password in a login request, determining whether a second login account identical to the first login account exists in a database, if so, determining whether a second login password corresponding to the second login account in the database is identical to the first login password, and if so, determining that the login request passes authentication verification.
In one embodiment, a role type adjusting instruction is obtained, and the role type adjusting instruction carries a user identification code; and adjusting the role type corresponding to the user identification code according to the role type adjusting instruction. For example, the role type adjustment instruction also carries a target role type, and the role type corresponding to the user identification code is adjusted to the target role type. Wherein, different role types correspond to different role identification code lists. Wherein the role type adjustment instruction can be manually triggered by a developer. The role type of the login user can be adjusted through the method, so that the authority of the user is adjusted, and the convenience in adjusting the authority of the user is improved.
In one embodiment, a role identification code adjusting instruction is obtained, and the role identification code adjusting instruction carries a role type; and adjusting a role identification code list corresponding to the role type carried by the angle code identification code adjustment instruction according to the role identification code adjustment instruction. Wherein, the character identification code adjusting instruction can be triggered manually by a developer. By the method and the device, the role identification code list of the login user can be adjusted, so that the authority of the user is adjusted, and the convenience in adjusting the authority of the user is improved. For example, if the role identifier adjustment instruction also carries a role identifier that needs to be newly added, the newly added role identifier is added to the role identifier list corresponding to the user identifier. For another example, if the role identifier adjustment instruction also carries the role identifier to be deleted, the role identifier to be deleted is deleted from the role identifier list corresponding to the user identifier.
Step S102, acquiring a plurality of authority identifications of the login user from the role authority tables of the multi-dimensional system platform and the external system according to the plurality of role identification codes in the role identification code list.
Illustratively, according to a plurality of role identification codes in the role identification code list, a plurality of first authority identifications are obtained from a first role authority table of the multidimensional system platform, and one or more second authority identifications are obtained from a second role authority table of the external system. Or, only acquiring the plurality of first authority identifications from the first role authority table of the multi-dimensional system platform. It can be understood that one or more second authority identifiers may be obtained from one or more second role authority tables, where one role identifier corresponds to one authority identifier, and different role identifiers correspond to different authority identifiers.
For example, the role identification code list corresponding to the role type of the login user only includes the role identification code corresponding to the function module a1, the role identification code corresponding to the function module a2, and the role identification code corresponding to the function module A3 in the multidimensional system platform, and then, according to the role identification code corresponding to the function module a1, the role identification code corresponding to the function module a2, and the role identification code corresponding to the function module A3, authority identifications corresponding to the function module a1, the function module a2, and the function module A3 are obtained from the first role authority table of the multidimensional system platform, which amounts to 3 authority identifications.
For another example, the list of role identifiers corresponding to the role types of the logged-in users includes a role identifier corresponding to function module a1, a role identifier corresponding to function module a2, a role identifier corresponding to function module A3, and a role identifier corresponding to function module B1 and a role identifier corresponding to function module B2 in external system B in the multidimensional system platform, then authority identifiers corresponding to function module a1, function module a2, and function module A3 are obtained from the first role authority table of the multidimensional system platform according to the role identifier corresponding to function module a1, the role identifier corresponding to function module a2, and the role identifier corresponding to function module A3, and authority identifiers corresponding to function module B1 and function module B2 are obtained from the second role authority table of external system B according to the role identifier corresponding to function module B1 and the role identifier corresponding to function module B2, there are 5 rights identifications in total.
Step S103, acquiring the function module information corresponding to each authority identifier, and generating an authority page corresponding to the login user according to the function module information corresponding to each authority identifier.
Illustratively, the plurality of authority identifiers include a plurality of first authority identifiers located in a first role authority table and/or a plurality of second authority identifiers located in a second role authority table, and the second role authority table can be one or more. The function module information includes a system type, a module name, and the like.
In an embodiment, if the plurality of authority identifiers only include a plurality of first authority identifiers located in a first role authority table, obtaining first function module information corresponding to the first authority identifiers; acquiring first page component data corresponding to the first functional module information; and generating an authority page corresponding to the login user according to the first page component data. The first page component data comprises component types of page components required by the authority page, the size, the position, the hierarchical relation and the like of each page component.
In an embodiment, the plurality of authority identifiers at least comprise a first authority identifier located in the first role authority table and a second authority identifier located in the second role authority table, and then first function module information corresponding to the first authority identifier and second function module information corresponding to the second authority identifier are obtained; acquiring first page component data corresponding to the first functional module information and second page component data corresponding to the second functional module information; and generating an authority page corresponding to the login user according to the first page component data and the second page component data.
The multidimensional system platform stores a mapping relation table between a first authority identifier and first function model information, a mapping relation table between a second authority identifier and second function model information, a mapping relation table between first function module information and first page assembly data, and a mapping relation table between second function module information and second page assembly data. And obtaining the first page component data and the second page component data through the mapping relation table.
Illustratively, the second page component data is subjected to adaptation processing, so that the second page component data subjected to adaptation processing has the same format as the first page component data; and generating an authority page corresponding to the login user according to the first page component data and the second page component data after the adaptation processing. By carrying out adaptation processing on the second page component data, the format of the page component data of the external system can be unified with the format of the page component data of the multidimensional system platform, and the page stability and compatibility are improved.
In one embodiment, when a function module offline instruction is monitored, acquiring an authority identifier of a function module to be offline and a system identifier of a system to which the function module to be offline belongs from the function module offline instruction; and deleting the authority identification of the functional module to be offline in the role authority table corresponding to the system identification so as to update the role authority table corresponding to the system identification. One system identifier corresponds to one role authority list, and the function module offline instruction can be manually triggered by developers. By the method, the role authority table can be updated while the function module of the external system or the multidimensional system platform is offline, and independent offline of the function module can be realized.
In one embodiment, a login request sent by a terminal device is obtained, and authentication verification is performed on the login request; when the login request passes the authentication verification, acquiring the role type of the login user from the login request; acquiring a plurality of authority identifications of a login user from a role authority table of a multi-dimensional system platform and an external system according to a plurality of role identification codes in a role identification code list; acquiring function module information corresponding to each authority identifier, generating an authority page corresponding to a login user according to the function module information corresponding to each authority identifier, sending the authority page to the terminal equipment, and loading the authority page by the terminal equipment.
According to the authority management method of the multidimensional system platform, the role type of the login user is obtained, the role identification code list corresponding to the role type is obtained, then the plurality of authority identifications of the login user are obtained from the role authority lists of the multidimensional system platform and the external system according to the plurality of role identification codes in the role identification code list, finally the function module information corresponding to each authority identification is obtained, and the authority page corresponding to the login user is generated according to the function module information corresponding to each authority identification, so that the independence of the function authorities of each system in the multidimensional system platform can be realized, and the data safety and reliability can be improved.
Referring to fig. 2, fig. 2 is a schematic block diagram of a rights management apparatus of a multidimensional system platform according to an embodiment of the present application.
As shown in fig. 2, the rights management apparatus 200 of the multidimensional system platform includes:
the list obtaining module 210 is configured to obtain a role type of a login user, and obtain a role identification code list corresponding to the role type;
the authority acquiring module 220 is configured to acquire a plurality of authority identifiers of the login user from the role authority tables of the multidimensional system platform and the external system according to the plurality of role identifiers in the role identifier list;
the page generating module 230 is configured to obtain function module information corresponding to each authority identifier, and generate an authority page corresponding to the login user according to the function module information corresponding to each authority identifier.
In an embodiment, the role authority table at least includes a first role authority table of the multidimensional system platform and a second role authority table of the external system, and the plurality of authority identifiers at least includes a first authority identifier located in the first role authority table and a second authority identifier located in the second role authority table, as shown in fig. 3, the page generating module 230 includes:
an obtaining sub-module 231, configured to obtain first function module information corresponding to the first permission identifier and second function module information corresponding to the second permission identifier;
the obtaining sub-module 231 is further configured to obtain first page component data corresponding to the first functional module information and second page component data corresponding to the second functional module information;
and the page generation submodule 232 is configured to generate an authority page corresponding to the login user according to the first page component data and the second page component data.
In one embodiment, the page generation sub-module 232 is further configured to:
performing adaptation processing on the second page component data to enable the second page component data after the adaptation processing to have the same format as the first page component data;
and generating an authority page corresponding to the login user according to the first page component data and the second page component data after the adaptation processing.
In one embodiment, the rights management device 200 of the multidimensional system platform further comprises:
the adjusting module is used for acquiring a role type adjusting instruction, and the role type adjusting instruction carries a user identification code;
and the adjusting module is also used for adjusting the role type corresponding to the user identification code according to the role type adjusting instruction.
In an embodiment, the rights management unit 200 of the multidimensional system platform further comprises:
the permission table updating module is used for acquiring the permission identification of the functional module to be offline and the system identification of the system to which the functional module to be offline belongs from the function module offline instruction when the functional module offline instruction is monitored;
and the authority list updating module is also used for deleting the authority identification of the function module to be offline in the role authority list corresponding to the system identification so as to update the role authority list corresponding to the system identification.
In one embodiment, the rights management device 200 of the multidimensional system platform further comprises:
the role authority table establishing module is used for distributing role identification codes and authority identifications to each functional module in the multidimensional system platform and each functional module in the external system accessed to the multidimensional system platform;
the role authority table establishing module is further used for establishing the role authority table based on the role identification code and the authority identification of each functional module in the multidimensional system platform and the role identification code and the authority identification of each functional module in the external system.
In an embodiment, the role authority table establishing module is further configured to:
establishing a first role authority table of the multi-dimensional system platform based on the role identification code and the authority identification of each functional module in the multi-dimensional system platform;
and establishing a second role authority table of the external system based on the role identification code and the authority identification of each functional module in the external system.
It should be noted that, as will be clear to those skilled in the art, for convenience and brevity of description, the specific working processes of the apparatus and each module and unit described above may refer to the corresponding processes in the embodiments of the rights management method of the multidimensional system platform, and are not described herein again.
The apparatus provided by the above embodiments may be implemented in the form of a computer program, which can be run on a computer device as shown in fig. 4.
Referring to fig. 4, fig. 4 is a schematic block diagram of a computer device according to an embodiment of the present disclosure. The computer device may be a server.
As shown in fig. 4, the computer device includes a processor, a memory, and a network interface connected by a system bus, wherein the memory may include a storage medium and an internal memory.
The storage medium may store an operating system and a computer program. The computer program includes program instructions that, when executed, cause a processor to perform a method of rights management for any one of a plurality of multidimensional system platforms.
The processor is used for providing calculation and control capability and supporting the operation of the whole computer equipment.
The network interface is used for network communication, such as sending assigned tasks and the like. Those skilled in the art will appreciate that the architecture shown in fig. 4 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
It should be understood that the Processor may be a Central Processing Unit (CPU), and the Processor may be other general purpose processors, Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components, etc. Wherein a general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
Wherein, in an embodiment, the processor is configured to run a computer program stored in the memory to implement the steps of:
acquiring a role type of a login user, and acquiring a role identification code list corresponding to the role type;
acquiring a plurality of authority identifications of the login user from a role authority table of the multidimensional system platform and the external system according to the plurality of role identification codes in the role identification code list;
and acquiring the functional module information corresponding to each authority identifier, and generating an authority page corresponding to the login user according to the functional module information corresponding to each authority identifier.
In an embodiment, the role authority table at least includes a first role authority table of the multidimensional system platform and a second role authority table of the external system, the plurality of authority identifiers at least includes a first authority identifier located in the first role authority table and a second authority identifier located in the second role authority table, and the processor is configured to implement, when acquiring function module information corresponding to each authority identifier and generating an authority page corresponding to the login user according to the function module information corresponding to each authority identifier, the following:
acquiring first function module information corresponding to the first authority identification and second function module information corresponding to the second authority identification;
acquiring first page component data corresponding to the first functional module information and second page component data corresponding to the second functional module information;
and generating an authority page corresponding to the login user according to the first page component data and the second page component data.
In an embodiment, when the processor generates the authority page corresponding to the login user according to the first page component data and the second page component data, the processor is configured to:
performing adaptation processing on the second page component data to enable the second page component data after the adaptation processing to have the same format as the first page component data;
and generating an authority page corresponding to the login user according to the first page component data and the second page component data after the adaptation processing.
In one embodiment, the processor is further configured to implement the steps of:
acquiring a role type adjusting instruction, wherein the role type adjusting instruction carries a user identification code;
and adjusting the role type corresponding to the user identification code according to the role type adjusting instruction.
In one embodiment, the processor is further configured to implement the steps of:
when a function module offline instruction is monitored, acquiring an authority identifier of a function module to be offline and a system identifier of a system to which the function module to be offline belongs from the function module offline instruction;
and deleting the authority identification of the function module to be offline in the role authority list corresponding to the system identification so as to update the role authority list corresponding to the system identification.
In one embodiment, the processor is further configured to implement the steps of:
assigning a role identification code and a permission identification to each function module in the multi-dimensional system platform and each function module in the external system accessing the multi-dimensional system platform;
and establishing the role authority table based on the role identification code and the authority identification of each functional module in the multi-dimensional system platform and the role identification code and the authority identification of each functional module in the external system.
In an embodiment, the processor, when implementing establishing the role authority table, is configured to implement:
establishing a first role authority table of the multi-dimensional system platform based on the role identification code and the authority identification of each functional module in the multi-dimensional system platform;
and establishing a second role authority table of the external system based on the role identification code and the authority identification of each functional module in the external system.
It should be noted that, as will be clearly understood by those skilled in the art, for convenience and brevity of description, the specific working process of the computer device described above may refer to the corresponding process in the foregoing embodiment of the method for rights management of a multidimensional system platform, and details are not described here again.
From the above description of the embodiments, it is clear to those skilled in the art that the present application can be implemented by software plus necessary general hardware platform. Based on such understanding, the technical solutions of the present application may be essentially or partially implemented in the form of a software product, which may be stored in a storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, etc., and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method according to the embodiments or some parts of the embodiments of the present application.
Embodiments of the present application further provide a storage medium, where a computer program is stored on the storage medium, where the computer program includes program instructions, and a method implemented when the program instructions are executed may refer to each embodiment of the method for managing rights of a multidimensional system platform in the present application.
The storage medium may be volatile or nonvolatile. The storage medium may be an internal storage unit of the computer device described in the foregoing embodiment, for example, a hard disk or a memory of the computer device. The computer readable storage medium may also be an external storage device of the computer device, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like, provided on the computer device.
Further, the storage medium may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function, and the like; the storage data area may store data created according to the use of the blockchain node, and the like.
The block chain referred by the application is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism, an encryption algorithm and the like. A block chain (Blockchain), which is essentially a decentralized database, is a series of data blocks associated by using a cryptographic method, and each data block contains information of a batch of network transactions, so as to verify the validity (anti-counterfeiting) of the information and generate a next block. The blockchain may include a blockchain underlying platform, a platform product service layer, an application service layer, and the like.
It is to be understood that the terminology used in the description of the present application herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in the specification of the present application and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
It should also be understood that the term "and/or" as used in this specification and the appended claims refers to and includes any and all possible combinations of one or more of the associated listed items. It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or system that comprises the element.
The above-mentioned serial numbers of the embodiments of the present application are merely for description and do not represent the merits of the embodiments. While the invention has been described with reference to specific embodiments, the scope of the invention is not limited thereto, and those skilled in the art can easily conceive various equivalent modifications or substitutions within the technical scope of the invention. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (10)
1. A rights management method for a multi-dimensional system platform, wherein at least one external system accesses the multi-dimensional system platform, the method comprising:
acquiring a role type of a login user, and acquiring a role identification code list corresponding to the role type;
acquiring a plurality of authority identifications of the login user from a role authority table of the multidimensional system platform and the external system according to the plurality of role identification codes in the role identification code list;
and acquiring the functional module information corresponding to each authority identifier, and generating an authority page corresponding to the login user according to the functional module information corresponding to each authority identifier.
2. The method of claim 1, wherein the role authority table at least includes a first role authority table of the multidimensional system platform and a second role authority table of the external system, the plurality of authority identifiers at least includes a first authority identifier located in the first role authority table and a second authority identifier located in the second role authority table, the obtaining function module information corresponding to each authority identifier, and generating an authority page corresponding to the logged-in user according to the function module information corresponding to each authority identifier comprises:
acquiring first function module information corresponding to the first authority identifier and second function module information corresponding to the second authority identifier;
acquiring first page component data corresponding to the first functional module information and second page component data corresponding to the second functional module information;
and generating an authority page corresponding to the login user according to the first page component data and the second page component data.
3. The method for managing authority of a multidimensional system platform as recited in claim 2, wherein the generating an authority page corresponding to the login user according to the first page component data and the second page component data comprises:
performing adaptation processing on the second page component data to enable the second page component data after the adaptation processing to have the same format as the first page component data;
and generating an authority page corresponding to the login user according to the first page component data and the second page component data after the adaptation processing.
4. The method of rights management for a multi-dimensional system platform of claim 1, the method further comprising:
acquiring a role type adjusting instruction, wherein the role type adjusting instruction carries a user identification code;
and adjusting the role type corresponding to the user identification code according to the role type adjusting instruction.
5. A method for rights management of a multi-dimensional system platform according to any of claims 1-4, wherein the method further comprises:
when a function module offline instruction is monitored, acquiring an authority identifier of a function module to be offline and a system identifier of a system to which the function module to be offline belongs from the function module offline instruction;
and deleting the authority identification of the function module to be offline in the role authority list corresponding to the system identification so as to update the role authority list corresponding to the system identification.
6. The rights management method of the multidimensional system platform of claim 1, wherein before the obtaining the role type of the login user and obtaining the role identification code list corresponding to the role type, the method further comprises:
assigning a role identification code and a permission identification to each function module in the multi-dimensional system platform and each function module in the external system accessing the multi-dimensional system platform;
and establishing the role authority table based on the role identification code and the authority identification of each functional module in the multi-dimensional system platform and the role identification code and the authority identification of each functional module in the external system.
7. The rights management method of the multi-dimensional system platform of claim 6, wherein the establishing the role rights table comprises:
establishing a first role authority table of the multi-dimensional system platform based on the role identification code and the authority identification of each functional module in the multi-dimensional system platform;
and establishing a second role authority table of the external system based on the role identification code and the authority identification of each functional module in the external system.
8. An authority management device of a multidimensional system platform, wherein at least one external system accesses to the multidimensional system platform, the authority management device of the multidimensional system platform comprises:
the list acquisition module is used for acquiring the role type of the login user and acquiring a role identification code list corresponding to the role type;
the authority acquisition module is used for acquiring a plurality of authority identifications of the login user from the role authority tables of the multidimensional system platform and the external system according to a plurality of role identification codes in the role identification code list;
and the page generation module is used for acquiring the functional module information corresponding to each authority identifier and generating the authority page corresponding to the login user according to the functional module information corresponding to each authority identifier.
9. A computer arrangement comprising a processor, a memory, and a computer program stored on the memory and executable by the processor, wherein the computer program, when executed by the processor, carries out the steps of the method of rights management of a multi-dimensional system platform as claimed in any one of claims 1 to 5.
10. A computer-readable storage medium, having a computer program stored thereon, wherein the computer program, when being executed by a processor, carries out the steps of the method for rights management of a multidimensional system platform as claimed in any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210225851.0A CN114584380A (en) | 2022-03-07 | 2022-03-07 | Authority management method, device, equipment and storage medium of multidimensional system platform |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210225851.0A CN114584380A (en) | 2022-03-07 | 2022-03-07 | Authority management method, device, equipment and storage medium of multidimensional system platform |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114584380A true CN114584380A (en) | 2022-06-03 |
Family
ID=81779171
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210225851.0A Pending CN114584380A (en) | 2022-03-07 | 2022-03-07 | Authority management method, device, equipment and storage medium of multidimensional system platform |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114584380A (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104462937A (en) * | 2014-12-17 | 2015-03-25 | 中国人民解放军国防科学技术大学 | Operating system peripheral access permission control method based on users |
| GB201707581D0 (en) * | 2017-05-11 | 2017-06-28 | Rowanalytics Ltd | Method and system of processing multi-dimensional system models |
| CN107679422A (en) * | 2017-10-25 | 2018-02-09 | 厦门市美亚柏科信息股份有限公司 | Role-security management method, terminal device and storage medium based on various dimensions |
| CN112118224A (en) * | 2020-08-12 | 2020-12-22 | 北京大学 | Trusted mechanism authority management method and system for big data block chain |
-
2022
- 2022-03-07 CN CN202210225851.0A patent/CN114584380A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104462937A (en) * | 2014-12-17 | 2015-03-25 | 中国人民解放军国防科学技术大学 | Operating system peripheral access permission control method based on users |
| GB201707581D0 (en) * | 2017-05-11 | 2017-06-28 | Rowanalytics Ltd | Method and system of processing multi-dimensional system models |
| CN107679422A (en) * | 2017-10-25 | 2018-02-09 | 厦门市美亚柏科信息股份有限公司 | Role-security management method, terminal device and storage medium based on various dimensions |
| CN112118224A (en) * | 2020-08-12 | 2020-12-22 | 北京大学 | Trusted mechanism authority management method and system for big data block chain |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110268677B (en) | Cross-chain interaction using domain name scheme in blockchain system | |
| CN111756753B (en) | Authority verification method and system | |
| RU2598324C2 (en) | Means of controlling access to online service using conventional catalogue features | |
| EP2550768B1 (en) | System and method for remote maintenance of client systems in an electronic network using software testing by a virtual machine | |
| US20120331518A1 (en) | Flexible security token framework | |
| CN108289098B (en) | Authority management method and device of distributed file system, server and medium | |
| WO2018020375A1 (en) | Blockchain-implemented method and system | |
| CN111181975B (en) | Account management method, device, equipment and storage medium | |
| CN108092945B (en) | Method and device for determining access authority and terminal | |
| US8484309B2 (en) | Owner controlled access to shared data resource | |
| CN101729541B (en) | Method and system for accessing resources of multi-service platform | |
| US20100031352A1 (en) | System and Method for Enforcing Licenses During Push Install of Software to Target Computers in a Networked Computer Environment | |
| CN112466013B (en) | Digital key management method, device, system and storage medium | |
| WO2022100892A1 (en) | Distributed ledger system | |
| CN112363997B (en) | Data version management method, device and storage medium | |
| TW201710944A (en) | System and method for authentication | |
| US20230275773A1 (en) | Distributed ledger system | |
| CN114584380A (en) | Authority management method, device, equipment and storage medium of multidimensional system platform | |
| CN113472781A (en) | Service acquisition method, server and computer readable storage medium | |
| CN112311716B (en) | Data access control method, device and server based on openstack | |
| CN113987462A (en) | Permission management platform based on container cloud computing | |
| CN117034233B (en) | Application management method and device based on permission, computing equipment and storage medium | |
| CN113300852B (en) | Service management method and platform, computer device and computer readable storage medium | |
| US11868494B1 (en) | Synchronization of access management tags between databases | |
| He | Role security access control of the distributed object systems |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| AD01 | Patent right deemed abandoned | ||
| AD01 | Patent right deemed abandoned |
Effective date of abandoning: 20240119 |