CN102387139A - Authority control method, system and device separated from application services - Google Patents
Authority control method, system and device separated from application services Download PDFInfo
- Publication number
- CN102387139A CN102387139A CN2011103145367A CN201110314536A CN102387139A CN 102387139 A CN102387139 A CN 102387139A CN 2011103145367 A CN2011103145367 A CN 2011103145367A CN 201110314536 A CN201110314536 A CN 201110314536A CN 102387139 A CN102387139 A CN 102387139A
- Authority
- CN
- China
- Prior art keywords
- array
- authority
- function point
- control
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention provides an authority control method separated from application services, which comprises the following steps that: A, at least a function point required to be subjected to authority control on a web page is sent to a server; B, the server compares the received function point required to be subjected to authority control with the authority of a current visitor, judges whether the current visitor is allowed to use the function point, and sends a judgment result to a client; and C, the client displays the function point which is allowed to be used by the current visitor and hides the function point which is not allowed to be used by the current visitor according to the judgment result.
Description
Technical field
The present invention relates to the computer internet technology, relate in particular to the web application system, particularly a kind of authority control method that separates with applied business, system and device.
Background technology
Authority module all is the indispensable part of web application system all the time, and what most control of authority process adopted is following dual mode:
Mode one is to come the authority user is distributed with related through application module.
Mode two is to need to read active user's authority through authority management module in the module of control of authority at all, controls user's authority according to the attribute of authority.
Above-mentioned dual mode, application module and control of authority module relation get too tight, can't the control of authority module be multiplexed in other application systems effectively, cause the developer to repeat to do a large amount of similarly work.And,, when application system need increase the rights management function so afterwards, increase the design of authority module and the workload of realization again and just become quite huge and have very high risk if application system does not have the function of rights management when initial design.There are the problems referred to above too for the web application system.
Summary of the invention
The invention provides a kind of authority control method that separates with applied business, system and device, can realize the multiplexing of control of authority easily to reduce development cost and risk.
The authority control method that a kind of and applied business that the embodiment of the invention provides separates comprises the steps:
A, with at least one needs the function point of control of authority to send to server on the webpage;
B, server with receive that the function point that needs control of authority and current accessed person's authority compare, and judge whether to allow current accessed person to use said function point, and judged result is sent to client;
C, client show the function point that allows current accessed person to use according to said judged result, hide the function point that does not allow current accessed person to use.
Preferably, steps A comprises:
Store in first array comprising the label control that needs the function point of control of authority attribute on the webpage, the function point that needs control of authority in the webpage is stored in second array, and second array is sent to server.
Preferably, step B comprises:
B1, server obtain the authority element with inquiry and store in the 3rd array to data base querying current accessed person's authority, and create the 4th a total identical array with the element of second array at server;
B2, server compare each the authority element in each function point in second array and the 3rd array; When the function point of second certain position of array is identical with any one authority element comparing result in the 3rd array; The value of the relevant position of four array corresponding with the said position of second array is set to logical truth, otherwise the value of the relevant position of the 4th array is set to logical falsehood;
After B3, contrast were accomplished, server returned the 4th array to client.
Preferably, step C comprises:
Client with the hiding attribute of each element in first array be arranged to the 4th array in the logical value opposite logical value corresponding with said element.
The embodiment of the invention proposes a kind of authority control system that separates with applied business, and this authority control system comprises client and server,
Said client is used at least one needs the function point of control of authority to send to server on the webpage; And, show the function point that allows current accessed person to use according to judged result from server, hide the function point that does not allow current accessed person to use;
Said server with receive that the function point that needs control of authority and current accessed person's authority compare, and judge whether to allow current accessed person to use said function point, and judged result is sent to client.
Preferably, said client comprises:
The first array manipulation module is used for needing the label control of the function point of control of authority attribute to store first array into comprising on the webpage;
The second array manipulation module is used for needing the function point of control of authority to store in second array webpage, and second array is sent to server.
Preferably, said server comprises:
The 3rd array manipulation module is used for the authority to data base querying current accessed person, inquiry is obtained the authority element store in the 3rd array;
The 4th array manipulation module is used to create the 4th a total identical array with the element of second array, after the contrast of authority control module is accomplished, returns the 4th array to client;
The control of authority module; Be used for each the authority element in each function point of second array and the 3rd array is compared; When the function point of second certain position of array is identical with any one authority element comparing result in the 3rd array; The value of the relevant position of four array corresponding with the said position of second array is set to logical truth, otherwise the value of the relevant position of the 4th array is set to logical falsehood.
Preferably, said client comprises:
Display module, be used for the hiding attribute of first each element of array be arranged to the 4th array that is received from server in the logical value opposite logical value corresponding with said element.
The embodiment of the invention proposes a kind of client, comprising:
The first array manipulation module is used for needing the label control of the function point of control of authority attribute to store first array into comprising on the webpage;
The second array manipulation module is used for needing the function point of control of authority to store in second array webpage, and second array is sent to server;
Display module, be used for the hiding attribute of first each element of array be arranged to the 4th array that is received from server in the logical value opposite logical value corresponding with said element.
The embodiment of the invention also proposes a kind of server, comprising:
The 3rd array manipulation module is used for the authority to data base querying current accessed person, inquiry is obtained the authority element store in the 3rd array;
The 4th array manipulation module is used to create the 4th a total identical array with the element of second array, after the contrast of authority control module is accomplished, returns the 4th array to client;
The control of authority module; Be used for each the authority element in each function point of second array and the 3rd array is compared; When the function point of second certain position of array is identical with any one authority element comparing result in the 3rd array; The value of the relevant position of four array corresponding with the said position of second array is set to logical truth, otherwise the value of the relevant position of the 4th array is set to logical falsehood.
Can find out from above technical scheme, only need the function point of specify labels control, carry out control of authority through control of authority split-frame provided by the invention unification and handle, and then realize separating of control of authority and applied business at applied business.Like this, the structure that not only makes code is more clear and be easy to the management and the maintenance in later stage, the benefits such as easy autgmentability and low-risk that the ease for operation of control of authority also are provided and in not having the web application system of processing authority, increased authority module.
Description of drawings
Fig. 1 is the realization flow sketch map of the authority control method that separates with applied business of the present invention's proposition;
Fig. 2 is the present invention program's a deployment sketch map;
Fig. 3 realizes the flow chart of control authority separation logic for the embodiment of the invention.
Embodiment
The realization flow of the authority control method that separates with applied business that the present invention proposes is as shown in Figure 1, mainly may further comprise the steps:
Step 101: the label control that comprises the function point attribute on the webpage (comprising the interpolation attribute of user like button) is stored among the array A, function point is stored among the array B, and array B is sent to server.
Step 102: server obtains the authority element with inquiry and stores among the array C to data base querying current accessed person's authority, and creates a total identical array D with array B element at server.
Step 103: server compares each the authority element among each function point among the array B and the array C, to confirm whether the active user has the pairing authority of function point in database.
When the function point of certain position of array B is identical with any one authority element comparing result among the array C; The value of the relevant position of just corresponding with the said position of array B array D is set to logical truth (TRUE; Can represent with character 1); Otherwise just the value of the relevant position of array D is set to logical falsehood (FALSE can represent with character 0).
Step 104: contrast is returned array D (what return is the character string content of array D) by server to client after accomplishing.
Step 105: client will receive array D; Then the hiding attribute of n element (label control of function point) among the array A is arranged to the logical value (value that TRUE opposite be FALSE) opposite with n element of array D, thereby hides the relevant label control (like " button " on the webpage) of authority that does not possess with the active user on the webpage.
The present invention program's deployment is as shown in Figure 2, comprises the steps:
Step 201: the file of in webpage, introducing authority separating controlling framework.
Step 202: webpage loads the unified method of calling the interpolation function point and the respective labels control of control of authority split-frame in back; Its effect is that the label control that comprises function point and function point are stored in respectively among the array A, B of this framework, thus let authority control split-frame handles respective labels control on the webpage hidingly wait operation.
Step 203: on the label of needs separation control of authority, increase an additional attribute, its property value is the function corresponding point.
The embodiment of the invention exemplarily adopts script (for example javascript) to realize the control authority separation logic.Concrete steps are as shown in Figure 3, comprise the steps:
Step 301: the label control (like " interpolation user profile " on the webpage, " searching user's information " button) that will comprise function point stores among the array A, and function point (as: adding user, inquiring user) is stored among the array B correspondingly.
Step 302: send the HTTP request to server.Send the content of array B to server.
Step 303: server is stored in the result's (" browsing user profile ", " inquiring user " authority) who inquires about among the array C to data base querying current accessed person's authority information.Create the array D of onesize with array B (element total identical) at server.
Step 304: each element of each function point among the array B and array C is compared, the value of array D is set according to comparing result.
When the function point (as: second locational " inquiring user ") of certain position of array B is identical with any one element comparing result among the array C; Just array D and array B one to one the value of position (second position of array D) be set to TRUE, otherwise just it is set to FALSE (as: the locational value of first of array D just for FALSE).
Step 305: each function point in array B has all carried out after the contrast with each element of array C, and just obtaining one is the array D (as: [FALSE, TRUE]) of TRUE or FALSE with big or small identical and each element value of array B.Server just returns the character string content of array D to client.
Step 306: the character string content of the array D that client will receive from server converts array E into, then the hiding attribute of n element among the array A is arranged to the opposite value (value that TRUE is opposite is FALSE) with n element of array E.So just the relevant label control (like " adding the user " button) of authority that does not possess with the active user on the webpage has been carried out hiding operation.Thereby make the illegal operation of carrying out oneself not having authority of visitor, reach the effect that control of authority separates.
The embodiment of the invention also proposes a kind of authority control system that separates with applied business, and this authority control system comprises client and server,
Said client is used at least one needs the function point of control of authority to send to server on the webpage; And, show the function point that allows current accessed person to use according to judged result from server, hide the function point that does not allow current accessed person to use;
Said server with receive that the function point that needs control of authority and current accessed person's authority compare, and judge whether to allow current accessed person to use said function point, and judged result is sent to client.
Preferably, said client comprises:
The first array manipulation module is used for needing the label control of the function point of control of authority attribute to store first array into comprising on the webpage;
The second array manipulation module is used for needing the function point of control of authority to store in second array webpage, and second array is sent to server;
Display module, be used for the hiding attribute of first each element of array be arranged to the 4th array that is received from server in the logical value opposite logical value corresponding with said element.
Preferably, said server comprises:
The 3rd array manipulation module is used for the authority to data base querying current accessed person, inquiry is obtained the authority element store in the 3rd array;
The 4th array manipulation module is used to create the 4th a total identical array with the element of second array, after the contrast of authority control module is accomplished, returns the 4th array to client;
The control of authority module; Be used for each the authority element in each function point of second array and the 3rd array is compared; When the function point of second certain position of array is identical with any one authority element comparing result in the 3rd array; The value of the relevant position of four array corresponding with the said position of second array is set to logical truth, otherwise the value of the relevant position of the 4th array is set to logical falsehood.
The invention provides a kind of short-cut method that in the web application system, applied business is separated with control of authority; Only need the function point (as: adding the user) of specify labels control at applied business; Load the back at webpage and carry out control of authority through control of authority framework provided by the invention unification and handle, and then realize separating of control of authority and applied business.Like this, the structure that not only makes code is more clear and be easy to the management and the maintenance in later stage, the benefits such as easy autgmentability and low-risk that the ease for operation of control of authority also are provided and in not having the web application system of processing authority, increased authority module.And this control of authority split-frame can also be multiplexed in other the web application system effectively, has improved the durability of this framework.Thereby solved the problem that is proposed in the background technology effectively.
Description through above execution mode; Those skilled in the art can be well understood to the present invention and can realize by the mode that software adds essential hardware platform; Can certainly all implement, but the former is better execution mode under a lot of situation through hardware.Based on such understanding; All or part of can the coming out that technical scheme of the present invention contributes to background technology with the embodied of software product; This computer software product can be stored in the storage medium, like ROM/RAM, magnetic disc, CD etc., comprises that some instructions are with so that a computer equipment (can be a personal computer; Server, the perhaps network equipment etc.) carry out the described method of some part of each embodiment of the present invention or embodiment.
The above is merely preferred embodiment of the present invention, and is in order to restriction the present invention, not all within spirit of the present invention and principle, any modification of being made, is equal to replacement, improvement etc., all should be included within the scope that the present invention protects.
Claims (10)
1. an authority control method that separates with applied business is characterized in that, comprises the steps:
A, with at least one needs the function point of control of authority to send to server on the webpage;
B, server with receive that the function point that needs control of authority and current accessed person's authority compare, and judge whether to allow current accessed person to use said function point, and judged result is sent to client;
C, client show the function point that allows current accessed person to use according to said judged result, hide the function point that does not allow current accessed person to use.
2. method according to claim 1 is characterized in that steps A comprises:
Store in first array comprising the label control that needs the function point of control of authority attribute on the webpage, the function point that needs control of authority in the webpage is stored in second array, and second array is sent to server.
3. method according to claim 2 is characterized in that step B comprises:
B1, server obtain the authority element with inquiry and store in the 3rd array to data base querying current accessed person's authority, and create the 4th a total identical array with the element of second array at server;
B2, server compare each the authority element in each function point in second array and the 3rd array; When the function point of second certain position of array is identical with any one authority element comparing result in the 3rd array; The value of the relevant position of four array corresponding with the said position of second array is set to logical truth, otherwise the value of the relevant position of the 4th array is set to logical falsehood;
After B3, contrast were accomplished, server returned the 4th array to client.
4. method according to claim 3 is characterized in that step C comprises:
Client with the hiding attribute of each element in first array be arranged to the 4th array in the logical value opposite logical value corresponding with said element.
5. an authority control system that separates with applied business is characterized in that, this authority control system comprises client and server,
Said client is used at least one needs the function point of control of authority to send to server on the webpage; And, show the function point that allows current accessed person to use according to judged result from server, hide the function point that does not allow current accessed person to use;
Said server with receive that the function point that needs control of authority and current accessed person's authority compare, and judge whether to allow current accessed person to use said function point, and judged result is sent to client.
6. authority control system according to claim 5 is characterized in that, said client comprises:
The first array manipulation module is used for needing the label control of the function point of control of authority attribute to store first array into comprising on the webpage;
The second array manipulation module is used for needing the function point of control of authority to store in second array webpage, and second array is sent to server.
7. authority control system according to claim 6 is characterized in that, said server comprises:
The 3rd array manipulation module is used for the authority to data base querying current accessed person, inquiry is obtained the authority element store in the 3rd array;
The 4th array manipulation module is used to create the 4th a total identical array with the element of second array, after the contrast of authority control module is accomplished, returns the 4th array to client;
The control of authority module; Be used for each the authority element in each function point of second array and the 3rd array is compared; When the function point of second certain position of array is identical with any one authority element comparing result in the 3rd array; The value of the relevant position of four array corresponding with the said position of second array is set to logical truth, otherwise the value of the relevant position of the 4th array is set to logical falsehood.
8. according to the said authority control system of claim 7, it is characterized in that said client comprises:
Display module, be used for the hiding attribute of first each element of array be arranged to the 4th array that is received from server in the logical value opposite logical value corresponding with said element.
9. a client is characterized in that, comprising:
The first array manipulation module is used for needing the label control of the function point of control of authority attribute to store first array into comprising on the webpage;
The second array manipulation module is used for needing the function point of control of authority to store in second array webpage, and second array is sent to server;
Display module, be used for the hiding attribute of first each element of array be arranged to the 4th array that is received from server in the logical value opposite logical value corresponding with said element.
10. a server is characterized in that, comprising:
The 3rd array manipulation module is used for the authority to data base querying current accessed person, inquiry is obtained the authority element store in the 3rd array;
The 4th array manipulation module is used to create the 4th a total identical array with the element of second array, after the contrast of authority control module is accomplished, returns the 4th array to client;
The control of authority module; Be used for each the authority element in each function point of second array and the 3rd array is compared; When the function point of second certain position of array is identical with any one authority element comparing result in the 3rd array; The value of the relevant position of four array corresponding with the said position of second array is set to logical truth, otherwise the value of the relevant position of the 4th array is set to logical falsehood.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110314536.7A CN102387139B (en) | 2011-10-17 | 2011-10-17 | Authority control method, system and device separated from application services |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110314536.7A CN102387139B (en) | 2011-10-17 | 2011-10-17 | Authority control method, system and device separated from application services |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102387139A true CN102387139A (en) | 2012-03-21 |
| CN102387139B CN102387139B (en) | 2014-05-14 |
Family
ID=45826113
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110314536.7A Active CN102387139B (en) | 2011-10-17 | 2011-10-17 | Authority control method, system and device separated from application services |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102387139B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107257337A (en) * | 2017-06-15 | 2017-10-17 | 重庆扬讯软件技术股份有限公司 | A kind of shared authority control method of multiterminal and its system |
| CN107403077A (en) * | 2016-05-20 | 2017-11-28 | 中文在线数字出版集团股份有限公司 | A kind of strong copyrighted product management system for adapting to right and splitting and combining |
| WO2018001065A1 (en) * | 2016-06-27 | 2018-01-04 | 中兴通讯股份有限公司 | Method, device and system for managing application |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2002324053A (en) * | 2001-04-24 | 2002-11-08 | Nec Corp | Use authorization controlling system, use authorization controlling method and program |
| CN101945108A (en) * | 2010-09-14 | 2011-01-12 | 中兴通讯股份有限公司 | Method and system for controlling authority in LDAP server |
-
2011
- 2011-10-17 CN CN201110314536.7A patent/CN102387139B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2002324053A (en) * | 2001-04-24 | 2002-11-08 | Nec Corp | Use authorization controlling system, use authorization controlling method and program |
| CN101945108A (en) * | 2010-09-14 | 2011-01-12 | 中兴通讯股份有限公司 | Method and system for controlling authority in LDAP server |
Non-Patent Citations (1)
| Title |
|---|
| 钟雁,张明,王东华: "《城市园林管理及其Web发布》", 《计算机应用》 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107403077A (en) * | 2016-05-20 | 2017-11-28 | 中文在线数字出版集团股份有限公司 | A kind of strong copyrighted product management system for adapting to right and splitting and combining |
| WO2018001065A1 (en) * | 2016-06-27 | 2018-01-04 | 中兴通讯股份有限公司 | Method, device and system for managing application |
| CN107257337A (en) * | 2017-06-15 | 2017-10-17 | 重庆扬讯软件技术股份有限公司 | A kind of shared authority control method of multiterminal and its system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102387139B (en) | 2014-05-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10642904B2 (en) | Infrastructure enabling intelligent execution and crawling of a web application | |
| US7991800B2 (en) | Object oriented system and method for optimizing the execution of marketing segmentations | |
| JP6761112B2 (en) | Methods and systems for server-side rendering of native content for presentation | |
| US20200159742A1 (en) | Maintaining data lineage to detect data events | |
| Jin et al. | IoT service selection based on physical service model and absolute dominance relationship | |
| EP3173951B1 (en) | Integrated framework for secured data provisioning and management | |
| Sundaram et al. | Knowledge-based RFID enabled Web Service architecture for supply chain management | |
| US20160086207A1 (en) | Information processing apparatus, terminal device, information processing method, and non-transitory computer readable storage medium | |
| US10445412B1 (en) | Dynamic browsing displays | |
| US9350738B2 (en) | Template representation of security resources | |
| WO2023092580A1 (en) | Page display method and apparatus, storage medium, and electronic device | |
| CN102387139B (en) | Authority control method, system and device separated from application services | |
| CN111858617A (en) | User searching method and device, computer readable storage medium and electronic equipment | |
| US10963479B1 (en) | Hosting version controlled extract, transform, load (ETL) code | |
| US20110041069A1 (en) | User interface for aggregating services in a data processing system | |
| EP2321747A2 (en) | Method, computer program product, and apparatus for enabling access to enterprise information | |
| JP5363561B2 (en) | Method and computer program for improving accessibility for rich internet applications by collaborative crawling | |
| CN103092942A (en) | Client-side, method and system for inquiring, obtaining and showing information | |
| Kim | Modelling information curation platform to improve efficiencies of smart public services | |
| Breil et al. | Exploring data integration strategies for public sector cloud solutions | |
| Mann et al. | Scientific data mining, integration, and visualization | |
| CN102402433A (en) | Model, operation and implementation separation | |
| Mishra et al. | The role of grid technologies: a next level combat with big data | |
| Wang et al. | GeoClustering: A web service for geospatial clustering | |
| Zhou et al. | A MGrid-based information sharing system for distributed product information sharing and exchange |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP02 | Change in the address of a patent holder |
Address after: 610041 15-24 floor, 1 1 Tianfu street, Chengdu high tech Zone, Sichuan Patentee after: MAIPU COMMUNICATION TECHNOLOGY Co.,Ltd. Address before: 610041 Sichuan city of Chengdu province high tech Zone nine Hing Road No. 16 building, Maipu Patentee before: MAIPU COMMUNICATION TECHNOLOGY Co.,Ltd. |
|
| CP02 | Change in the address of a patent holder | ||
| CP02 | Change in the address of a patent holder |
Address after: 610041 nine Xing Xing Road 16, hi tech Zone, Sichuan, Chengdu Patentee after: MAIPU COMMUNICATION TECHNOLOGY Co.,Ltd. Address before: 610041 15-24 floor, 1 1 Tianfu street, Chengdu high tech Zone, Sichuan Patentee before: MAIPU COMMUNICATION TECHNOLOGY Co.,Ltd. |
|
| CP02 | Change in the address of a patent holder |