CN103218688A - Method for determining workflow participant based on data permission - Google Patents
Method for determining workflow participant based on data permission Download PDFInfo
- Publication number
- CN103218688A CN103218688A CN2013101408992A CN201310140899A CN103218688A CN 103218688 A CN103218688 A CN 103218688A CN 2013101408992 A CN2013101408992 A CN 2013101408992A CN 201310140899 A CN201310140899 A CN 201310140899A CN 103218688 A CN103218688 A CN 103218688A
- Authority
- CN
- China
- Prior art keywords
- authority
- workflow
- permission
- authorization
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention provides a method for determining a workflow participant based on data permission. The method includes steps of firstly, setting authorization permission relevant to processes which are possessed by a user while a permission setting management module maintains data permission of a service object; then setting required authorization permission on each examine and approve activity in a workflow definition, when a workflow runs as a living example, dynamically calling a port method which is provided by a limit analysis module and enabling a user who obtains an authorization permission limit which is set on a current examine and approve activity to be the participant to conduct task allocation through a workflow engine; and judging whether the current user has the examine and approve authority limit and relevant data authority of a service invoice to be examined and approved or not through a task to be done of a workflow management system according to the authorization permission limit defined on the current examine and approve activity. The method makes the best of service which is provided by a permission management system, effectively solves the problem that the participant in the workflow management system is hard to set and maintain, and meanwhile meets requirements of the workflow management system for conducting data authority control on service data visiting of the participant.
Description
Technical field
The present invention relates to Computer Applied Technology, specifically a kind of method of determining the workflow participant based on data permission.
Background technology
According to the definition of WFMC (WFMC), workflow participant refers to a kind of resource of execution work stream active instance task, and this resource is commonly referred to as people's (execution human activity), also can be computer program (execution automatic movable).For realizing professional automatic circulation, be necessary for each professional step and define corresponding participant, they will participate in the execution of workflow activities.
The complex business process in fields such as actual business administration, such as the purchase of goods and materials reimbursement approval process of a conglomerate, the material category of buying, model, expenditure item, department's difference, the participant of flow process may be different.The human activity participant define method mode that present Workflow Management System generally adopts is to define business rule on stream to specify the participant, in the flow implementation process, has comprised very many business rules in the flow definition.Safeguard that these business rules also quite bother, the difficulty that the flow process in the system is consigned to the client is also very high.
Simultaneously, in the workflow management of distinct Chinese characteristics, a lot of dynamic flow characteristics is arranged, such as the approving person endorse dynamically, operation such as countersign, if the approving person can select the approving person arbitrarily, when workflow Pending tasks tabulation operation, do not carry out control of authority, will be very big system vulnerability.
Participant rule complexity is difficult to set and safeguard in the Workflow Management System, and how Workflow Management System to carry out data permission control to participant's access service data, has become us to need the problem that will solve badly.
Summary of the invention
The purpose of this invention is to provide a kind of method of determining the workflow participant based on data permission.
The objective of the invention is to realize in the following manner, this method is at first when authority is provided with the data permission of administration module maintenance service object, the relevant authorization of flow process that the user has is set, in workflow defining each examined the authorization that needs is set in the activity then, when workflow instance moves, workflow engine can call the interface method that the authority parsing module provides dynamically, obtain to have and currently examine the movable user who goes up the authorization authority that is provided with and carry out Task Distribution as the participant, the Pending tasks of Workflow Management System is according to the current upward authorization of definition of activity of examining, determine the related data the authority whether active user has the power of examination and approval and treat the permit business document, examine the authorization of activity association according to each that is provided with in the workflow defining, dynamically fixed each in place examined the participant of link, and concrete steps are as follows:
1) when authority is provided with the data permission of administration module maintenance service object, the relevant authority permission of flow process that the user has is set;
Described authority is provided with administration module, is used to the authority permission relevant with management process is set, and generates the data permission expression formula of business object;
The authority permission that described flow process is relevant is meant a flow operations to specific transactions object resource, comprises and examines, checks;
2) when designing workflows, each in workflow examined the authorization that needs is set on the activity attributes;
3) when workflow instance moves, workflow engine can call the interface method that the authority parsing module provides dynamically, obtains to have the user who examines the authorization authority that is provided with on the activity attributes and carry out Task Distribution as the participant;
Described authority parsing module is used to resolve the data permission expression formula of described business object, to control described data permission;
The interface method that described authority parsing module provides, be used to inquire about user with the authorization authority of examining activity association, the user when Dynamic Selection next one is examined movable participant as required, workflow engine can be inquired about has the user list that the next one is examined the authorization authority of activity association, as the user list of examining to be selected;
4) Pending tasks of Workflow Management System determines the related data the authority whether active user has the power of examination and approval and treat the permit business document according to the current upward authorization of definition of activity of examining.
Excellent effect of the present invention:
Workflow Management System adopts the design philosophy of safety management, examines that by in workflow defining each authorization that needs being set in the activity.When workflow instance moved, workflow engine can call the interface method that the authority parsing module provides dynamically, according to current authorization of examining in the activity, obtained the user and carried out Task Distribution; The Pending tasks of Workflow Management System determines the related data the authority whether active user has the power of examination and approval and treat the permit business document according to the current upward authorization of definition of activity of examining.
Compared with prior art, of the present inventionly determine that based on data permission workflow participant's method makes full use of the security service that Rights Management System provides, efficiently solve participant in the Workflow Management System and be difficult to the problem setting and safeguard.
Management information system is the man-machine interactive system of a complexity, Rights Management System is one of module that reusability is the highest in the management information system, any multi-user's system all inevitably relates to identical authority demand, by the Rights Management System control of authority, Rights Management System is playing an important role aspect the maintenance work flow management security of system when the invention enables Workflow Management System Pending tasks access service data.
Description of drawings
Fig. 1 is based on the flow example figure that data permission is determined the workflow participant;
Fig. 2 is based on data permission and determines that workflow examines movable participant's block diagram.
Embodiment
Explain below with reference to Figure of description method of the present invention being done.
Above-mentioned purpose for a more clear understanding of the present invention, feature and advantage determine that based on data permission workflow examines movable participant's implementation method and further describe in detail to of the present invention below in conjunction with Figure of description and specific embodiment.
Embodiment:
The implementation method that service management concerns dynamic participant in the Workflow Management System of the present invention is examined the participant of link according to the service management in the workflow, fixed each in dynamic place of dealing with relationship, and comprises the steps:
Step 1 when authority is provided with the data permission of administration module maintenance service object, is provided with the relevant authority permission of flow process that the user has.
Described authority is provided with administration module, is used to the authority permission relevant with management process is set, and generates the data permission expression formula of business object;
The authority permission that described flow process is relevant is meant a flow operations to specific transactions object resource, such as examining, check etc.;
Approval process as shown in Figure 2, the data permission of the business datum of need safeguarding comprises: the examining of the mobile phone expenses claim sheer of different departments, unit, check, finance set authority.
Step 2, when designing workflows, each in workflow examined the authorization that needs is set on the activity attributes.
Approval process as shown in Figure 2 need be in departmental manager, general manager (GM), administrative assistant, these several authorizations of safeguarding in the definition above-mentioned steps on the link of examining of financial auditing.
Step 3, when workflow instance moved, workflow engine can call the interface method that the authority parsing module provides dynamically, obtain have examine the authorization authority that is provided with on the activity attributes the user as participant's allocating task.
Described authority parsing module is used to resolve the data permission expression formula of described business object, to control described data permission.
The interface method that described authority parsing module provides is used to inquire about the user with the authorization authority of examining activity association.Especially, when the user needed that the Dynamic Selection next one is examined movable participant as required, workflow engine can be inquired about had the user list that the next one is examined the authorization authority of activity association, as the user list of examining to be selected.
Approval process as shown in Figure 2, workflow engine can call the interface method that the authority parsing module provides dynamically, obtains and is responsible for departmental manager, the general manager (GM) that this reimbursement document is examined, the administrative assistant who is responsible for checking, the financial staff who is responsible for checking.
Step 4, the Pending tasks of Workflow Management System determines the related data the authority whether active user has the power of examination and approval and treat the permit business document according to the current upward authorization of definition of activity of examining.
Determine that based on data permission workflow examines movable participant's method for one provided by the invention, examine that by in workflow defining each authorization that needs being set in the activity.When workflow instance moved, workflow engine can call the interface method that the authority parsing module provides dynamically, according to current authorization of examining in the activity, obtained the user and carried out participant's Task Distribution; The Pending tasks of Workflow Management System determines the related data the authority whether active user has the power of examination and approval and treat the permit business document according to the current upward authorization of definition of activity of examining.On the one hand, the present invention efficiently solves participant in the Workflow Management System and is difficult to the problem setting and safeguard.On the other hand, make Rights Management System become the core that Pending tasks access service data are carried out control of authority in the Workflow Management System, Rights Management System is playing an important role aspect the maintenance work flow management security of system.
Except that the described technical characterictic of instructions, be the known technology of those skilled in the art.
Claims (1)
1. method of determining the workflow participant based on data permission, it is characterized in that this method is at first when authority is provided with the data permission of administration module maintenance service object, the relevant authorization of flow process that the user has is set, in workflow defining each examined the authorization that needs is set in the activity then, when workflow instance moves, workflow engine can call the interface method that the authority parsing module provides dynamically, obtain to have and currently examine the movable user who goes up the authorization authority that is provided with and carry out Task Distribution as the participant, the Pending tasks of Workflow Management System is according to the current upward authorization of definition of activity of examining, determine the related data the authority whether active user has the power of examination and approval and treat the permit business document, examine the authorization of activity association according to each that is provided with in the workflow defining, dynamically fixed each in place examined the participant of link, and concrete steps are as follows:
1) when authority is provided with the data permission of administration module maintenance service object, the relevant authority permission of flow process that the user has is set;
Described authority is provided with administration module, is used to the authority permission relevant with management process is set, and generates the data permission expression formula of business object;
The authority permission that described flow process is relevant is meant a flow operations to specific transactions object resource, comprises and examines, checks;
2) when designing workflows, each in workflow examined the authorization that needs is set on the activity attributes;
3) when workflow instance moves, workflow engine can call the interface method that the authority parsing module provides dynamically, obtains to have the user who examines the authorization authority that is provided with on the activity attributes and carry out Task Distribution as the participant;
Described authority parsing module is used to resolve the data permission expression formula of described business object, to control described data permission;
The interface method that described authority parsing module provides, be used to inquire about user with the authorization authority of examining activity association, the user when Dynamic Selection next one is examined movable participant as required, workflow engine can be inquired about has the user list that the next one is examined the authorization authority of activity association, as the user list of examining to be selected;
4) Pending tasks of Workflow Management System determines the related data the authority whether active user has the power of examination and approval and treat the permit business document according to the current upward authorization of definition of activity of examining.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013101408992A CN103218688A (en) | 2013-04-23 | 2013-04-23 | Method for determining workflow participant based on data permission |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013101408992A CN103218688A (en) | 2013-04-23 | 2013-04-23 | Method for determining workflow participant based on data permission |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103218688A true CN103218688A (en) | 2013-07-24 |
Family
ID=48816452
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2013101408992A Pending CN103218688A (en) | 2013-04-23 | 2013-04-23 | Method for determining workflow participant based on data permission |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103218688A (en) |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104732375A (en) * | 2013-12-20 | 2015-06-24 | 远光软件股份有限公司 | Centralized examining and approving method and device |
| CN105005837A (en) * | 2014-04-21 | 2015-10-28 | 山西太钢不锈钢股份有限公司 | Method for adding approval function to SAP ERP application program |
| CN105225031A (en) * | 2015-09-06 | 2016-01-06 | 浪潮软件股份有限公司 | A kind of method of support performance stream participant types expansion |
| CN105741084A (en) * | 2016-02-02 | 2016-07-06 | 成都市泰牛科技股份有限公司 | Service authority management system and method |
| CN105787633A (en) * | 2014-12-26 | 2016-07-20 | 远光软件股份有限公司 | System and method for processing concurrent examining and approving flow |
| CN105808989A (en) * | 2014-12-31 | 2016-07-27 | 中国移动通信集团吉林有限公司 | Permission auditing method and device |
| CN106339850A (en) * | 2015-07-17 | 2017-01-18 | 北京奇虎科技有限公司 | Automatic generation method and device of contract approval process |
| CN106355353A (en) * | 2016-09-29 | 2017-01-25 | 广州鹤互联网科技有限公司 | Signing and approving request processing method and device |
| CN107862473A (en) * | 2017-12-04 | 2018-03-30 | 山东浪潮通软信息科技有限公司 | A kind of participation user of workflow determines method and device |
| CN108363594A (en) * | 2018-01-08 | 2018-08-03 | 浪潮通用软件有限公司 | A kind of method that participant parses in Workflow system |
| CN108596554A (en) * | 2017-12-12 | 2018-09-28 | 浪潮通用软件有限公司 | A kind of method and workflow engine of the specified follow-up examination & approval link participant of dynamic |
| CN109284907A (en) * | 2018-09-03 | 2019-01-29 | 山东浪潮通软信息科技有限公司 | A method of subsequent examination & approval activity participant is specified based on composite activity realization |
| CN109918945A (en) * | 2019-03-05 | 2019-06-21 | 山东浪潮通软信息科技有限公司 | A kind of method of expansible temporary Authorization |
| CN109976745A (en) * | 2017-12-27 | 2019-07-05 | 航天信息股份有限公司 | A kind of processing method for service stream and device |
| CN110991901A (en) * | 2019-12-05 | 2020-04-10 | 上海凯京信达科技集团有限公司 | Task allocation method, computer storage medium and electronic device |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1786996A (en) * | 2005-03-08 | 2006-06-14 | 中国科学院软件研究所 | Method for dymamic distribution of participator in work flow management |
| CN101038635A (en) * | 2006-03-15 | 2007-09-19 | 北大方正集团有限公司 | System for controlling flow process authority of task stream management system and implement method thereof |
| JP4628086B2 (en) * | 2004-12-20 | 2011-02-09 | キヤノンソフトウェア株式会社 | Workflow system, browsing restriction method, program, and recording medium |
| CN102012981A (en) * | 2010-11-16 | 2011-04-13 | 传神联合(北京)信息技术有限公司 | Distributing and matching method and system of general permission grade |
| CN102436612A (en) * | 2012-01-16 | 2012-05-02 | 浪潮集团山东通用软件有限公司 | Method for realizing business management relationship dynamic participant in workflow management system |
| US8181858B2 (en) * | 2007-12-14 | 2012-05-22 | Bank Of America Corporation | Information banking |
| US8326911B2 (en) * | 2007-02-02 | 2012-12-04 | Microsoft Corporation | Request processing with mapping and repeatable processes |
-
2013
- 2013-04-23 CN CN2013101408992A patent/CN103218688A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP4628086B2 (en) * | 2004-12-20 | 2011-02-09 | キヤノンソフトウェア株式会社 | Workflow system, browsing restriction method, program, and recording medium |
| CN1786996A (en) * | 2005-03-08 | 2006-06-14 | 中国科学院软件研究所 | Method for dymamic distribution of participator in work flow management |
| CN101038635A (en) * | 2006-03-15 | 2007-09-19 | 北大方正集团有限公司 | System for controlling flow process authority of task stream management system and implement method thereof |
| US8326911B2 (en) * | 2007-02-02 | 2012-12-04 | Microsoft Corporation | Request processing with mapping and repeatable processes |
| US8181858B2 (en) * | 2007-12-14 | 2012-05-22 | Bank Of America Corporation | Information banking |
| CN102012981A (en) * | 2010-11-16 | 2011-04-13 | 传神联合(北京)信息技术有限公司 | Distributing and matching method and system of general permission grade |
| CN102436612A (en) * | 2012-01-16 | 2012-05-02 | 浪潮集团山东通用软件有限公司 | Method for realizing business management relationship dynamic participant in workflow management system |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104732375A (en) * | 2013-12-20 | 2015-06-24 | 远光软件股份有限公司 | Centralized examining and approving method and device |
| CN105005837A (en) * | 2014-04-21 | 2015-10-28 | 山西太钢不锈钢股份有限公司 | Method for adding approval function to SAP ERP application program |
| CN105787633A (en) * | 2014-12-26 | 2016-07-20 | 远光软件股份有限公司 | System and method for processing concurrent examining and approving flow |
| CN105808989B (en) * | 2014-12-31 | 2018-12-07 | 中国移动通信集团吉林有限公司 | A kind of permission auditing method and device |
| CN105808989A (en) * | 2014-12-31 | 2016-07-27 | 中国移动通信集团吉林有限公司 | Permission auditing method and device |
| CN106339850A (en) * | 2015-07-17 | 2017-01-18 | 北京奇虎科技有限公司 | Automatic generation method and device of contract approval process |
| CN105225031A (en) * | 2015-09-06 | 2016-01-06 | 浪潮软件股份有限公司 | A kind of method of support performance stream participant types expansion |
| CN105741084A (en) * | 2016-02-02 | 2016-07-06 | 成都市泰牛科技股份有限公司 | Service authority management system and method |
| CN106355353A (en) * | 2016-09-29 | 2017-01-25 | 广州鹤互联网科技有限公司 | Signing and approving request processing method and device |
| CN107862473A (en) * | 2017-12-04 | 2018-03-30 | 山东浪潮通软信息科技有限公司 | A kind of participation user of workflow determines method and device |
| CN108596554A (en) * | 2017-12-12 | 2018-09-28 | 浪潮通用软件有限公司 | A kind of method and workflow engine of the specified follow-up examination & approval link participant of dynamic |
| CN108596554B (en) * | 2017-12-12 | 2021-08-31 | 浪潮通用软件有限公司 | Method for dynamically designating subsequent examination and approval link participants and workflow engine |
| CN109976745A (en) * | 2017-12-27 | 2019-07-05 | 航天信息股份有限公司 | A kind of processing method for service stream and device |
| CN108363594A (en) * | 2018-01-08 | 2018-08-03 | 浪潮通用软件有限公司 | A kind of method that participant parses in Workflow system |
| CN109284907A (en) * | 2018-09-03 | 2019-01-29 | 山东浪潮通软信息科技有限公司 | A method of subsequent examination & approval activity participant is specified based on composite activity realization |
| CN109918945A (en) * | 2019-03-05 | 2019-06-21 | 山东浪潮通软信息科技有限公司 | A kind of method of expansible temporary Authorization |
| CN110991901A (en) * | 2019-12-05 | 2020-04-10 | 上海凯京信达科技集团有限公司 | Task allocation method, computer storage medium and electronic device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103218688A (en) | Method for determining workflow participant based on data permission | |
| Choi | Flexible work arrangements and employee retention: A longitudinal analysis of the federal workforces | |
| Pichault et al. | Autonomy at work in the gig economy: analysing work status, work content and working conditions of independent professionals | |
| Greer et al. | Marketization, inequality, and institutional change: Toward a new framework for comparative employment relations | |
| Avent-Holt et al. | A relational theory of earnings inequality | |
| Zohar et al. | Discourse-based intervention for modifying supervisory communication as leverage for safety climate and performance improvement: a randomized field study. | |
| KR20190141226A (en) | How to Set Form Field Manipulation Permissions for Workflows and Their Approval Nodes | |
| Lan et al. | State regulation, economic reform and worker rights: The contingent effects of China’s labour contract law | |
| Sobczak | Ensuring the effective implementation of transnational company agreements | |
| Bosch et al. | Reducing wage inequality: The role of the state in improving job quality | |
| Frenkel et al. | Do high performance work practices work in South Korea? | |
| Grundstrom et al. | Making sense of the general data protection regulation—four categories of personal data access challenges | |
| Pulignano | Articulation within (and across) transnational workplaces and the role of European Works Councils | |
| Drahokoupil et al. | Labour’s legal resources after 2004: the role of the European Union | |
| Bumgarner et al. | Governing alone and with partners: Presidential governance in a post-NPM environment | |
| Adriaanse et al. | The use of interorganisational ICT in construction projects: A critical perspective | |
| Feng et al. | The state as regulator? The ‘dual-track’system of employment in the Chinese public sector and barriers to equal pay for equal work | |
| Heeg | The erosion of corporatism? The rescaling of industrial relations in Germany | |
| Cunningham et al. | Public Service Delivery and the Voluntary Sector: Trends, Explanations, and Implications | |
| Walter et al. | 15 Embedding systemic change—opportunities and challenges | |
| Fütterer et al. | Challenges for organizing along the garment value chain: experiences from the Union Network TIE Exchains | |
| Lewiskin | On the front lines: Managerialism in substance abuse agencies | |
| Hwang et al. | Labour dispute arbitration in China: perspectives of the arbitrators | |
| Yekta et al. | Corporate code of ethics and reporting wrongdoing in private sector organizations in Malaysia | |
| Colenbrander | International Framework Agreements: An Analysis of the International Framework Agreement as an Instrument for Improving Working Standards in Global Business Operations |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20130724 |