CN104881506A - Configurable management information system right control method based on database - Google Patents
Configurable management information system right control method based on database Download PDFInfo
- Publication number
- CN104881506A CN104881506A CN201510364944.1A CN201510364944A CN104881506A CN 104881506 A CN104881506 A CN 104881506A CN 201510364944 A CN201510364944 A CN 201510364944A CN 104881506 A CN104881506 A CN 104881506A
- Authority
- CN
- China
- Prior art keywords
- role
- user
- authority
- control method
- management information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/22—Indexing; Data structures therefor; Storage structures
- G06F16/2282—Tablespace storage structures; Management thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/21—Design, administration or maintenance of databases
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Databases & Information Systems (AREA)
- Data Mining & Analysis (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to a configurable management information system right control method based on a database. The configurable management information system right control method includes the following steps that a right type list is built and comprises a right type ID and a right type field; a right list is built and comprises a right ID, the right type ID and a right description field; a role list is built and comprises a role ID, a role name and other fields. The role is set according to the characteristics of a system, a role right list is built and comprises the role ID, the right ID and the right type ID field, and the right is distributed to the role and recorded in the role right list, so that the role and the right are correlated. A user is built and distributed to the role, so that the user and the right are correlated through the role. A user list is built and comprises a user ID and a user name field. A user role list is built and comprises the user ID and a user ID field. When the user logs in and operates the system, complex right management is realized by inquiring the right of the user in real time.
Description
Technical field
The invention belongs to Computer Applied Technology field, relate to a kind of control method, especially a kind of based on the configurable management information system authority control method of database; This control method can use less system overhead to realize the complicated rights management such as menu, action button, flow process, data.
Background technology
Management information system is deeply applied in daily life, and puts to development towards many application and multi-user, and this just has higher requirement in security of system, and the data security of infosystem is more and more subject to people's attention.Several typical user access control model is had: the Permission Design of based role, the Permission Design based on the Permission Design operated and based role and operation in prior art.Rights management Problems existing of the prior art is, implementation or only can realize simple authority, such as, mates by user name and menu the demand realizing menu authority, be not suitable with current development and application; The logic realizing rights management is complicated, and system overhead is larger.This is the deficiencies in the prior art part.
Summary of the invention
The object of the invention is to, for the defect that above-mentioned prior art exists, provide design a kind of based on the configurable management information system authority control method of database, to solve the problems of the technologies described above.
For achieving the above object, the present invention provides following technical scheme:
A kind of based on the configurable management information system authority control method of database, comprise the following steps:
S1: set up permission type table, comprises permission type ID and permission type field;
S2: set up authority list, comprises permission ID, permission type ID, authority description field;
S3: set up role's table, comprise the field such as role ID, role name, the feature according to system arranges role, and this role may be a job titles or a post;
S4: set up role-security table, comprises role ID, permission ID, permission type id field, by right assignment to role, and being recorded in role-security table, then Role and privilege has had association, sets up user, and user is distributed to role, then user to be established with authority by role and associates;
S5: set up subscriber's meter, comprises user ID, username field;
S6: set up user role table, comprises user ID, role ID field;
S7: in user's login also operating system process, the authority had by real-time query user, realizes complicated rights management.
Preferably, authority be divided into menu, interface, operation, flow process, data dissimilar in described step S1.
Preferably, in described step S2, each menu, interface, action button, flow process distribute 36 bit data storehouse random codes, i.e. permission ID, this random code is unique in systems in which.
Preferably, in described step S2, each data distributes a random code, or data is sorted out, by sorting out distribution random code.
Preferably, in described step S6, user is distributed to role, then user to be established with authority by role and associates, and user can be corresponding with multiple role.
Preferably, described step S7 comprises the following steps:
Logging in system by user, the authority of the Menu Type that program is had by this user of SQL query, gives its menu that can check to this user.
Preferably, described step S7 is further comprising the steps of:
When this user enters a certain interface, the authority of the action button type that program is had by this user of SQL query, thus determine whether a certain button has permission.
Preferably, described step S7 is further comprising the steps of: during this user's data query, by SQL statement only inquire about this user there are the data (or data classification) of authority, thus realize this user and can only check its content that can check.
Beneficial effect of the present invention is, achieves the control of complicated authority, solve the problem of role-security in management information system in menu, action button, flow process, data plane;
Be applied in management information system and can use less system overhead, realize the management of self-defined role and self-defined authority easily, ensure that the popularity of rights management scope and reliability highly.In addition, design concept of the present invention is reliable, has application prospect widely.
As can be seen here, the present invention compared with prior art, has outstanding substantive distinguishing features and progress significantly, and its beneficial effect implemented also is apparent.
Accompanying drawing explanation
Fig. 1 is rights management schematic diagram of the present invention.
Fig. 2 is data list structure figure of the present invention.
Embodiment
Below in conjunction with accompanying drawing, also by specific embodiment, the present invention will be described in detail, and following examples are explanation of the invention, and the present invention is not limited to following embodiment.
As illustrated in fig. 1 and 2, one provided by the invention, based on the configurable management information system authority control method of database, comprises the following steps:
S1: set up permission type table, comprises the fields such as permission type ID and permission type; Authority is divided into different types, and such as menu, interface, operation, flow process, data etc., can be arranged flexibly according to different application system features;
S2: set up authority list, comprises the fields such as permission ID, permission type ID, authority description; Each menu, interface, action button, flow process distribute 36 bit data storehouse random codes, i.e. permission ID, this random code is unique in systems in which.The rights management more complicated 5 of data; Because the order of magnitude is comparatively large, two kinds of way to manages can be had: one is that each data distributes a random code; Another kind is sorted out data, distributes random code by sorting out.Such as in human resource system, the data of employee can be classified as affiliated unit or department, give the random code of the data unified distribution after sorting out.Each random code that menus all above, action button, flow process, data classification etc. are distributed, we are called an authority, and by all authority records in authority list.
S3: set up role's table, comprise the field such as role ID, role name.Feature according to system arranges role, and this role may be a job titles or post, such as a role1;
S4: set up role-security table, comprises the fields such as role ID, permission ID, permission type ID.By right assignment to role role1, and be recorded in role-security table, then Role and privilege has had association.Set up user, and user is distributed to role, then user to be established with authority by role and associates;
S5: set up subscriber's meter, comprises the field such as user ID, user name;
S6: set up user role table, comprises the field such as user ID, role ID.User is distributed to role, then user to be established with authority by role and associates.User can be corresponding with multiple role;
S7: in user's login also operating system process, the authority had by real-time query user, realizes complicated rights management.Specific implementation process is: user user1 login system, and the authority of the Menu Type that program is had by SQL query user1 gives its menu that can check to user; When user1 enters a certain interface, the authority of the action button type that program is had by SQL query user1, thus determine whether a certain button has permission; During user1 data query, by SQL statement only inquire about user1 there are the data (or data classification) of authority, thus realize user and can only check its content that can check.
The preferred embodiment of the present invention is only above; but the present invention is not limited thereto; any those skilled in the art can think there is no creationary change, and some improvements and modifications done without departing from the principles of the present invention, all should drop in protection scope of the present invention.
Claims (8)
1., based on the configurable management information system authority control method of database, comprise the following steps:
S1: set up permission type table, comprises permission type ID and permission type field;
S2: set up authority list, comprises permission ID, permission type ID, authority description field;
S3: set up role's table, comprise the field such as role ID, role name, the feature according to system arranges role, and this role may be a job titles or a post;
S4: set up role-security table, comprises role ID, permission ID, permission type id field, by right assignment to role, and being recorded in role-security table, then Role and privilege has had association, sets up user, and user is distributed to role, then user to be established with authority by role and associates;
S5: set up subscriber's meter, comprises user ID, username field;
S6: set up user role table, comprises user ID, role ID field;
S7: in user's login also operating system process, the authority had by real-time query user, realizes complicated rights management.
2. one according to claim 1 is based on the configurable management information system authority control method of database, it is characterized in that: authority be divided into menu, interface, operation, flow process, data dissimilar in described step S1.
3. one according to claim 2 is based on the configurable management information system authority control method of database, it is characterized in that: in described step S2, each menu, interface, action button, flow process distribute 36 bit data storehouse random codes, i.e. permission ID, this random code is unique in systems in which.
4. one according to claim 3 is based on the configurable management information system authority control method of database, it is characterized in that: in described step S2, each data distributes a random code, or data is sorted out, by sorting out distribution random code.
5. one according to claim 4 is based on the configurable management information system authority control method of database, it is characterized in that: in described step S6, user is distributed to role, then user to be established with authority by role and associates, and user can be corresponding with multiple role.
6. one according to claim 5 is based on the configurable management information system authority control method of database, it is characterized in that: described step S7 comprises the following steps:
Logging in system by user, the authority of the Menu Type that program is had by this user of SQL query, gives its menu that can check to this user.
7. one according to claim 6 is based on the configurable management information system authority control method of database, it is characterized in that:, described step S7 is further comprising the steps of:
When this user enters a certain interface, the authority of the action button type that program is had by this user of SQL query, thus determine whether a certain button has permission.
8. one according to claim 7 is based on the configurable management information system authority control method of database, it is characterized in that: described step S7 is further comprising the steps of: during this user's data query, by SQL statement only inquire about this user there are the data (or data classification) of authority, thus realize this user and can only check its content that can check.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510364944.1A CN104881506A (en) | 2015-06-29 | 2015-06-29 | Configurable management information system right control method based on database |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510364944.1A CN104881506A (en) | 2015-06-29 | 2015-06-29 | Configurable management information system right control method based on database |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104881506A true CN104881506A (en) | 2015-09-02 |
Family
ID=53948999
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510364944.1A Pending CN104881506A (en) | 2015-06-29 | 2015-06-29 | Configurable management information system right control method based on database |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104881506A (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106850512A (en) * | 2015-12-07 | 2017-06-13 | 北京航天长峰科技工业集团有限公司 | A kind of information system design method for meeting cascade protection requirement |
| CN106899543A (en) * | 2015-12-17 | 2017-06-27 | 电信科学技术研究院 | A kind of content access control method and relevant device |
| CN107944254A (en) * | 2017-11-01 | 2018-04-20 | 平安科技(深圳)有限公司 | Authority configuring method, application server and the computer-readable recording medium of system |
| WO2019011255A1 (en) * | 2017-07-11 | 2019-01-17 | 成都牵牛草信息技术有限公司 | Method for authorizing field value of form field by means of third party field |
| CN110968580A (en) * | 2018-09-30 | 2020-04-07 | 北京国双科技有限公司 | Method and device for creating data storage structure |
| CN112214756A (en) * | 2020-09-18 | 2021-01-12 | 广州市贺氏办公设备有限公司 | Authority management system, method and storage medium of consumption machine |
| CN112214755A (en) * | 2020-09-18 | 2021-01-12 | 广州市贺氏办公设备有限公司 | Multifunctional consumption machine |
| CN113515552A (en) * | 2021-05-31 | 2021-10-19 | 南京一鸣科技有限公司 | Metadata-based high configurability query statistical method in management information system |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080109898A1 (en) * | 2006-11-03 | 2008-05-08 | Microsoft Corporation | Modular enterprise authorization solution |
| CN101373527A (en) * | 2007-08-24 | 2009-02-25 | 上海全成通信技术有限公司 | Human authority control method engaged with system |
| CN102393889A (en) * | 2011-09-19 | 2012-03-28 | 北京信城通数码科技有限公司 | Permissions configuration management system |
| CN102567675A (en) * | 2012-02-15 | 2012-07-11 | 合一网络技术(北京)有限公司 | User authority management method and system in business system |
| CN103500297A (en) * | 2013-10-11 | 2014-01-08 | 济钢集团有限公司 | Fine grit authority management method in information system |
| CN104408339A (en) * | 2014-12-18 | 2015-03-11 | 山东钢铁股份有限公司 | Authority management method for information system |
-
2015
- 2015-06-29 CN CN201510364944.1A patent/CN104881506A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080109898A1 (en) * | 2006-11-03 | 2008-05-08 | Microsoft Corporation | Modular enterprise authorization solution |
| CN101373527A (en) * | 2007-08-24 | 2009-02-25 | 上海全成通信技术有限公司 | Human authority control method engaged with system |
| CN102393889A (en) * | 2011-09-19 | 2012-03-28 | 北京信城通数码科技有限公司 | Permissions configuration management system |
| CN102567675A (en) * | 2012-02-15 | 2012-07-11 | 合一网络技术(北京)有限公司 | User authority management method and system in business system |
| CN103500297A (en) * | 2013-10-11 | 2014-01-08 | 济钢集团有限公司 | Fine grit authority management method in information system |
| CN104408339A (en) * | 2014-12-18 | 2015-03-11 | 山东钢铁股份有限公司 | Authority management method for information system |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106850512A (en) * | 2015-12-07 | 2017-06-13 | 北京航天长峰科技工业集团有限公司 | A kind of information system design method for meeting cascade protection requirement |
| CN106899543A (en) * | 2015-12-17 | 2017-06-27 | 电信科学技术研究院 | A kind of content access control method and relevant device |
| CN106899543B (en) * | 2015-12-17 | 2020-10-20 | 电信科学技术研究院 | Content access control method and related equipment |
| WO2019011255A1 (en) * | 2017-07-11 | 2019-01-17 | 成都牵牛草信息技术有限公司 | Method for authorizing field value of form field by means of third party field |
| US11775687B2 (en) | 2017-07-11 | 2023-10-03 | Chengdu Qianniucao Information Technology Co., Ltd. | Method for authorizing field value of form field by means of third party field |
| CN107944254A (en) * | 2017-11-01 | 2018-04-20 | 平安科技(深圳)有限公司 | Authority configuring method, application server and the computer-readable recording medium of system |
| CN110968580B (en) * | 2018-09-30 | 2023-05-23 | 北京国双科技有限公司 | Method and device for creating data storage structure |
| CN110968580A (en) * | 2018-09-30 | 2020-04-07 | 北京国双科技有限公司 | Method and device for creating data storage structure |
| CN112214755A (en) * | 2020-09-18 | 2021-01-12 | 广州市贺氏办公设备有限公司 | Multifunctional consumption machine |
| CN112214756A (en) * | 2020-09-18 | 2021-01-12 | 广州市贺氏办公设备有限公司 | Authority management system, method and storage medium of consumption machine |
| CN112214755B (en) * | 2020-09-18 | 2024-05-03 | 广州市贺氏办公设备有限公司 | Multifunctional consumer machine |
| CN113515552A (en) * | 2021-05-31 | 2021-10-19 | 南京一鸣科技有限公司 | Metadata-based high configurability query statistical method in management information system |
| CN113515552B (en) * | 2021-05-31 | 2024-03-26 | 南京一鸣科技有限公司 | Metadata-based high-configurability query statistical method in management information system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104881506A (en) | Configurable management information system right control method based on database | |
| CN104408339A (en) | Authority management method for information system | |
| CN103500297A (en) | Fine grit authority management method in information system | |
| CN102231693A (en) | Method and apparatus for managing access authority | |
| CN102929961A (en) | Data processing method and device thereof based on building quick data staging channel | |
| CN104036365A (en) | Method for constructing enterprise-level data service platform | |
| CN109933310A (en) | A kind of configurable JAVA development platform based on data template | |
| CN102917006A (en) | Method and device for achieving uniform control management of computing resource and object authority | |
| CN104182846A (en) | Client management system | |
| CN105824837A (en) | Log treatment method and device | |
| CN106648589A (en) | svn source code online management and shared viewing system and method | |
| CN103023921A (en) | Authentication and access method and authentication system | |
| CN105095496A (en) | Method for monitoring MYSQL table space through ZABBIX | |
| CN106126522A (en) | A kind of processing system of accounting statement | |
| CN105468763A (en) | Method for multi-person cooperation in big data operation | |
| CN107016278A (en) | A kind of authority distributing method, device and background management system | |
| CN111737655A (en) | User authority management method, system and storage medium of cloud management platform | |
| CN103220172A (en) | Device and method based on LDAP (lightweight directory access protocol) user authorization management | |
| CN114297841A (en) | Simulation model resource system construction system and construction method thereof | |
| CN107169044A (en) | A kind of city talent resource integrated management method | |
| CN105786945B (en) | A kind of power information data efficient processing method based on data channel | |
| CN103500315A (en) | System of reasonable classification and use permission distribution for information resources | |
| CN107609169A (en) | A kind of patent name back-stage management analysis system based on database | |
| CN202854924U (en) | Intelligent object storage system | |
| CN108022106A (en) | Multimedia intelligent customer service system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| EXSB | Decision made by sipo to initiate substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20171120 Address after: 250100 Shandong city of Ji'nan province high tech Zone Shun Road No. 2000 Shun Tai Plaza No. 4 Applicant after: Software Limited by Share Ltd Address before: Industrial Road Licheng District, Ji'nan city of Shandong Province, No. 21 250101 Applicant before: Shandong Iron & Steel Group Co., Ltd. |
|
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20150902 |