CN105701599B - Role characteristic comparison processing method - Google Patents
Role characteristic comparison processing method Download PDFInfo
- Publication number
- CN105701599B CN105701599B CN201511032300.9A CN201511032300A CN105701599B CN 105701599 B CN105701599 B CN 105701599B CN 201511032300 A CN201511032300 A CN 201511032300A CN 105701599 B CN105701599 B CN 105701599B
- Authority
- CN
- China
- Prior art keywords
- data table
- role
- type data
- user operation
- format configuration
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/063—Operations research, analysis or management
- G06Q10/0631—Resource planning, allocation, distributing or scheduling for enterprises or organisations
- G06Q10/06311—Scheduling, planning or task assignment for a person or group
Landscapes
- Business, Economics & Management (AREA)
- Human Resources & Organizations (AREA)
- Engineering & Computer Science (AREA)
- Strategic Management (AREA)
- Entrepreneurship & Innovation (AREA)
- Economics (AREA)
- Operations Research (AREA)
- Game Theory and Decision Science (AREA)
- Development Economics (AREA)
- Marketing (AREA)
- Educational Administration (AREA)
- Quality & Reliability (AREA)
- Tourism & Hospitality (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a role characteristic comparison processing method, which comprises the following steps: acquiring each first type data table related to role attributes from an enterprise management unit; establishing a second type data table corresponding to the first type data table in the database according to the field attribute of each first type data table and the entity relationship of the first type data table; when the first user operation is obtained, determining a query result matched with the first user operation according to the logic relation between the tables of the second type data table; and displaying the query result. The technical problems that the timeliness of online external management is poor and the usability of online management is poor are solved. The off-line analysis and comparison of the diagonal color characteristics are visual, convenient, fast and accurate, and the operation and maintenance efficiency of the SAP ECC system is greatly improved.
Description
Technical Field
The invention relates to the technical field of information, in particular to a role characteristic comparison processing method.
Background
The analysis and comparison of the role characteristics are an important content in daily operation and maintenance work of SAP ECC system consultants and key users, and the original roles in the system need to be checked and analyzed no matter the services such as user authorization, internal control compliance check, newly-added organization authority design, user post adjustment and the like. Currently, the use of either a review rights design requirements document or the use of TCODE: and analyzing and comparing the character characteristics by the SUIM two modes.
The authority design requirement document is generally written by a service consultant during authority design before an SAP ECC project is on line, and in the subsequent operation and maintenance process, the service consultant and a key user mainly carry out authority related work according to the document. The authority design requirement document is a link for connecting services and technologies, and has the advantages of no ethical ratio in the aspects of intuitiveness of data display and convenience of use. The SUIM is a transaction code provided by the SAP for managing roles, and through the SUIM, role information can be inquired from multiple dimensions, and the comparison of rights objects of two roles can also be supported. However, the two technologies have weak timeliness of off-line management and poor usability of on-line management.
Disclosure of Invention
The embodiment of the invention provides a role characteristic comparison processing method, and solves the technical problems of weak timeliness of off-line management and poor usability of on-line management.
The role characteristic comparison processing method provided by the embodiment of the invention comprises the following steps:
acquiring each first type data table related to role attributes from an enterprise management unit;
establishing a second type data table corresponding to the first type data table in a database according to the field attribute of each first type data table and the entity relationship of the first type data table;
when a first user operation is obtained, determining a query result matched with the first user operation according to the logic relation between tables of the second type data table;
and displaying the query result.
Preferably, the establishing, according to the field attribute of each first-type data table and the entity relationship of the first-type data table, a second-type data table corresponding to the first-type data table in a database includes:
reading data records in each first type data table;
writing the data records in each first-class data table into the corresponding second-class data table one by one, wherein the field attribute of each second-class data table is matched with the field attribute of the corresponding first-class data table, and the entity relationship of the second-class data table is matched with the entity relationship of the first-class data table.
Preferably, the obtaining each first type data table related to the role attribute from the enterprise management unit specifically includes:
and deriving a first activity group authority data table format configuration table, a second activity group authority data table format configuration table, an organization element table format configuration table of the authority, a role definition table format configuration table, a technical information format configuration table in a dictionary, an authority object attribute and text index configuration table and an object table format configuration table from the enterprise management unit.
Preferably, the first user operation is specifically:
a single role selection operation, or
A plurality of role selection operations.
Preferably, the first user operation is the single role selection operation;
when the first user operation is obtained, determining a query result matched with the first user operation according to the logic relationship between the tables of the second type data table, including:
responding to the single role selection operation to acquire the selected single role;
inquiring the single role based on the role name field of the role definition table format configuration table and the root role field of the role definition table format configuration table;
and inquiring the derivative role of the single role or the root role of the single role.
Preferably, the first user operation is the plurality of role selection operations;
when the first user operation is obtained, determining a query result matched with the first user operation according to the logic relationship between the tables of the second type data table, including:
responding to the plurality of role selection operations, and acquiring the selected plurality of roles;
and selecting all values meeting a first preset condition in the plurality of roles as the query result in the second activity group permission data table format configuration table.
Preferably, the first preset condition is specifically:
the rights object equals the transaction code check at the beginning of the transaction, and
the permission field is equal to the transaction code.
Preferably, the first user operation is the plurality of role selection operations;
when the first user operation is obtained, determining a query result matched with the first user operation according to the logic relationship between the tables of the second type data table, including:
responding to the plurality of role selection operations, and acquiring the selected plurality of roles;
and selecting all values meeting a second preset condition in the plurality of roles as the query result in the second activity group permission data table format configuration table.
Preferably, the second preset condition is specifically:
the rights object is not equal to the transaction code check at the beginning of the transaction, an
The permission field is not equal to the transaction code, and
the LOW field does not start with the first special character.
Preferably, the first user operation is the plurality of role selection operations;
when the first user operation is obtained, determining a query result matched with the first user operation according to the logic relationship between the tables of the second type data table, including:
responding to the plurality of role selection operations, and acquiring the selected plurality of roles;
selecting all values of the LOW field in the plurality of roles beginning with a first specific character in the second active set permission data table format configuration table;
and retrieving all values starting with the first specific character in the LOW field in a VARBL field of the organization element table format configuration table of the authority, wherein the retrieval result is the query result.
One or more technical solutions provided in the embodiments of the present invention have at least the following technical effects or advantages:
according to the embodiment of the invention, the first type data table related to the role attribute is derived from the enterprise management unit, the second type data table corresponding to the first type data table is established in the database, and then offline analysis and comparison are carried out, and the comparison result is directly displayed to business personnel, so that the technical problems of weak online management timeliness and poor online management usability are solved, visual, convenient and accurate offline analysis and comparison of the role characteristic are realized, and the operation and maintenance work efficiency of the SAP ECC system is greatly improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
FIG. 1 is a flowchart of a role characteristic comparison processing method according to an embodiment of the present invention;
FIG. 2 is a diagram illustrating entity relationships among first-type data tables associated with role attributes in an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, a role characteristic comparison processing method provided in an embodiment of the present invention includes the following steps:
s101, acquiring each first type data table related to the role attributes from the enterprise management unit.
Specifically, the Enterprise management unit is SAP ECC (SAP Enterprise Central Component). In a specific implementation, the enterprise management unit may be an enterprise management system having the same or similar structure as the SAP ECC function.
Next, for example, in the SAP ECC system, each first type data table associated with a role attribute is derived from the enterprise management unit. Referring to fig. 2, the first type data table derived related to the role attributes includes seven tables, which are: a first active set permission data table format configuration table (AGR _1250)201, a second active set permission data table format configuration table (AGR _1251)202, an organization element table format configuration table of permissions (AGR _1252)203, a role definition table format configuration table (AGR _ DEFINE)204, an in-dictionary technology information format configuration table (AUTH _ FLDINFO _ TMP)205, a permission object attribute and text index configuration table (TSTCT)206, and an object table format configuration table (tobit) 207.
S102, establishing a second type data table corresponding to the first type data table in the database according to the field attribute of each first type data table and the entity relationship of the first type data table.
The specific implementation of S102 is as follows: reading the data records in each first type data table; and writing the data records in each first-type data table into the corresponding second-type data table one by one.
And the field attribute of each second type data table is matched with the field attribute of the corresponding first type data table. The second-type data table comprises seven data tables in total, and the seven second-type data tables correspond to the seven first-type data tables one by one. For example, the field attribute of the first second-kind data table matches with the field attribute of the first activity group permission data table format configuration table 201, and the field attribute of the second-kind data table matches with the field attribute of the second activity group permission data table format configuration table 202, so as to correspond in sequence.
The entity relationship of the second type data table matches the entity relationship of the first type data table, so the entity relationship of the second type data table can also refer to fig. 2.
The entity relationship among all the first-type data tables is shown in fig. 2, the primary key of each piece of data is the primary key of the table and is unique and not null, and the foreign key is a field with the same type and field name as a certain field of the table in another table, and is used for associating two or more first-type data tables.
After the second type data table is established, S103 is executed: and when the first user operation is obtained, determining a query result matched with the first user operation according to the logic relation between the tables of the second type data table.
Specifically, the query results are different if the first user operates the operation executed on the different interfaces. In an implementation process, the first user operation is a single role selection operation or a plurality of role selection operations.
According to different first user operations, different query results obtained by analyzing and comparing four dimensions are given:
the first implementation mode comprises the following steps: the first user operation is specifically to respond to a single role selection operation to acquire a selected single role when the single role selection operation of the role derivation role relationship comparison interface is performed;
the individual role is queried based on the AGR _ NAME field (role NAME field) of the AGR _ definition table and the part _ AGR field (root role field) of the AGR _ definition table to find the derived role of the selected individual role or the root role of the individual role. In the specific implementation process, all derived roles of the selected single role and the root role of the selected single role are inquired out.
After querying out the derivative role of the selected single role or the root role of the single role, S104 is executed: and displaying the query result. In the present embodiment, all derived characters of one queried character or the root character of one queried character are displayed by a list.
The second embodiment: the first user operation is to respond to a plurality of role selection operations to acquire a plurality of selected roles when the object code (TCODE) and the roles are selected and operated in a role relationship comparison interface; all values of the plurality of roles that satisfy the first preset condition are selected as the query result in the second active set permission data table format configuration table 202.
Specifically, the first preset condition is that two points are simultaneously satisfied: firstly, the authority OBJECT (OBJECT field) is equal to the transaction code check when the transaction starts; second, the privilege FIELD (FIELD FIELD) is equal to the transaction code. The transaction code check at the beginning of the transaction is referred to as "S _ TCODE" and the transaction code is referred to as "TCD". After all the values satisfying the first preset condition are queried, S104 is executed: and displaying the query result. In the present embodiment, all the values that satisfy the first preset condition that are queried are displayed by a list.
The third embodiment is as follows: the first user operation is to respond to a plurality of role selection operations to acquire a plurality of selected roles when the plurality of role selection operations of the authority object level role comparison interface are performed; all values satisfying the second preset condition in the plurality of roles are selected as the query result in the second activity group permission data table format configuration table 202. After all the values satisfying the second preset condition are queried, S104 is executed: and displaying the query result. In the present embodiment, all values satisfying the second preset condition are found by the list display.
Specifically, the second preset condition is to simultaneously satisfy the following three points: one, the privilege OBJECT (OBJECT field) is not equal to the transaction code check at the beginning of the transaction (the transaction code check at the beginning of the transaction is referred to as "S _ TCODE"); second, the permission FIELD (FIELD FIELD) is not equal to the transaction code (the transaction code is referred to as "TCD"); third, the LOW field does not start with the first specific character, which is specifically the "$" character.
The fourth embodiment: when a first user operates a plurality of role selection operations of a privilege object organization level role comparison interface, responding to the plurality of role selection operations to acquire a plurality of selected roles; selecting all values of the LOW field in the plurality of roles that begin with the first specific character in the second active set permission data table format configuration table 202; all values of the LOW field starting with the first specific character are retrieved in the VARBL field of the organization element table format configuration table 202 of the authority, and the retrieval result is taken as a query result. Specifically, the first specific character is specifically the "$" character. Then, the step S104 is executed: and displaying the query result. In the present embodiment, all the values retrieved are displayed in a list.
The first, second, third, and fourth embodiments are offline analysis and comparison performed in four dimensions.
In the specific implementation process, the first implementation mode, the second implementation mode, the third implementation mode and the fourth implementation mode are not performed simultaneously, so that the analysis and comparison of four dimensions of role-derived role relationships of multiple roles, the relationship between TCODE and role, function-level rights objects of different roles and organization-level rights objects of different roles are realized.
Through one or more technical solutions provided in the embodiments of the present invention, at least the following technical effects or advantages are provided:
a first type data table related to role attributes is derived from an enterprise management unit, a second type data table corresponding to the first type data table is established in a database, then offline analysis and comparison are carried out, comparison results are directly displayed to business personnel, the technical problems that online management timeliness is weak and online management usability is poor are solved, visual, convenient and accurate offline analysis and comparison of role characteristics are achieved, and the operation and maintenance work efficiency of an SAP ECC system is greatly improved.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.
Claims (5)
1. A character characteristic comparison processing method is characterized by comprising the following steps:
acquiring each first type data table related to role attributes from an enterprise management unit;
establishing a second type data table corresponding to the first type data table in a database according to the field attribute of each first type data table and the entity relationship of the first type data table;
when a first user operation is obtained, determining a query result matched with the first user operation according to the logic relation between tables of the second type data table;
the first type data table comprises: a role definition table format configuration table, a second activity group authority data table format configuration table and an organization element table format configuration table of the authority;
the first user operation is specifically: a single role selection operation, or multiple role selection operations;
the first user operation is the single role selection operation, and when the first user operation is obtained, the query result matched with the first user operation is determined according to the logic relationship between the tables of the second type data table, including:
responding to the single role selection operation to acquire the selected single role;
inquiring the single role based on the role name field of the role definition table format configuration table and the root role field of the role definition table format configuration table;
querying a derivative role of the single role or a root role of the single role;
the first user operation is the multiple role selection operation, and when the first user operation is obtained, the query result matched with the first user operation is determined according to the logic relationship among the tables of the second type data table, and the method comprises the following steps:
responding to the plurality of role selection operations, and acquiring the selected plurality of roles;
selecting all values meeting a first preset condition in the plurality of roles as the query result in the second activity group permission data table format configuration table;
the first user operation is the multiple role selection operation, and when the first user operation is obtained, the query result matched with the first user operation is determined according to the logic relationship among the tables of the second type data table, and the method comprises the following steps:
responding to the plurality of role selection operations, and acquiring the selected plurality of roles;
selecting all values meeting a second preset condition in the plurality of roles as the query result in the second activity group permission data table format configuration table;
the first user operation is the multiple role selection operation, and when the first user operation is obtained, the query result matched with the first user operation is determined according to the logic relationship among the tables of the second type data table, and the method comprises the following steps:
responding to the plurality of role selection operations, and acquiring the selected plurality of roles;
selecting all values of the LOW field in the plurality of roles beginning with a first specific character in the second active set permission data table format configuration table;
retrieving all values starting with the first specific character in the LOW field in a VARBL field of the organization element table format configuration table of the authority, wherein the retrieval result is the query result;
and displaying the query result.
2. The character characteristic comparison processing method according to claim 1, wherein the establishing a second type data table corresponding to each first type data table in a database according to the field attribute of the first type data table and the entity relationship of the first type data table comprises:
reading data records in each first type data table;
writing the data records in each first-class data table into the corresponding second-class data table one by one, wherein the field attribute of each second-class data table is matched with the field attribute of the corresponding first-class data table, and the entity relationship of the second-class data table is matched with the entity relationship of the first-class data table.
3. The character characteristic comparison processing method according to claim 2, wherein the obtaining of each first type data table related to the character attribute from the enterprise management unit specifically includes:
and deriving a first activity group authority data table format configuration table, a second activity group authority data table format configuration table, an organization element table format configuration table of the authority, a role definition table format configuration table, a technical information format configuration table in a dictionary, an authority object attribute and text index configuration table and an object table format configuration table from the enterprise management unit.
4. The character characteristic comparison processing method according to claim 1, wherein the first preset condition is specifically:
the rights object equals the transaction code check at the beginning of the transaction, and
the permission field is equal to the transaction code.
5. The character characteristic comparison processing method according to claim 1, wherein the second preset condition is specifically:
the rights object is not equal to the transaction code check at the beginning of the transaction, an
The permission field is not equal to the transaction code, and
the LOW field does not start with the first special character.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201511032300.9A CN105701599B (en) | 2015-12-31 | 2015-12-31 | Role characteristic comparison processing method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201511032300.9A CN105701599B (en) | 2015-12-31 | 2015-12-31 | Role characteristic comparison processing method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105701599A CN105701599A (en) | 2016-06-22 |
| CN105701599B true CN105701599B (en) | 2020-02-14 |
Family
ID=56226897
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201511032300.9A Active CN105701599B (en) | 2015-12-31 | 2015-12-31 | Role characteristic comparison processing method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105701599B (en) |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080196040A1 (en) * | 2007-02-14 | 2008-08-14 | Oracle International Corporation | Enterprise clipboard with context |
| US9632742B2 (en) * | 2012-06-05 | 2017-04-25 | Sap Se | Adaptive design editor for web applications |
| CN104573478B (en) * | 2014-11-20 | 2018-11-06 | 深圳市远行科技股份有限公司 | A kind of user authority management system of Web applications |
| CN104516965B (en) * | 2014-12-24 | 2018-01-09 | 北京像素软件科技股份有限公司 | A kind of role attribute data storage and the method and system of dynamic renewal |
| CN105205117B (en) * | 2015-09-09 | 2019-03-05 | 郑州悉知信息科技股份有限公司 | A kind of tables of data moving method and device |
-
2015
- 2015-12-31 CN CN201511032300.9A patent/CN105701599B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN105701599A (en) | 2016-06-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9721016B2 (en) | System and method to search and generate reports from semi-structured data including dynamic metadata | |
| DE112016003626T5 (en) | Natural language interface to databases | |
| US20060212299A1 (en) | CRM office integration | |
| US9798813B2 (en) | Extensible person container | |
| EP3291107A1 (en) | System and method for fast probabilistic querying role-based access control systems | |
| US10977236B2 (en) | Dynamic recommendation methods and systems for database changes | |
| US9336286B2 (en) | Graphical record matching process replay for a data quality user interface | |
| US20180089304A1 (en) | Generating parsing rules for log messages | |
| US20190057147A1 (en) | Data portal | |
| US20160196319A1 (en) | Multi-dimensional data analysis | |
| CN108572945A (en) | Create method, system, storage medium and the electronic equipment of report | |
| US20120089636A1 (en) | Dimensional data explorer | |
| US20150293960A1 (en) | Real-time index consistency check | |
| CN110956431A (en) | Data authority control method and system, computer device and readable storage medium | |
| CN109615172A (en) | A kind of method and terminal handling examination data | |
| US8463763B2 (en) | Method and tool for searching in several data sources for a selected community of users | |
| CN106484699A (en) | The generation method of data base querying field and device | |
| CN109408502A (en) | A kind of data standard processing method, device and its storage medium | |
| US20120109933A1 (en) | Method and apparatus for federated search | |
| US20190310982A1 (en) | Data catalog automatic generation system and data catalog automatic generation method | |
| US20180357227A1 (en) | System and method for analyzing popularity of one or more user defined topics among the big data | |
| CN112597168A (en) | Processing method, device and platform of multi-source customer data and storage medium | |
| CN105701599B (en) | Role characteristic comparison processing method | |
| US8832110B2 (en) | Management of class of service | |
| CN106651540B (en) | Product standard cooperation method and system based on online transaction and online purchasing platform |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |