CN106570406A - Data level authority configuration method and apparatus - Google Patents
Data level authority configuration method and apparatus Download PDFInfo
- Publication number
- CN106570406A CN106570406A CN201610970700.2A CN201610970700A CN106570406A CN 106570406 A CN106570406 A CN 106570406A CN 201610970700 A CN201610970700 A CN 201610970700A CN 106570406 A CN106570406 A CN 106570406A
- Authority
- CN
- China
- Prior art keywords
- configuration item
- data
- level authority
- authority
- role
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Abstract
The invention discloses a data level authority configuration method comprising steps of defining a name and/or attributes of a configuration item upon receiving a building instruction of the configuration item, building a role corresponding to the configuration item, configuring line level authority and/or row level authority for each role in the configuration item based on the name and/or attributes of the configuration item to enable each role in the configuration item to execute corresponding authority control operation according to the line level authority and/or row level authority. The role has a manger and common users. The invention further discloses a data level authority configuration apparatus; and cost of the data level authority configuration apparatus can be reduced.
Description
Technical field
The present invention relates to field of computer technology, more particularly to a kind of data level authority configuring method and device.
Background technology
Traditional configuration item system (Configuration Management Database, configuration management data base) system
System in terms of the authority configuration of data, in order that the flexible configuration of data permission some, typically can using customization by the way of
Configured.Specifically, it is exactly to each configuration item (Configuration Items, configuration item) in software system
All coding logics can so accomplish the control of authority of data level controlling its data usage rights, but this number
According to the configuration mode of level authority, there is new configuration item to increase every time, or the role in configuration item is when needing to change authority, all
Need to put into substantial amounts of manpower and materials again and go to develop or change, cause to consume is relatively costly.
The content of the invention
Present invention is primarily targeted at proposing a kind of data level authority configuring method and device, it is intended to solve existing number
According to level authority configuration mode, the relatively costly technical problem of consumption.
For achieving the above object, a kind of data level authority configuring method that the present invention is provided, the data level authority configuration
Method includes:
When the establishment for receiving configuration item is instructed, the title and/or attribute of the configuration item are defined;
The corresponding role of the configuration item is created, wherein, the role includes manager and domestic consumer;
Title and/or attribute based on the configuration item, configure in the configuration item each role row level authority and/
Or row level authority, so that each role performs accordingly in the configuration item according to the row level authority and/or row level authority
Control of authority is operated.
Preferably, the title based on the configuration item, configures the row level authority of each role in the configuration item
The step of include:
Determine the preset attribute column of each role in the configuration item;
Based on the title of the configuration item, it is determined that the preset attribute column in filtercondition expression formula is set;
According to the filtercondition expression formula, the row level authority of each role in the configuration item is configured.
Preferably, the title and/or attribute based on the configuration item, configures each role's in the configuration item
After the step of row level authority and/or row level authority, the data level authority configuring method also includes:
When the establishment for receiving account information is instructed, corresponding account is created;
When the account creation is completed, account role to be allocated is determined;
The incidence relation of the account and the role to be allocated is set up, by the role authorization account is given.
Preferably, it is described set up the account and the role to be allocated incidence relation the step of after, the number
Also include according to level authority configuring method:
When receiving data inquiry request in the data-interface of the configuration item, the data inquiry request is parsed, with
Accounts information in the data inquiry request is verified;
After accounts information verification passes through, Permission Levels of the accounts information in the configuration item are verified, its
In, the Permission Levels include row level authority and/or row level authority;
Based on Permission Levels of the accounts information in the configuration item, the corresponding parameter letter of the Permission Levels is obtained
Breath, and the corresponding data of the parameter information are extracted in data base;
The data extracted are packaged, and are sent to display in display interface.
Preferably, it is described to be packaged the data extracted, and be sent to before the step of showing in display interface,
The data level authority configuring method also includes:
When the accounts information has multiple roles in the configuration item, to accounts information described in the configuration item
Row level authority and row level authority are adjusted;Wherein, the row level authority is merged, the row level authority is expert at a grade authority
For " visible " when, using highest-ranking authority as the row level authority after merging.
Additionally, for achieving the above object, the present invention also proposes a kind of data level authority configuration device, the data level authority
Configuration device includes:
Definition module, during for instructing in the establishment for receiving configuration item, defines the title and/or category of the configuration item
Property;
Creation module, for creating the corresponding role of the configuration item, wherein, the role includes manager and common use
Family;
Configuration module, for title and/or attribute based on the configuration item, configures each role in the configuration item
Row level authority and/or row level authority so that each role weighs in the configuration item according to the row level authority and/or row level
Limit performs corresponding control of authority operation.
Preferably, the configuration module includes:
First determining unit, for determining the configuration item in each role preset attribute column;
Setting unit, for based on the configuration item title, it is determined that the preset attribute column in arranged
Filter conditional expression;
Dispensing unit, for according to the filtercondition expression formula, configuring the row level power of each role in the configuration item
Limit.
Preferably, the creation module, is additionally operable to, when the establishment for receiving account information is instructed, create corresponding account
Family;
The data level authority configuration device also includes:
Determining module, for when the account creation is completed, determining account role to be allocated;
Module is set up, for setting up the incidence relation of the account and the role to be allocated, the role is awarded
Weigh to the account.
Preferably, the data level authority configuration device also includes:
Parsing module, during for receiving data inquiry request in the data-interface of the configuration item, parses the number
According to inquiry request, to verify to the accounts information in the data inquiry request;
Correction verification module, for after accounts information verification passes through, the verification accounts information to be in the configuration item
Permission Levels, wherein, the Permission Levels include row level authority and/or row level authority;
Acquisition module, for based on Permission Levels of the accounts information in the configuration item, obtaining the authority level
Not corresponding parameter information;
Extraction module, for extracting the corresponding data of the parameter information in data base;
Processing module, for the data extracted to be packaged, and is sent to display in display interface.
Preferably, the data level authority configuration device also includes:
Adjusting module, for when the accounts information has multiple roles in the configuration item, in the configuration item
The row level authority and row level authority of the accounts information is adjusted;Wherein, the row level authority is merged, the row level
Authority be expert at grade authority for " visible " when, using highest-ranking authority as the row level authority after merging.
Data level authority configuring method proposed by the present invention and device, it is first fixed when the establishment for receiving configuration item is instructed
The title and/or attribute of the justice configuration item, then creates the corresponding role of the configuration item, is based ultimately upon the configuration item
Title and/or attribute, configure the row level authority and/or row level authority of each role, so that each role in the configuration item
Corresponding control of authority operation is performed according to the row level authority and/or row level authority in the configuration item, configuration is realized
During data level authority, the row level authority and/or row level authority to each role in the configuration item is configured, without the need for weight
New coding code, only just can reduce software system by modification configuration with precise control row level and the access rights of row level
Development and maintenance cost.
Description of the drawings
Fig. 1 is the schematic flow sheet of data level authority configuring method first embodiment of the present invention;
Fig. 2 is the schematic flow sheet of data level authority configuring method second embodiment of the present invention;
Fig. 3 is the schematic flow sheet of data level authority configuring method 3rd embodiment of the present invention;
Fig. 4 is the high-level schematic functional block diagram of data level authority configuration device first embodiment of the present invention;
Fig. 5 is the high-level schematic functional block diagram of data level authority configuration device second embodiment of the present invention;
Fig. 6 is the high-level schematic functional block diagram of data level authority configuration device 3rd embodiment of the present invention;
Fig. 7 is the structural representation of data level authority configuration system in the present invention.
The realization of the object of the invention, functional characteristics and advantage will be described further referring to the drawings in conjunction with the embodiments.
Specific embodiment
It should be appreciated that specific embodiment described herein is not intended to limit the present invention only to explain the present invention.
The solution of the embodiment of the present invention is mainly:When the establishment for receiving configuration item is instructed, first match somebody with somebody described in definition
Put the title and/or attribute of item, then create the corresponding role of the configuration item, be based ultimately upon the configuration item title and/
Or attribute, the row level authority and/or row level authority of each role are configured in the configuration item, so that each role matches somebody with somebody described
Put in item and corresponding control of authority operation is performed according to the row level authority and/or row level authority, realize configuration data level power
In limited time, to each role in the configuration item row level authority and/or row level authority is configured, without the need for writing journey again
Sequence code, only by modification configuration just with precise control row level and the access rights of row level, can reduce software system exploitation and
Maintenance cost.
The present invention proposes a kind of data level authority control method of flexibly configurable, by the authority for configuring role, makes not
Same role realizes data level control of authority when single configuration item is accessed.
The present invention provides a kind of data level authority configuring method.
With reference to Fig. 1, Fig. 1 is the schematic flow sheet of data level authority configuring method first embodiment of the present invention.
In the present embodiment, the data level authority configuring method includes:
Step S10, when the establishment for receiving configuration item is instructed, defines the title and/or attribute of the configuration item;
In the present embodiment, when the establishment for receiving configuration item is instructed, configuration item type, the configuration item first to be created
Tables of data can also be expressed as.Specifically:The title of the configuration item is first defined, the attribute of the configuration item is then positioned, it is fixed
Corresponding tables of data is generated in data base after justice is complete.Such as configuration item entitled " operation maintenance personnel information ", there is " name ", " property
Not ", the attribute such as " job number ", " department ", as shown in the table:
The configuration item type allocation list of table 1.
The configuration item attribute allocation list of table 2
The tables of data generated in the data base of table 3.
Step S20, creates the corresponding role of the configuration item, wherein, the role includes manager and domestic consumer;
Step S30, the title and/or attribute based on the configuration item, configures the row of each role in the configuration item
Level authority and/or row level authority, so that each role holds in the configuration item according to the row level authority and/or row level authority
The corresponding control of authority operation of row.
After the completion of the title and attribute definition of the configuration item, the corresponding role of the configuration item, the present embodiment are created
In, role includes manager and domestic consumer, such as comprehensive financial operation portion manager, S&T tax portion manager, HR managers, science and technology
Domestic consumer of division department or domestic consumer of comprehensive financial operation portion etc..The title and/or attribute of the configuration item are then based on, in institute
The row level authority and/or row level authority that each role is configured in configuration item is stated, configuration item is licensed to into each role.Wherein:
The row level authority of each role is configured based on the title of the configuration item, is arranged actually in configuration item type
Permission Levels, the Permission Levels of configuration item type have 3 kinds, are respectively " additions and deletions ", " editor ", " read-only "." additions and deletions " are represented can be with
The data of the configuration item increased newly, are deleted, changed, inquired about etc. with operation;" editor " represents can be to the data of the configuration item
The operation such as modify, inquire about;" read-only " expression can carry out inquiry operation to the data of the configuration item.It is as shown in the table:
The configuration item type Permission Levels allocation list of table 4.
As known from Table 4, four roles are created in upper table, different is possessed to configuration item type " operation maintenance personnel information "
Permission Levels.
After the row level authority for configuring each role, then the row level authority of each role in the configuration item is set, institute
State the Permission Levels that row level authority actually refers to attribute.The Permission Levels of attribute are equally divided into 3 kinds, are respectively " editor ", " only
Read ", " invisible ".Wherein, " editor " represents to have permission and does edit operation to this property value;" read-only " expression is only checked
This property rights;And " invisible " expression can not check this attribute information.It is as shown in the table:
Role's title | Name | Sex | Job number | Department |
Comprehensive financial operation portion manager | Editor | Editor | It is read-only | Editor |
S&T tax portion manager | Editor | Editor | It is read-only | Editor |
HR managers | Editor | Editor | Editor | Editor |
Domestic consumer of S&T tax portion | It is read-only | It is read-only | It is invisible | It is read-only |
The configuration item attribute Permission Levels allocation list of table 5.
As known from Table 5, upper table represents that four roles possess different to the attribute of configuration item type " operation maintenance personnel information "
Permission Levels.By such setting, it becomes possible to accurately control the authority of row DBMS.For example " S&T tax portion commonly uses
Family " cannot just see the information of " job number ";" comprehensive financial operation portion manager " and " S&T tax portion manager " cannot change " work
Number " information etc..
Further, in order to realize going level authority, the title based on the configuration item is configured in the configuration item
The step of row level authority of each role, includes:
Step A, determines the preset attribute column of each role in the configuration item;
Step B, based on the title of the configuration item, it is determined that the preset attribute column in filtercondition table is set
Up to formula;
Step C, according to the filtercondition expression formula, configures the row level authority of each role in the configuration item.
In the present embodiment, first determine the preset attribute column of each role in the configuration item, be then based on described
The title of configuration item, arranges filtercondition expression formula in the preset attribute column, arranges the side of filtercondition expression formula
Formula is as shown in the table:
Role's title | Name | Sex | Job number | Department |
Comprehensive financial operation portion manager | $ { this }=comprehensive financial operation portion | |||
S&T tax portion manager | $ { this }=S&T tax portion | |||
HR managers | ||||
Domestic consumer of S&T tax portion | $ { this }=S&T tax portion |
The filtercondition expression formula allocation list of table 6.
As can be known from Table 6, " comprehensive financial operation portion manager " can only check that " department " is equal to the letter in " comprehensive financial operation portion "
Breath;" S&T tax portion manager " and " domestic consumer of S&T tax portion " can only check that " department " is equal in " S&T tax portion "
Information.The authority of row DBMS can accurately be controlled by this configuration.
That is, the preset attribute column of each role in the configuration item is first determined in the present embodiment, it is described pre-
If attribute is selected as the case may be, such as when the configuration item includes the data of bank and security Liang Ge companies,
So, the preset attribute is exactly company;S&T tax portion, comprehensive financial operation portion and row in the configuration item includes bank
During political affairs Human Resources Department, then the preset attribute is exactly department, purpose is provided to arrange each role in the configuration item
Row level authority.
The data level authority configuring method that the present embodiment is proposed, when the establishment for receiving configuration item is instructed, first defines institute
The title and attribute of configuration item are stated, the corresponding role of the configuration item is then created, finally each is configured in the configuration item
The row level authority and/or row level authority of role so that each role in the configuration item according to the row level authority and/or row
Level authority performs corresponding control of authority operation, when realizing configuration data level authority, to each role in the configuration item
Row level authority and/or row level authority are configured, without the need for coding code again, only just can be with essence by modification configuration
Really the access rights of control row level and row level, reduce the development and maintenance cost of software system.
It is appreciated that this programme realizes the data permission control of capable level and row level, the data peace of information system is improve
Quan Xing, because the mode that the data storage of information system has various ways, most common of which is previously stored in relevant database,
Relevant database is got up data storage using tables of data, and tables of data has row and column just as form.The program can lead to
The mode for crossing modification configuration controls data access authority of the user to tables of data, isolates the data of the row and column of different user role
Access rights, to reach the demand of data safety.
Further, in order to improve the motility of data level priority assignation, data of the present invention are proposed based on first embodiment
The second embodiment of level authority configuring method, in the present embodiment, with reference to Fig. 2, after step S30, the data level power
Limit collocation method also includes:
Step S40, when the establishment for receiving account information is instructed, creates corresponding account;
Step S50, when the account creation is completed, determines account role to be allocated;
Step S60, sets up the incidence relation of the account and the role to be allocated, by the role authorization to institute
State account.
In the present embodiment, when the establishment for receiving account information is instructed, first show register interface for user input
Account and password, then create corresponding account according to the account and password, further, then determine that the account is to be allocated
Role, that is, determine the account be S&T tax portion manager, domestic consumer of S&T tax portion, Human Resource Department manager also
It is domestic consumer of Human Resource Department etc., finally sets up the incidence relation of the account and the role to be allocated.This enforcement
In example, to there is unique identification information, such as S&T tax portion manager is A-1, science and technology to the role of preferred each department
Domestic consumer of division department is A-2, and Human Resource Department manager is B-1, and domestic consumer of Human Resource Department is B-2, then it is determined that
After account role to be allocated, you can by the account for creating unique mark corresponding with the role to be allocated
Information association storage is known, to realize the role authorization to the account.
In the present embodiment, after account is created, determine account role to be allocated, finally set up the account
Family and the incidence relation of the role to be allocated, by the role authorization account is given, and is easy to follow-up according to account pair
The role for answering, performs corresponding data level control of authority operation.
Further, in order to improve the motility of data level priority assignation, data of the present invention are proposed based on second embodiment
The 3rd embodiment of level authority configuring method, in the present embodiment, with reference to Fig. 3, after step S60, the data level power
Limit collocation method also includes:
Step S70, when receiving data inquiry request in the data-interface of the configuration item, parses the data query
Request, to verify to the accounts information in the data inquiry request;
In the present embodiment, the data inquiry request can be that data query of the user based on log-in interface input please
Ask, or third party's peripheral system passes through the data inquiry request that the data-interface of the configuration item is input into.Wherein, in institute
It is data inquiry request of the user based on log-in interface input to state data inquiry request, and the data level authority configuring method is also wrapped
Include:
Step 1, accounts information of the receive user based on log-in interface input;
Step 2, the accounts information to receiving is verified;
Step 3, when the accounts information is verified successfully, execution receives data in the data-interface of the configuration item
The operation of inquiry request.
Subsequently, when receiving data inquiry request in the data-interface of the configuration item, parsing the data query please
Ask, to verify to the accounts information in the data inquiry request, it should be appreciated that user is by accessing configuration item
The front page layout of system, has done some data manipulations such as data query instruction, then front page layout can be by the operation information of user
Backstage is passed to, these is realized by backstage and is operated, in the step, although user has passed through the first time login of front page layout
Checking, but when data are passed to into backstage, for the sake of security, interface can again carry out user's checking, verify when front transfer letter
Cease to whether the accounts information and the accounts information that prestores on backstage match, be the equal of to verify accounts information again, only verifying into
During work(, follow-up operation could be performed, it is therefore prevented that some terminals have impact on follow-up by way of packet capturing or imitating accounts information
Data level control of authority process.
Certainly, if being now that third party's peripheral system please by the data query that the data-interface of the configuration item is input into
Ask, then when receiving data inquiry request in the data-interface of the configuration item, the data inquiry request is parsed, with to institute
The accounts information stated in data inquiry request is verified, and is exactly primary accounts information verification.
Step S80, after accounts information verification passes through, verifies authority of the accounts information in the configuration item
Rank, wherein, the Permission Levels include row level authority and/or row level authority;
Step S90, based on Permission Levels of the accounts information in the configuration item, obtains the Permission Levels correspondence
Parameter information, and the corresponding data of the parameter information are extracted in data base;
After accounts information verification passes through, Permission Levels of the accounts information in the configuration item are verified, by
Include row level authority and/or row level authority in the Permission Levels, therefore, according to the accounts information in the configuration item
Permission Levels, you can obtain the corresponding parameter information of the Permission Levels, the parameter information pair is finally extracted in data base
The data answered.For example:Row level authority of the accounts information of S&T tax portion manager in the configuration item be S&T tax portion,
Row level authority is name, sex editable, then, you can the corresponding number in the S&T tax portion is extracted in data base described
According to, and in the data for obtaining, name and sex are editable.
Step S100, the data extracted are packaged, and are sent to display in display interface.
Finally, the data extracted are packaged, and will be shown in packaged data is activation to display interface, with
Corresponding operation, such as read-only operation, edit operation are performed for user.
Further, before step S100, the data level authority configuring method also includes:
When the accounts information has multiple roles in the configuration item, to accounts information described in the configuration item
Row level authority and row level authority are adjusted;Wherein, the row level authority is merged, the row level authority is expert at a grade authority
For " visible " when, using highest-ranking authority as the row level authority after merging.
Be the equal of to do row level authority once to merge, for row level authority, first determine the grade of each authority, this enforcement
In example, in row level authority preferably " editor ", " read-only ", " invisible " these three authorities, hierarchical relationship order from big to small according to
It is secondary to be:" editor ", " read-only ", " invisible ".So, if the row level authority is respectively " editor ", " read-only ", then adopt
The authority of " editor " covers the authority of " read-only ".Now, if " editor " and " invisible ", then the corresponding parameter letter of union is obtained
Breath.
In the present embodiment, by using the data of allocation list, data level control of authority can be accomplished, so as to improve number
According to the intelligent of level control of authority.
In the present invention, it is more preferable above-mentioned technical proposal, the lower data level authority control of description configures the structural representation of system,
Specifically, with reference to Fig. 7:
System is made up of two parts, and one is the configuration item system (CMDB systems as shown in Figure 7) that front end user has access to
Foreground, another part is the configuration item system background for being located at rear end.Each module is described below:
1st, configuration item system foreground:Configuration item system foreground login, configuration item mainly there is provided user is (as shown in Figure 7
CI) data inquiry and the displaying of the front page layout such as management, it can be divided mainly into following several functional modules:
A, user log-in block:The functions such as the login and verification of main responsible user;
B, the inquiry of configuration item data and management module:The main increase for being responsible for configuration item data, deletion, inquiry and modification
Etc. function.
2nd, configuration item system background:Background system is mainly concerned with configuration item data interface module, user management module, angle
Color management module, configuration item management module.Each function introduction is as follows:
A, configuration item data interface module:It is main to be responsible for processing before peripheral system and configuration item system in this solution
The data that platform is sended over, including user profile, Role Information, configuration item authority information, the return result of verification data
Deng;
B, user management module:The main management for being responsible for the account to user, such as account number are created, lock, nullified;
C, Role Management module:The main management being responsible for Role Information, such as role are created, locked, nullifying, authorized user
To role, authorization configuration item to role etc.;
D, configuration item management module:The increase of the main management being responsible for configuration item information, such as configuration item type, deletion,
Inquiry and modification, increase, deletion, inquiry and modification of configuration item attribute etc..
Based on each structure of said system, operative configuration item data flow process of the present invention is proposed:
(1) configuration item system foregrounding configuration item data
The front page layout operative configuration item data that user passes through configuration item system is the operation that user most often does, and its flow process is retouched
State as follows:
User accesses the system login page, and " user logs in " module receives the account and encrypted message of user input;
Data are submitted to " user management " module and are verified by " user logs in " module;
After the verification of " user management " module passes through, configuration item data query and administration page are jumped to;
" configuration item data query and management " module is received after the operational order of user, to " the configuration item data on backstage
Interface " module initiates request;
" configuration item data-interface " module is by request analysis;
Data after parsing are submitted to " user management " module by " configuration item data-interface " module, and user's letter is verified again
Breath;
The verification of " user management " module initiates request by backward " Role Management " module, and whether verification user possesses access
The configuration item type Permission Levels of the configuration item;
After the configuration item type Permission Levels of " Role Management " module verification user pass through, then the configuration item category for verifying user
The Permission Levels of property, what is verified here is to go the authority of level and row level;
After the verification of " Role Management " module passes through, " configuration item management " module is asked, obtain configuration item type and configuration
The details of item attribute;
" configuration item management " module returns data to " Role Management " module;
" Role Management " module is by all verification datas, and the details of configuration item type and configuration item attribute are in the lump
Return to " user management " module;
" user management " module by verification after all data submit to " configuration item data-interface " module;
" configuration item data-interface " module is taken data are processed after the data that " user management " module is provided;
After " configuration item data-interface " complete data of resume module, initiate that data base is initiated to ask;
Data base returns data to " configuration item data-interface " module;
" configuration item data-interface " module is connected to after the data of data base's return, and data are packaged;
Data after encapsulation are back to " configuration item data query and management " module by " configuration item data-interface " module, will
To front page layout, whole operation configuration item data flow terminates data display.
(2) peripheral system operative configuration item data
Peripheral system includes the asset management system, operational system, capacity management system etc., the stream of its operative configuration item data
Journey is described as follows:
Peripheral system to " configuration item data-interface " module on backstage initiates request;
" configuration item data-interface " module is by request analysis;
Data after parsing are submitted to " user management " module by " configuration item data-interface " module, verify user profile;
The verification of " user management " module initiates request by backward " Role Management " module, and whether verification user possesses access
The configuration item type Permission Levels of the configuration item;
After the configuration item type Permission Levels of " Role Management " module verification user pass through, then the configuration item category for verifying user
The Permission Levels of property, what is verified here is to go the authority of level and row level;
After the verification of " Role Management " module passes through, " configuration item management " module is asked, obtain configuration item type and configuration
The details of item attribute;
" configuration item management " module returns data to " Role Management " module;
" Role Management " module is by all verification datas, and the details of configuration item type and configuration item attribute are in the lump
Return to " user management " module;
" user management " module by verification after all data submit to " configuration item data-interface " module;
" configuration item data-interface " module is taken data are processed after the data that " user management " module is provided;
After " configuration item data-interface " complete data of resume module, initiate that data base is initiated to ask;
Data base returns data to " configuration item data-interface " module;
" configuration item data-interface " module is connected to after the data of data base's return, and data are packaged;
" configuration item data-interface " module returns to the data after encapsulation, and whole operation configuration item data flow terminates.
The present invention further provides a kind of data level authority configuration.
With reference to Fig. 4, Fig. 4 is the high-level schematic functional block diagram of data level authority configuration first embodiment of the present invention.
It is emphasized that it will be apparent to those skilled in the art that functional block diagram shown in Fig. 4 is only one preferably real
The exemplary plot of example is applied, those skilled in the art can be carried out easily around the functional module of the data level authority configuration shown in Fig. 4
The supplement of new functional module;The title of each functional module is self-defined title, is only used for auxiliary and understands that the data level authority is matched somebody with somebody
Each program function block put, is not used in restriction technical scheme, and the core of technical solution of the present invention is, each self-defined
The function to be reached of the functional module of title.
In the present embodiment, the data level authority configuration includes:
Definition module 10, during for instructing in the establishment for receiving configuration item, defines the title and/or category of the configuration item
Property;
In the present embodiment, when the establishment for receiving configuration item is instructed, configuration item type, the configuration item first to be created
Tables of data can also be expressed as.Specifically:Definition module 10 first defines the title of the configuration item, then positions the configuration item
Attribute, corresponding tables of data is generated in data base after having defined.Such as configuration item entitled " operation maintenance personnel information ", has
The attribute such as " name ", " sex ", " job number ", " department ", it is as shown in the table:
The configuration item type allocation list of table 1.
The configuration item attribute allocation list of table 2
The tables of data generated in the data base of table 3.
Creation module 20, for creating the corresponding role of the configuration item, wherein, the role is including manager and commonly
User;
Configuration module 30, for title and/or attribute based on the configuration item, configures each angle in the configuration item
The row level authority and/or row level authority of color so that each role in the configuration item according to the row level authority and/or row level
Authority performs corresponding control of authority operation.
After the completion of the title and attribute definition of the configuration item, the corresponding role of the configuration item, the present embodiment are created
In, role includes manager and domestic consumer, such as comprehensive financial operation portion manager, S&T tax portion manager, HR managers, science and technology
Domestic consumer of division department or domestic consumer of comprehensive financial operation portion etc..The title and/or attribute of the configuration item are then based on, in institute
The row level authority and/or row level authority that each role is configured in configuration item is stated, configuration item is licensed to into each role.Wherein:
The row level authority of each role is configured based on the title of the configuration item, is arranged actually in configuration item type
Permission Levels, the Permission Levels of configuration item type have 3 kinds, are respectively " additions and deletions ", " editor ", " read-only "." additions and deletions " are represented can be with
The data of the configuration item increased newly, are deleted, changed, inquired about etc. with operation;" editor " represents can be to the data of the configuration item
The operation such as modify, inquire about;" read-only " expression can carry out inquiry operation to the data of the configuration item.It is as shown in the table:
The configuration item type Permission Levels allocation list of table 4.
As known from Table 4, four roles are created in upper table, different is possessed to configuration item type " operation maintenance personnel information "
Permission Levels.
After the row level authority for configuring each role, then the row level authority of each role in the configuration item is set, institute
State the Permission Levels that row level authority actually refers to attribute.The Permission Levels of attribute are equally divided into 3 kinds, are respectively " editor ", " only
Read ", " invisible ".Wherein, " editor " represents to have permission and does edit operation to this property value;" read-only " expression is only checked
This property rights;And " invisible " expression can not check this attribute information.It is as shown in the table:
Role's title | Name | Sex | Job number | Department |
Comprehensive financial operation portion manager | Editor | Editor | It is read-only | Editor |
S&T tax portion manager | Editor | Editor | It is read-only | Editor |
HR managers | Editor | Editor | Editor | Editor |
Domestic consumer of S&T tax portion | It is read-only | It is read-only | It is invisible | It is read-only |
The configuration item attribute Permission Levels allocation list of table 5.
As known from Table 5, upper table represents that four roles possess different to the attribute of configuration item type " operation maintenance personnel information "
Permission Levels.By such setting, it becomes possible to accurately control the authority of row DBMS.For example " S&T tax portion commonly uses
Family " cannot just see the information of " job number ";" comprehensive financial operation portion manager " and " S&T tax portion manager " cannot change " work
Number " information etc..
Further, in order to realize going level authority, the configuration module 30 includes:
First determining unit, for determining the configuration item in each role preset attribute column;
Setting unit, for based on the configuration item title, it is determined that the preset attribute column in arranged
Filter conditional expression;
Dispensing unit, for according to the filtercondition expression formula, configuring the row level power of each role in the configuration item
Limit.
In the present embodiment, the first determining unit first determines the preset attribute column of each role in the configuration item,
Then title of the setting unit based on the configuration item, arranges filtercondition expression formula in the preset attribute column, if
The mode for putting filtercondition expression formula is as shown in the table:
Role's title | Name | Sex | Job number | Department |
Comprehensive financial operation portion manager | $ { this }=comprehensive financial operation portion | |||
S&T tax portion manager | $ { this }=S&T tax portion | |||
HR managers | ||||
Domestic consumer of S&T tax portion | $ { this }=S&T tax portion |
The filtercondition expression formula allocation list of table 6.
As can be known from Table 6, " comprehensive financial operation portion manager " can only check that " department " is equal to the letter in " comprehensive financial operation portion "
Breath;" S&T tax portion manager " and " domestic consumer of S&T tax portion " can only check that " department " is equal in " S&T tax portion "
Information.The authority of row DBMS can accurately be controlled by this configuration.
That is, the preset attribute column of each role in the configuration item is first determined in the present embodiment, it is described pre-
If attribute is selected as the case may be, such as when the configuration item includes the data of bank and security Liang Ge companies,
So, the preset attribute is exactly company;S&T tax portion, comprehensive financial operation portion and row in the configuration item includes bank
During political affairs Human Resources Department, then the preset attribute is exactly department, purpose is provided to arrange each role in the configuration item
Row level authority.
The data level authority configuration device that the present embodiment is proposed, when the establishment for receiving configuration item is instructed, first defines institute
The title and attribute of configuration item are stated, the corresponding role of the configuration item is then created, finally each is configured in the configuration item
The row level authority and/or row level authority of role so that each role in the configuration item according to the row level authority and/or row
Level authority performs corresponding control of authority operation, when realizing configuration data level authority, to each role in the configuration item
Row level authority and/or row level authority are configured, without the need for coding code again, only just can be with essence by modification configuration
Really the access rights of control row level and row level, reduce the development and maintenance cost of software system.
It is appreciated that this programme realizes the data permission control of capable level and row level, the data peace of information system is improve
Quan Xing, because the mode that the data storage of information system has various ways, most common of which is previously stored in relevant database,
Relevant database is got up data storage using tables of data, and tables of data has row and column just as form.The program can lead to
The mode for crossing modification configuration controls data access authority of the user to tables of data, isolates the data of the row and column of different user role
Access rights, to reach the demand of data safety.
Further, in order to improve the motility of data level priority assignation, data of the present invention are proposed based on first embodiment
The second embodiment of level authority configuration device, in the present embodiment, with reference to Fig. 5, the creation module 20 is additionally operable to receiving
When the establishment of account information is instructed, corresponding account is created;
The data level authority configuration device also includes:
Determining module 40, for when the account creation is completed, determining account role to be allocated;
Module 50 is set up, for setting up the incidence relation of the account and the role to be allocated, by the role
License to the account.
In the present embodiment, when the establishment for receiving account information is instructed, first show register interface for user input
Account and password, then create corresponding account according to the account and password, further, it is determined that module 40 determine again it is described
Account role to be allocated, that is, determine that the account is S&T tax portion manager, domestic consumer of S&T tax portion, human resourcess
Portion manager or domestic consumer of Human Resource Department etc., finally set up module 50 and set up the account with the angle to be allocated
The incidence relation of color.In the present embodiment, preferably the role of each department is to having unique identification information, such as S&T tax
It is A-2 that portion manager is A-1, domestic consumer of S&T tax portion, and Human Resource Department manager is B-1, and Human Resource Department commonly uses
Family is B-2, then it is determined that after account role to be allocated, you can by the account for creating and institute to be allocated
The corresponding unique identification information associated storage of role is stated, to realize the role authorization to the account.
In the present embodiment, after account is created, determine account role to be allocated, finally set up the account
Family and the incidence relation of the role to be allocated, by the role authorization account is given, and is easy to follow-up according to account pair
The role for answering, performs corresponding data level control of authority operation.
Further, in order to improve the motility of data level priority assignation, data of the present invention are proposed based on second embodiment
The 3rd embodiment of level authority configuration device, in the present embodiment, with reference to Fig. 6, the data level authority configuration device also includes:
Parsing module 60, during for receiving data inquiry request in the data-interface of the configuration item, parsing is described
Data inquiry request, to verify to the accounts information in the data inquiry request;
In the present embodiment, the data inquiry request can be that data query of the user based on log-in interface input please
Ask, or third party's peripheral system passes through the data inquiry request that the data-interface of the configuration item is input into.Wherein, in institute
It is data inquiry request of the user based on log-in interface input to state data inquiry request, and the data level authority configuration also includes:
Accounts information of the receive user based on log-in interface input;
The accounts information to receiving is verified;
When the accounts information is verified successfully, execution receives data query in the data-interface of the configuration item please
The operation asked.
Subsequently, when receiving data inquiry request in the data-interface of the configuration item, parsing module 60 parses described
Data inquiry request, to verify to the accounts information in the data inquiry request, it should be appreciated that user is to pass through
The front page layout of configuration item system is accessed, some data manipulations such as data query instruction has been done, then front page layout can be by user
Operation information pass to backstage, these are realized by backstage and are operated, in the step, although user has passed through front page layout
First time login authentication, but when data are passed to into backstage, for the sake of security, interface can again carry out user's checking, checking
Whether the accounts information and the accounts information that prestores for currently communicating information to backstage matches, and is the equal of to verify accounts information again,
Only when verifying successfully, follow-up operation could be performed, it is therefore prevented that some terminals packet capturing or imitate accounts information by way of,
Have impact on follow-up data level control of authority process.
Certainly, if being now that third party's peripheral system please by the data query that the data-interface of the configuration item is input into
Ask, then when receiving data inquiry request in the data-interface of the configuration item, the data inquiry request is parsed, with to institute
The accounts information stated in data inquiry request is verified, and is exactly primary accounts information verification.
Correction verification module 70, for after accounts information verification passes through, verifying the accounts information in the configuration item
In Permission Levels, wherein, the Permission Levels include row level authority and/or row level authority;
Acquisition module 80, for based on Permission Levels of the accounts information in the configuration item, obtaining the authority
The corresponding parameter information of rank;
Extraction module 90, for extracting the corresponding data of the parameter information in data base;
After accounts information verification passes through, correction verification module 70 verifies power of the accounts information in the configuration item
Limit rank, because the Permission Levels include row level authority and/or row level authority, therefore, acquisition module 80 is according to the account
Permission Levels of the information in the configuration item, you can obtain the corresponding parameter information of the Permission Levels, final extraction module
90 extract the corresponding data of the parameter information in data base.For example:The accounts information of S&T tax portion manager is described
It is name, sex editable that row level authority in configuration item is S&T tax portion, row level authority, then, you can counting described
According to extracting in storehouse in the corresponding data in the S&T tax portion, and the data for obtaining, name and sex are editable.
Processing module 100, for the data extracted to be packaged, and is sent to display in display interface.
Finally, processing module 100 is packaged the data extracted, and by packaged data is activation to display circle
Show in face, so that user performs corresponding operation, such as read-only operation, edit operation.
Further, the data level authority configuration device also includes:
Adjusting module, for when the accounts information has multiple roles in the configuration item, in the configuration item
The row level authority and row level authority of the accounts information is adjusted;Wherein, the row level authority is merged, the row level
Authority be expert at grade authority for " visible " when, using highest-ranking authority as the row level authority after merging.
Be the equal of to do row level authority once to merge, for row level authority, first determine the grade of each authority, this enforcement
In example, in row level authority preferably " editor ", " read-only ", " invisible " these three authorities, hierarchical relationship order from big to small according to
It is secondary to be:" editor ", " read-only ", " invisible ".So, if the row level authority is respectively " editor ", " read-only ", then adopt
The authority of " editor " covers the authority of " read-only ".Now, if " editor " and " invisible ", then the corresponding parameter letter of union is obtained
Breath.
In the present embodiment, by using the data of allocation list, data level control of authority can be accomplished, so as to improve number
According to the intelligent of level control of authority.
It should be noted that herein, term " including ", "comprising" or its any other variant are intended to non-row
His property is included, so that a series of process, method, article or device including key elements not only include those key elements, and
And also include other key elements being not expressly set out, or also include for this process, method, article or device institute inherently
Key element.In the absence of more restrictions, the key element for being limited by sentence "including a ...", it is not excluded that including being somebody's turn to do
Also there is other identical element in the process of key element, method, article or device.
The embodiments of the present invention are for illustration only, do not represent the quality of embodiment.
Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side
Method can add the mode of required general hardware platform to realize by software, naturally it is also possible to by hardware, but in many cases
The former is more preferably embodiment.Based on such understanding, technical scheme is substantially done to prior art in other words
Going out the part of contribution can be embodied in the form of software product, and the computer software product is stored in a storage medium
In (such as ROM/RAM, magnetic disc, CD), including some instructions are used so that a station terminal equipment (can be mobile phone, computer takes
Business device, air-conditioner, or network equipment etc.) perform method described in each embodiment of the invention.
The preferred embodiments of the present invention are these are only, the scope of the claims of the present invention is not thereby limited, it is every using this
Equivalent structure or equivalent flow conversion that bright description and accompanying drawing content are made, or directly or indirectly it is used in other related skills
Art field, is included within the scope of the present invention.
Claims (10)
1. a kind of data level authority configuring method, it is characterised in that the data level authority configuring method includes:
When the establishment for receiving configuration item is instructed, the title and/or attribute of the configuration item are defined;
The corresponding role of the configuration item is created, wherein, the role includes manager and domestic consumer;
Title and/or attribute based on the configuration item, configures the row level authority and/or row of each role in the configuration item
Level authority, so that each role performs corresponding authority in the configuration item according to the row level authority and/or row level authority
Control operation.
2. data level authority configuring method as claimed in claim 1, it is characterised in that the name based on the configuration item
The step of title, row level authority that each role is configured in the configuration item, includes:
Determine the preset attribute column of each role in the configuration item;
Based on the title of the configuration item, it is determined that the preset attribute column in filtercondition expression formula is set;
According to the filtercondition expression formula, the row level authority of each role in the configuration item is configured.
3. data level authority configuring method as claimed in claim 1 or 2, it is characterised in that described based on the configuration item
Title and/or attribute, the step of the row level authority and/or row level authority that each role is configured in the configuration item after, institute
Stating data level authority configuring method also includes:
When the establishment for receiving account information is instructed, corresponding account is created;
When the account creation is completed, account role to be allocated is determined;
The incidence relation of the account and the role to be allocated is set up, by the role authorization account is given.
4. data level authority configuring method as claimed in claim 3, it is characterised in that it is described set up the account with it is to be allocated
The role incidence relation the step of after, the data level authority configuring method also includes:
When receiving data inquiry request in the data-interface of the configuration item, the data inquiry request is parsed, with to institute
The accounts information stated in data inquiry request is verified;
After accounts information verification passes through, Permission Levels of the accounts information in the configuration item are verified, wherein, institute
Permission Levels are stated including row level authority and/or row level authority;
Based on Permission Levels of the accounts information in the configuration item, the corresponding parameter information of the Permission Levels is obtained,
And extract the corresponding data of the parameter information in data base;
The data extracted are packaged, and are sent to display in display interface.
5. data level authority configuring method as claimed in claim 4, it is characterised in that described to carry out the data extracted
Encapsulation, and be sent to before the step of showing in display interface, the data level authority configuring method also includes:
Row level when the accounts information has multiple roles in the configuration item, to accounts information described in the configuration item
Authority and row level authority are adjusted;Wherein, the row level authority is merged, a row level authority grade authority of being expert at is
When " visible ", using highest-ranking authority as the row level authority after merging.
6. a kind of data level authority configuration device, it is characterised in that the data level authority configuration device includes:
Definition module, during for instructing in the establishment for receiving configuration item, defines the title and/or attribute of the configuration item;
Creation module, for creating the corresponding role of the configuration item, wherein, the role includes manager and domestic consumer;
Configuration module, for title and/or attribute based on the configuration item, configures the row of each role in the configuration item
Level authority and/or row level authority, so that each role holds in the configuration item according to the row level authority and/or row level authority
The corresponding control of authority operation of row.
7. data level authority configuration device as claimed in claim 6, it is characterised in that the configuration module includes:
First determining unit, for determining the configuration item in each role preset attribute column;
Setting unit, for based on the configuration item title, it is determined that the preset attribute column in filtering rod is set
Part expression formula;
Dispensing unit, for according to the filtercondition expression formula, configuring the row level authority of each role in the configuration item.
8. data level authority configuration device as claimed in claims 6 or 7, it is characterised in that the creation module, is additionally operable to
When the establishment for receiving account information is instructed, corresponding account is created;
The data level authority configuration device also includes:
Determining module, for when the account creation is completed, determining account role to be allocated;
Module is set up, for setting up the incidence relation of the account and the role to be allocated, the role authorization is given
The account.
9. data level authority configuration device as claimed in claim 8, it is characterised in that the data level authority configuration device is also
Including:
Parsing module, during for receiving data inquiry request in the data-interface of the configuration item, parsing the data and looking into
Request is ask, to verify to the accounts information in the data inquiry request;
Correction verification module, for after accounts information verification passes through, verifying power of the accounts information in the configuration item
Limit rank, wherein, the Permission Levels include row level authority and/or row level authority;
Acquisition module, for based on Permission Levels of the accounts information in the configuration item, obtaining the Permission Levels pair
The parameter information answered;
Extraction module, for extracting the corresponding data of the parameter information in data base;
Processing module, for the data extracted to be packaged, and is sent to display in display interface.
10. data level authority configuration device as claimed in claim 9, it is characterised in that the data level authority configuration device
Also include:
Adjusting module, for when the accounts information has multiple roles in the configuration item, described in the configuration item
The row level authority and row level authority of accounts information is adjusted;Wherein, the row level authority is merged, the row level authority
When grade authority of being expert at is " visible ", using highest-ranking authority as the row level authority after merging.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610970700.2A CN106570406A (en) | 2016-10-27 | 2016-10-27 | Data level authority configuration method and apparatus |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610970700.2A CN106570406A (en) | 2016-10-27 | 2016-10-27 | Data level authority configuration method and apparatus |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106570406A true CN106570406A (en) | 2017-04-19 |
Family
ID=58539912
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610970700.2A Pending CN106570406A (en) | 2016-10-27 | 2016-10-27 | Data level authority configuration method and apparatus |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106570406A (en) |
Cited By (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107742066A (en) * | 2017-09-18 | 2018-02-27 | 广东芬尼克兹节能设备有限公司 | Account authority configuring method, device, terminal device and computer-readable storage medium |
CN107770173A (en) * | 2017-10-20 | 2018-03-06 | 国信嘉宁数据技术有限公司 | Subscriber Management System, related identification information creation method and request method of calibration |
CN109032459A (en) * | 2017-07-16 | 2018-12-18 | 成都牵牛草信息技术有限公司 | A kind of form data operating right authorization method |
WO2019011255A1 (en) * | 2017-07-11 | 2019-01-17 | 成都牵牛草信息技术有限公司 | Method for authorizing field value of form field by means of third party field |
WO2019029499A1 (en) * | 2017-08-07 | 2019-02-14 | 成都牵牛草信息技术有限公司 | Authorization method for displaying current permissions status of all system users |
WO2019034022A1 (en) * | 2017-08-14 | 2019-02-21 | 成都牵牛草信息技术有限公司 | Method for setting operating record viewing right based on time period |
CN109472154A (en) * | 2018-09-30 | 2019-03-15 | 武汉达梦数据库有限公司 | The multi-layer mechanism of zero configuration, user maintenance method |
WO2019201082A1 (en) * | 2018-04-19 | 2019-10-24 | 华为技术有限公司 | Data access control method and database access device |
CN110704863A (en) * | 2019-08-23 | 2020-01-17 | 深圳市随手科技有限公司 | Configuration information processing method and device, computer equipment and storage medium |
CN111177698A (en) * | 2019-12-13 | 2020-05-19 | 平安医疗健康管理股份有限公司 | Processing method and device of portal system and computer equipment |
WO2020124294A1 (en) * | 2018-12-16 | 2020-06-25 | 吉安市井冈山开发区金庐陵经济发展有限公司 | Permission configuration method |
CN111400681A (en) * | 2020-04-07 | 2020-07-10 | 杭州指令集智能科技有限公司 | Data permission processing method, device and equipment |
CN111428212A (en) * | 2020-04-15 | 2020-07-17 | 上海嘉银金融科技股份有限公司 | Data visualization system and data authority management method thereof |
JP2020528174A (en) * | 2017-07-05 | 2020-09-17 | 成都牽牛草信息技術有限公司Chengdu Qianniucao Information Technology Co., Ltd. | How to approve the operation authority of form field value |
CN115017531A (en) * | 2022-08-09 | 2022-09-06 | 威海海洋职业学院 | Financial data sharing method and system |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102479186A (en) * | 2010-11-23 | 2012-05-30 | 金蝶软件(中国)有限公司 | Method, device and system for integrating third-party service system authority into data processing system |
CN104715341A (en) * | 2015-03-30 | 2015-06-17 | 中国联合网络通信集团有限公司 | Permission assigning method and device |
US20160246992A1 (en) * | 2015-02-24 | 2016-08-25 | International Business Machines Corporation | Fine-Grained User Control Over Usages Of Sensitive System Resources Having Private Data With Applications In Privacy Enforcement |
-
2016
- 2016-10-27 CN CN201610970700.2A patent/CN106570406A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102479186A (en) * | 2010-11-23 | 2012-05-30 | 金蝶软件(中国)有限公司 | Method, device and system for integrating third-party service system authority into data processing system |
US20160246992A1 (en) * | 2015-02-24 | 2016-08-25 | International Business Machines Corporation | Fine-Grained User Control Over Usages Of Sensitive System Resources Having Private Data With Applications In Privacy Enforcement |
CN104715341A (en) * | 2015-03-30 | 2015-06-17 | 中国联合网络通信集团有限公司 | Permission assigning method and device |
Cited By (27)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2020528174A (en) * | 2017-07-05 | 2020-09-17 | 成都牽牛草信息技術有限公司Chengdu Qianniucao Information Technology Co., Ltd. | How to approve the operation authority of form field value |
WO2019011255A1 (en) * | 2017-07-11 | 2019-01-17 | 成都牵牛草信息技术有限公司 | Method for authorizing field value of form field by means of third party field |
US11775687B2 (en) | 2017-07-11 | 2023-10-03 | Chengdu Qianniucao Information Technology Co., Ltd. | Method for authorizing field value of form field by means of third party field |
US11599656B2 (en) | 2017-07-16 | 2023-03-07 | Chengdu Qianniucao Information Technology Co., Ltd. | Method for authorizing form data operation authority |
CN109032459A (en) * | 2017-07-16 | 2018-12-18 | 成都牵牛草信息技术有限公司 | A kind of form data operating right authorization method |
WO2019015539A1 (en) * | 2017-07-16 | 2019-01-24 | 成都牵牛草信息技术有限公司 | Method for authorizing form data operation authority |
CN109032459B (en) * | 2017-07-16 | 2022-01-25 | 成都牵牛草信息技术有限公司 | Form data operation authority authorization method |
WO2019029499A1 (en) * | 2017-08-07 | 2019-02-14 | 成都牵牛草信息技术有限公司 | Authorization method for displaying current permissions status of all system users |
WO2019034022A1 (en) * | 2017-08-14 | 2019-02-21 | 成都牵牛草信息技术有限公司 | Method for setting operating record viewing right based on time period |
US11586747B2 (en) | 2017-08-14 | 2023-02-21 | Chengdu Qianniucao Information Technology Co., Ltd. | Method for setting operating record viewing right based on time period |
CN107742066B (en) * | 2017-09-18 | 2020-07-28 | 广东芬尼克兹节能设备有限公司 | Account permission configuration method and device, terminal equipment and computer storage medium |
CN107742066A (en) * | 2017-09-18 | 2018-02-27 | 广东芬尼克兹节能设备有限公司 | Account authority configuring method, device, terminal device and computer-readable storage medium |
CN107770173A (en) * | 2017-10-20 | 2018-03-06 | 国信嘉宁数据技术有限公司 | Subscriber Management System, related identification information creation method and request method of calibration |
US11947700B2 (en) | 2018-04-19 | 2024-04-02 | Huawei Technologies Co., Ltd. | Data access control method and database access apparatus |
WO2019201082A1 (en) * | 2018-04-19 | 2019-10-24 | 华为技术有限公司 | Data access control method and database access device |
CN109472154A (en) * | 2018-09-30 | 2019-03-15 | 武汉达梦数据库有限公司 | The multi-layer mechanism of zero configuration, user maintenance method |
WO2020124294A1 (en) * | 2018-12-16 | 2020-06-25 | 吉安市井冈山开发区金庐陵经济发展有限公司 | Permission configuration method |
CN110704863B (en) * | 2019-08-23 | 2021-11-26 | 深圳市铭数信息有限公司 | Configuration information processing method and device, computer equipment and storage medium |
CN110704863A (en) * | 2019-08-23 | 2020-01-17 | 深圳市随手科技有限公司 | Configuration information processing method and device, computer equipment and storage medium |
CN111177698A (en) * | 2019-12-13 | 2020-05-19 | 平安医疗健康管理股份有限公司 | Processing method and device of portal system and computer equipment |
CN111177698B (en) * | 2019-12-13 | 2022-10-25 | 平安医疗健康管理股份有限公司 | Processing method and device of portal system and computer equipment |
CN111400681A (en) * | 2020-04-07 | 2020-07-10 | 杭州指令集智能科技有限公司 | Data permission processing method, device and equipment |
CN111400681B (en) * | 2020-04-07 | 2023-09-12 | 杭州指令集智能科技有限公司 | Data authority processing method, device and equipment |
CN111428212B (en) * | 2020-04-15 | 2023-05-05 | 上海嘉银金融科技股份有限公司 | Data visualization system and data authority management method thereof |
CN111428212A (en) * | 2020-04-15 | 2020-07-17 | 上海嘉银金融科技股份有限公司 | Data visualization system and data authority management method thereof |
CN115017531B (en) * | 2022-08-09 | 2022-11-01 | 威海海洋职业学院 | Financial data sharing method and system |
CN115017531A (en) * | 2022-08-09 | 2022-09-06 | 威海海洋职业学院 | Financial data sharing method and system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106570406A (en) | Data level authority configuration method and apparatus | |
CN104391934B (en) | Data verification method and device | |
CN110727922B (en) | Anti-fraud decision model construction method based on multi-dimensional data flow | |
CN107342992A (en) | A kind of System right management method, apparatus and computer-readable recording medium | |
CN105046146B (en) | A kind of resource access method of Android system | |
CN102930226A (en) | Method for controlling use permission of fine-grained client | |
CN101208702A (en) | Architecture for computer-implemented authentication and authorization | |
CN107169073A (en) | A kind of data managing method and management platform | |
CN103853986A (en) | Access control method and device | |
CN108092945B (en) | Method and device for determining access authority and terminal | |
CN112528251B (en) | User account authority management method, device, equipment and readable medium | |
CN107908695A (en) | Operation system operation method, device, system and readable storage medium storing program for executing | |
CN102004866A (en) | Method and device for user identity verification and access control of information system | |
CN105337974A (en) | Account authorization method, account login method, account authorization device and client end | |
CN106778303A (en) | Delegated strategy optimization method and delegated strategy optimization device | |
CN107358122A (en) | The access management method and system of a kind of data storage | |
CN110049048A (en) | A kind of data access method, equipment and the readable medium of government affairs public service | |
CN106815503A (en) | A kind of operating system method for managing user right and system | |
CN105825164A (en) | Fingerprint identification method and electronic equipment | |
CN109817347A (en) | Inline diagnosis platform, its right management method and Rights Management System | |
CN1972307A (en) | A member registration method for network system | |
CN106302483A (en) | Decentralized management method and system | |
CN102096877A (en) | Online duty machine system and method | |
CN109670835A (en) | Air control method, apparatus, equipment and readable storage medium storing program for executing based on service node | |
CN109461069A (en) | Air control method, apparatus, equipment and readable storage medium storing program for executing based on service node |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170419 |