CN107122381B - File generation method and device and data analysis method and device - Google Patents

File generation method and device and data analysis method and device Download PDF

Info

Publication number
CN107122381B
CN107122381B CN201710081979.3A CN201710081979A CN107122381B CN 107122381 B CN107122381 B CN 107122381B CN 201710081979 A CN201710081979 A CN 201710081979A CN 107122381 B CN107122381 B CN 107122381B
Authority
CN
China
Prior art keywords
user
data analysis
template
schema file
authority
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201710081979.3A
Other languages
Chinese (zh)
Other versions
CN107122381A (en
Inventor
梁福坤
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Xingxuan Technology Co Ltd
Original Assignee
Beijing Xingxuan Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Xingxuan Technology Co Ltd filed Critical Beijing Xingxuan Technology Co Ltd
Priority to CN201710081979.3A priority Critical patent/CN107122381B/en
Publication of CN107122381A publication Critical patent/CN107122381A/en
Application granted granted Critical
Publication of CN107122381B publication Critical patent/CN107122381B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2458Special types of queries, e.g. statistical queries, fuzzy queries or distributed queries
    • G06F16/2465Query processing support for facilitating data mining operations in structured databases
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/242Query formulation
    • G06F16/2425Iterative querying; Query formulation based on the results of a preceding query
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Mathematical Physics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • Software Systems (AREA)
  • Computational Linguistics (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Fuzzy Systems (AREA)
  • Probability & Statistics with Applications (AREA)
  • Storage Device Security (AREA)

Abstract

本发明实施方式提供了文件生成方法及装置、数据分析方法及装置和移动终端,涉及计算机应用技术领域。其中,所述文件生成方法包括:获取文件模板;基于用户标识符确定用户权限;根据所述文件模板和所述用户权限生成文件。本发明实施方式提供的技术方案通过用户标识符来确定文件中的用户权限,因此可以定向生成定制化的文件,以实现个性化的权限约束,从而提高用户体验度。

Figure 201710081979

Embodiments of the present invention provide a file generation method and device, a data analysis method and device, and a mobile terminal, which relate to the technical field of computer applications. Wherein, the file generation method includes: acquiring a file template; determining a user authority based on a user identifier; and generating a file according to the file template and the user authority. The technical solution provided by the embodiments of the present invention determines the user authority in the file by using the user identifier, so that customized files can be generated in a targeted manner to implement personalized authority constraints, thereby improving user experience.

Figure 201710081979

Description

文件生成方法及装置和数据分析方法及装置File generation method and device and data analysis method and device

技术领域technical field

本发明涉及计算机应用技术领域,更为具体而言,涉及文件生成方法及装置、数据分析方法及装置和移动终端。The present invention relates to the technical field of computer applications, and more particularly, to a file generation method and device, a data analysis method and device, and a mobile terminal.

背景技术Background technique

联机分析处理(On-Line Analytical Processing,OLAP)是数据仓库系统的主要应用,支持复杂的分析操作,侧重决策支持,并且提供直观易懂的查询结果。在大数据分析的场景下,OLAP是数据分析的重要途径之一。On-Line Analytical Processing (OLAP) is the main application of data warehouse systems, supporting complex analytical operations, focusing on decision support, and providing intuitive and easy-to-understand query results. In the scenario of big data analysis, OLAP is one of the important ways of data analysis.

在OLAP的使用场景中,支持对资源进行权限限定,以保证信息的安全。然而,目前OLAP中用以获取用户权限的schema(模式)文件是静态文件(对于所有的用户而言都是一样的),由此向用户提供的权限约束也是相对静态的,无法为不同用户进行定制化的权限约束,从而降低了用户体验度。In OLAP usage scenarios, permissions are supported for resources to ensure information security. However, the schema (schema) file used to obtain user permissions in OLAP is currently a static file (the same for all users), so the permission constraints provided to users are relatively static and cannot be performed for different users. Customized permission constraints, thus reducing the user experience.

发明内容SUMMARY OF THE INVENTION

本发明实施方式提供了文件生成方法及装置、数据分析方法及装置和移动终端,用以解决现有技术中无法为不同用户进行定制化的权限约束,从而降低了用户体验度的问题。The embodiments of the present invention provide a file generation method and device, a data analysis method and device, and a mobile terminal to solve the problem of the prior art that cannot be customized for different users, thereby reducing the user experience.

第一方面,本发明实施方式提供了一种文件生成方法。In a first aspect, an embodiment of the present invention provides a file generation method.

具体地,所述方法包括:Specifically, the method includes:

获取文件模板;Get file template;

基于用户标识符确定用户权限;Determining user rights based on the user identifier;

根据所述文件模板和所述用户权限生成文件。A file is generated according to the file template and the user rights.

由于在本发明中,通过用户标识符来确定文件中的用户权限,因此可以定向生成定制化的文件,以实现个性化的权限约束,从而提高用户体验度。Since in the present invention, the user's authority in the file is determined by the user identifier, a customized file can be generated in a targeted manner, so as to realize the personalized authority constraint, thereby improving the user experience.

结合第一方面,在本发明的一些实现方式中,所述基于用户标识符确定用户权限包括:With reference to the first aspect, in some implementations of the present invention, the determining the user authority based on the user identifier includes:

根据所述用户标识符获取权限模型;obtain a permission model according to the user identifier;

根据所述权限模型确定所述用户权限。The user rights are determined according to the rights model.

结合第一方面,在本发明的一些实现方式中,所述根据所述文件模板和所述用户权限生成文件包括:With reference to the first aspect, in some implementations of the present invention, the generating a file according to the file template and the user authority includes:

从所述文件模板中识别出与所述用户权限的权限名称匹配的标签模板;Identifying, from the file template, a label template that matches the authority name of the user authority;

判断所述标签模板的数量是否等于所述用户权限中权限值集合的元素数量;Judging whether the number of label templates is equal to the number of elements in the permission value set in the user permission;

若所述标签模板的数量等于所述元素数量,则在所述文件模板中,利用所述权限值集合中不同的元素,分别对不同的所述标签模板进行占位符替换处理。If the number of the label templates is equal to the number of elements, in the file template, different elements in the permission value set are used to perform placeholder replacement processing on the different label templates respectively.

结合第一方面,在本发明的一些实现方式中,所述根据所述文件模板和所述用户权限生成文件还包括:With reference to the first aspect, in some implementations of the present invention, the generating a file according to the file template and the user authority further includes:

若所述标签模板的数量不等于所述元素数量,则通过所述标签模板以及所述权限值集合中的不同元素,分别生成不同的替换标签;If the number of the label templates is not equal to the number of elements, different replacement labels are generated respectively through the label templates and different elements in the permission value set;

在所述文件模板中,删除所述标签模板并且插入所述替换标签。In the document template, the tag template is deleted and the replacement tag is inserted.

第二方面,本发明实施方式提供了一种数据分析方法。In a second aspect, an embodiment of the present invention provides a data analysis method.

具体地,所述方法包括:Specifically, the method includes:

基于数据分析请求加载根据上述任一项文件生成方法生成的文件;Load the file generated according to any of the above file generation methods based on the data analysis request;

从所述文件中获取用户权限;obtain user rights from said file;

根据所述数据分析请求和所述用户权限执行数据分析处理。Data analysis processing is performed according to the data analysis request and the user authority.

结合第二方面,在本发明的一些实现方式中,所述根据所述数据分析请求和所述用户权限执行数据分析处理包括:With reference to the second aspect, in some implementations of the present invention, the performing data analysis processing according to the data analysis request and the user authority includes:

根据所述数据分析请求生成数据库查询请求;generating a database query request according to the data analysis request;

利用所述用户权限对所述数据库查询请求进行过滤;Filter the database query request by using the user authority;

基于经过滤后的数据库查询请求从数据库中读取数据;Read data from the database based on the filtered database query request;

对所述数据执行分析处理。Analytical processing is performed on the data.

由于在本发明中,在查询数据库之前执行数据过滤处理,因此可以减小对数据库的压力并且还可以提高权限控制的覆盖率。Since in the present invention, the data filtering process is performed before querying the database, the pressure on the database can be reduced and the coverage rate of authority control can also be improved.

第三方面,本发明实施方式提供了一种文件生成装置。In a third aspect, an embodiment of the present invention provides an apparatus for generating a file.

具体地,所述装置包括:Specifically, the device includes:

获取模块,用于获取文件模板;Get module, used to get file template;

确定模块,用于基于用户标识符确定用户权限;a determination module for determining user rights based on the user identifier;

生成模块,用于根据所述文件模板和所述用户权限生成文件。A generating module, configured to generate a file according to the file template and the user authority.

由于在本发明中,通过用户标识符来确定文件中的用户权限,因此可以定向生成定制化的文件,以实现个性化的权限约束,从而提高用户体验度。Since in the present invention, the user's authority in the file is determined by the user identifier, a customized file can be generated in a targeted manner, so as to realize the personalized authority constraint, thereby improving the user experience.

结合第三方面,在本发明的一些实现方式中,所述确定模块包括:With reference to the third aspect, in some implementations of the present invention, the determining module includes:

获取单元,用于根据所述用户标识符获取权限模型;an obtaining unit, configured to obtain a permission model according to the user identifier;

确定单元,用于根据所述权限模型确定所述用户权限。A determining unit, configured to determine the user authority according to the authority model.

结合第三方面,在本发明的一些实现方式中,所述生成模块包括:With reference to the third aspect, in some implementations of the present invention, the generating module includes:

识别单元,用于从所述文件模板中识别出与所述用户权限的权限名称匹配的标签模板;an identification unit for identifying, from the file template, a label template matching the authority name of the user authority;

判断单元,用于判断所述标签模板的数量是否等于所述用户权限中权限值集合的元素数量;a judging unit for judging whether the number of the label templates is equal to the number of elements in the permission value set in the user permission;

替换单元,用于在所述标签模板的数量等于所述元素数量的情形下,在所述文件模板中,利用所述权限值集合中不同的元素,分别对不同的所述标签模板进行占位符替换处理。a replacement unit, configured to use different elements in the permission value set in the file template to occupy places for different label templates respectively under the condition that the number of the label templates is equal to the number of elements Character replacement processing.

结合第三方面,在本发明的一些实现方式中,所述生成模块还包括:In conjunction with the third aspect, in some implementations of the present invention, the generating module further includes:

生成单元,用于在所述标签模板的数量不等于所述元素数量的情形下,通过所述标签模板以及所述权限值集合中的不同元素,分别生成不同的替换标签;A generating unit, configured to respectively generate different replacement labels through the label template and different elements in the permission value set when the number of the label templates is not equal to the number of elements;

删除及插入单元,用于所述文件模板中,删除所述标签模板并且插入所述替换标签。A deletion and insertion unit is used in the document template to delete the label template and insert the replacement label.

第四方面,本发明实施方式提供了一种数据分析装置。In a fourth aspect, an embodiment of the present invention provides a data analysis device.

具体地,所述装置包括:Specifically, the device includes:

加载模块,用于基于数据分析请求加载根据上述任一项文件生成方法生成的文件;a loading module for loading the file generated according to any one of the above file generating methods based on the data analysis request;

获取模块,用于从所述文件中获取用户权限;an acquisition module for acquiring user permissions from the file;

处理模块,用于根据所述数据分析请求和所述用户权限执行数据分析处理。A processing module, configured to perform data analysis processing according to the data analysis request and the user authority.

结合第四方面,在本发明的一些实现方式中,所述处理模块包括:With reference to the fourth aspect, in some implementations of the present invention, the processing module includes:

生成单元,用于根据所述数据分析请求生成数据库查询请求;a generating unit, configured to generate a database query request according to the data analysis request;

过滤单元,用于利用所述用户权限对所述数据库查询请求进行过滤;a filtering unit, configured to filter the database query request by using the user authority;

读取单元,用于基于经过滤后的数据库查询请求从数据库中读取数据;a reading unit for reading data from the database based on the filtered database query request;

处理单元,用于对所述数据执行分析处理。a processing unit for performing analysis processing on the data.

由于在本发明中,在查询数据库之前执行数据过滤处理,因此可以减小对数据库的压力并且还可以提高权限控制的覆盖率。Since in the present invention, the data filtering process is performed before querying the database, the pressure on the database can be reduced and the coverage rate of authority control can also be improved.

第五方面,本发明实施方式提供了一种移动终端,所述移动终端包括存储器和处理器;其中,In a fifth aspect, an embodiment of the present invention provides a mobile terminal, where the mobile terminal includes a memory and a processor; wherein,

所述存储器用于存储一条或多条计算机指令,其中,所述一条或多条计算机指令供所述处理器调用执行;The memory is used to store one or more computer instructions, wherein the one or more computer instructions are invoked and executed by the processor;

所述处理器用于进行上述任意一项文件生成方法或上述任一项数据分析方法所述的操作。The processor is configured to perform the operations described in any one of the above-mentioned file generation methods or any of the above-mentioned data analysis methods.

本发明的这些方面或其他方面在以下具体实施方式的描述中会更加简明易懂。These and other aspects of the invention will be more clearly understood from the following description of the detailed description.

附图说明Description of drawings

为了更清楚地说明本发明实施方式中的技术方案,下面将对实施方式描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图是本发明的一些实施方式,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to illustrate the technical solutions in the embodiments of the present invention more clearly, the following briefly introduces the accompanying drawings used in the description of the embodiments. Obviously, the drawings in the following description are some embodiments of the present invention. For those of ordinary skill in the art, other drawings can also be obtained from these drawings without any creative effort.

图1是根据本发明方法实施方式1的文件生成方法的流程图;Fig. 1 is a flow chart of a file generation method according to method embodiment 1 of the present invention;

图2示出了图1所示的处理S12的一种实施方式;Fig. 2 shows an embodiment of the process S12 shown in Fig. 1;

图3示出了RBAC(Role-Based Access Control,基于角色的访问控制) 模型的架构图;Fig. 3 shows the architecture diagram of RBAC (Role-Based Access Control, role-based access control) model;

图4示出了图1所示的处理S13的一种实施方式;FIG. 4 shows an embodiment of the process S13 shown in FIG. 1;

图5是根据本发明方法实施方式4的数据分析方法的流程图;5 is a flowchart of a data analysis method according to Embodiment 4 of the method of the present invention;

图6示出了图5所示的处理S21的一种实施方式;Fig. 6 shows an embodiment of the process S21 shown in Fig. 5;

图7示出了图5所示的处理S23的一种实施方式;Fig. 7 shows an embodiment of the process S23 shown in Fig. 5;

图8是根据本发明装置实施方式1的文件生成装置的结构示意图;8 is a schematic structural diagram of a file generating apparatus according to Embodiment 1 of the apparatus of the present invention;

图9示出了图8所示的确定模块12的一种实施方式;Fig. 9 shows an embodiment of the determination module 12 shown in Fig. 8;

图10示出了图8所示的生成模块13的一种实施方式;Fig. 10 shows an embodiment of the generation module 13 shown in Fig. 8;

图11是根据本发明装置实施方式4的数据分析装置的结构示意图;11 is a schematic structural diagram of a data analysis device according to Embodiment 4 of the device of the present invention;

图12示出了图11所示的加载模块21的一种实施方式;Fig. 12 shows an embodiment of the loading module 21 shown in Fig. 11;

图13示出了图11所示的处理模块23的一种实施方式。FIG. 13 shows an embodiment of the processing module 23 shown in FIG. 11 .

具体实施方式Detailed ways

以下结合附图和具体实施方式对本发明的各个方面进行详细阐述。其中,在本发明的各个具体实施方式中,众所周知的操作过程、模块、单元及其相互之间的连接、链接、通信或操作没有示出或未作详细说明。Various aspects of the present invention will be described in detail below with reference to the accompanying drawings and specific embodiments. Wherein, in various specific embodiments of the present invention, well-known operation procedures, modules, units and their mutual connections, links, communications or operations are not shown or described in detail.

并且,所描述的特征、架构或功能可在一个或一个以上实施例中以任何方式组合。Also, the described features, architectures, or functions may be combined in any way in one or more embodiments.

此外,本领域技术人员应当理解,下述的各种实施方式只用于举例说明,而非用于限制本发明的保护范围。本领域的技术人员还可以容易理解,本文所述和附图所示的各实施方式中的模块或单元或步骤可以按多种不同配置进行组合和设计。In addition, those skilled in the art should understand that the following various embodiments are only used for illustration, but not for limiting the protection scope of the present invention. Those skilled in the art can also easily understand that the modules or units or steps in the various embodiments described herein and shown in the accompanying drawings can be combined and designed in many different configurations.

对于未在本说明书中进行具体说明的技术术语,除非另有特定说明,都应以本领域最宽泛的意思进行解释。For technical terms that are not specifically described in this specification, unless otherwise specified, they should be interpreted with the broadest meaning in the art.

在本发明的说明书和权利要求书及上述附图中的描述的一些流程中,包含了按照特定顺序出现的多个操作,但是应该清楚了解,这些操作可以不按照其在本文中出现的顺序来执行或并行执行,操作的序号如101、102等,仅仅是用于区分开各个不同的操作,序号本身不代表任何的执行顺序。另外,这些流程可以包括更多或更少的操作,并且这些操作可以按顺序执行或并行执行。需要说明的是,本文中的“第一”、“第二”等描述,是用于区分不同的消息、设备、模块等,不代表先后顺序,也不限定“第一”和“第二”是不同的类型。In some of the processes described in the description and claims of the present invention and the above-mentioned drawings, various operations are included in a specific order, but it should be clearly understood that these operations may not be in accordance with the order in which they appear herein. For execution or parallel execution, the sequence numbers of the operations, such as 101, 102, etc., are only used to distinguish different operations, and the sequence numbers themselves do not represent any execution order. Additionally, these flows may include more or fewer operations, and these operations may be performed sequentially or in parallel. It should be noted that the descriptions such as "first" and "second" in this document are used to distinguish different messages, devices, modules, etc., and do not represent a sequence, nor do they limit "first" and "second" are different types.

下面将结合附图,对本发明实施方式中的技术方案进行清楚、完整地描述,显然,所描述的实施方式仅仅是本发明的一部分实施方式,而不是全部的实施方式。基于本发明中的实施方式,本领域技术人员在没有付出创造性劳动的前提下所获得的所有其他实施方式,都属于本发明保护的范围。The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only a part of the embodiments of the present invention, but not all of the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative efforts shall fall within the protection scope of the present invention.

【方法实施方式1】[Method Embodiment 1]

图1是根据本发明方法实施方式1的文件生成方法的流程图。参见图1,在本实施方式中,所述方法包括:FIG. 1 is a flow chart of a file generation method according to Embodiment 1 of the method of the present invention. Referring to FIG. 1, in this embodiment, the method includes:

S11:获取文件模板。S11: Obtain a file template.

S12:基于用户标识符确定用户权限。S12: Determine user authority based on the user identifier.

S13:根据所述文件模板和所述用户权限生成文件。S13: Generate a file according to the file template and the user authority.

在本发明中,所述用户标识符例如包括但不限于:用户编号、用户邮箱等身份识别信息。所述用户权限例如包括但不限于:权限名称以及权限值集合。其中,权限名称用于表明用户对何种资源进行访问控制,权限值集合用于表明用户有能力访问的具体资源,例如,权限名称为:CITY(城市),权限值集合为:{上海,北京,沈阳}。In the present invention, the user identifier includes, but is not limited to, identification information such as a user number, a user mailbox, and the like. The user rights include, but are not limited to, rights names and rights value sets, for example. Among them, the permission name is used to indicate which resources the user performs access control on, and the permission value set is used to indicate the specific resources that the user has the ability to access. For example, the permission name is: CITY (city), and the permission value set is: {Shanghai, Beijing ,Shenyang}.

由于在本发明中,通过用户标识符来确定文件中的用户权限,因此可以定向生成定制化的文件,以实现个性化的权限约束,从而提高用户体验度。Since in the present invention, the user's authority in the file is determined by the user identifier, a customized file can be generated in a targeted manner, so as to realize the personalized authority constraint, thereby improving the user experience.

【方法实施方式2】[Method Embodiment 2]

本实施方式所提供的方法包括了方法实施方式1中的全部内容,在此不再赘述。其中,如图2所示,在本实施方式中,通过下述方式实现处理S12:The method provided in this embodiment includes all the contents in the method embodiment 1, and details are not repeated here. Wherein, as shown in FIG. 2 , in this embodiment, the process S12 is implemented in the following manner:

S121:根据所述用户标识符获取权限模型。S121: Acquire an authority model according to the user identifier.

S122:根据所述权限模型确定所述用户权限。S122: Determine the user authority according to the authority model.

在本发明中,所述权限模型例如包括但不限于:“用户—权限”模型、以及“用户—角色—权限”模型。In the present invention, the permission model includes, but is not limited to, a "user-permission" model and a "user-role-permission" model, for example.

其中,“用户—权限”模型是直接关联用户和权限的模型;而“用户—角色—权限”模型是通过角色关联用户和权限的模型,又称为RBAC模型。Among them, the "user-authority" model is a model that directly associates users and authorities; and the "user-role-authority" model is a model that associates users and authorities through roles, also known as the RBAC model.

图3示出了RBAC模型的架构图。需要说明的是,图3中的1…?,1…* 表示箭头头部与箭头尾部之间的映射数量关系。其中,1…?表示箭头头部与箭头尾部均至少1个;1…*表示箭头头部至少0个,箭头尾部至少1个。比如在用户和角色之间,用户至少有1个角色。Figure 3 shows the architecture diagram of the RBAC model. It should be noted that 1 in Figure 3...? , 1…* represents the number of mappings between the head of the arrow and the tail of the arrow. Among them, 1...? Indicates that there is at least 1 arrow head and arrow tail; 1...* means that there are at least 0 arrow heads and at least 1 arrow tail. For example, between users and roles, users have at least one role.

【方法实施方式3】[Method Embodiment 3]

本实施方式所提供的方法包括了方法实施方式1或者方法实施方式2中的全部内容,在此不再赘述。其中,如图4所示,在本实施方式中,通过下述方式实现处理S13:The method provided in this embodiment includes all the contents of the method embodiment 1 or the method embodiment 2, and details are not repeated here. Among them, as shown in FIG. 4 , in this embodiment, the process S13 is implemented in the following manner:

S131:从所述文件模板中识别出与所述用户权限的权限名称匹配的标签模板。S131: Identify, from the file template, a label template matching the authority name of the user authority.

S132:判断所述标签模板的数量是否等于所述用户权限中权限值集合的元素数量。若是,则执行S133,若否,则执行S134。S132: Determine whether the number of label templates is equal to the number of elements in the permission value set in the user permission. If yes, execute S133, if not, execute S134.

S133:在所述文件模板中,利用所述权限值集合中不同的元素,分别对不同的所述标签模板进行占位符替换处理。S133: In the file template, use different elements in the permission value set to perform placeholder replacement processing on different label templates respectively.

S134:通过所述标签模板以及所述权限值集合中的不同元素,分别生成不同的替换标签。S134: Generate different replacement labels respectively by using the label template and different elements in the permission value set.

S135:在所述文件模板中,删除所述标签模板并且插入所述替换标签。S135: In the document template, delete the label template and insert the replacement label.

在本发明中,占位符替换处理是指利用指定内容来替换占位符(以@开始并且以@结束的字符串)。In the present invention, placeholder replacement processing refers to replacing a placeholder (a character string starting with @ and ending with @) with specified content.

【方法实施方式4】[Method Embodiment 4]

图5是根据本发明方法实施方式4的数据分析方法的流程图。参见图5,在本实施方式中,所述方法包括:FIG. 5 is a flowchart of a data analysis method according to Embodiment 4 of the method of the present invention. Referring to FIG. 5, in this embodiment, the method includes:

S21:基于数据分析请求加载文件。S21: Load the file based on the data analysis request.

其中,所述文件是根据方法实施方式1至3中任一项所提供的方法而生成的。Wherein, the file is generated according to the method provided in any one of the method embodiments 1 to 3.

S22:从所述文件中获取用户权限。S22: Obtain user rights from the file.

S23:根据所述数据分析请求和所述用户权限执行数据分析处理。S23: Execute data analysis processing according to the data analysis request and the user authority.

【方法实施方式5】[Method Embodiment 5]

本实施方式所提供的方法包括了方法实施方式4中的全部内容,在此不再赘述。其中,如图6所示,在本实施方式中,通过下述方式实现处理S21:The method provided in this embodiment includes all the content in the method embodiment 4, and details are not repeated here. Among them, as shown in FIG. 6 , in this embodiment, the process S21 is implemented in the following manner:

S211:从所述数据分析请求中解析出用户标识符。S211: Parse the user identifier from the data analysis request.

S212:根据所述用户标识符加载所述文件。S212: Load the file according to the user identifier.

【方法实施方式6】[Method Embodiment 6]

本实施方式所提供的方法包括了方法实施方式4或者方法实施方式5中的全部内容,在此不再赘述。其中,如图7所示,在本实施方式中,通过下述方式实现处理S23:The method provided in this embodiment includes all the contents of the method embodiment 4 or the method embodiment 5, and details are not repeated here. Wherein, as shown in FIG. 7 , in this embodiment, the process S23 is implemented in the following manner:

S231:根据所述数据分析请求生成数据库查询请求。S231: Generate a database query request according to the data analysis request.

S232:利用所述用户权限对所述数据库查询请求进行过滤。S232: Filter the database query request by using the user authority.

S233:基于经过滤后的数据库查询请求从数据库中读取数据。S233: Read data from the database based on the filtered database query request.

S234:对所述数据执行分析处理。S234: Perform analysis processing on the data.

由于在本发明中,在查询数据库之前执行数据过滤处理,因此可以减小对数据库的压力并且还可以提高权限控制的覆盖率。Since in the present invention, the data filtering process is performed before querying the database, the pressure on the database can be reduced and the coverage rate of authority control can also be improved.

【方法实施方式7】[Method Embodiment 7]

下面以OLAP场景为例,对本实施方式所提供的文件生成方法进行描述。所述方法包括:The file generation method provided by this embodiment is described below by taking an OLAP scenario as an example. The method includes:

处理1:OLAP服务将用户标识符传递给动态处理服务(以下简称为服务S)。Process 1: The OLAP service passes the user identifier to the dynamic processing service (hereinafter referred to as service S).

处理2:服务S将用户标识符发送至用户资源列表服务以请求用户权限,并且读取相应的schema文件模板。Process 2: The service S sends the user identifier to the user resource list service to request user permission, and reads the corresponding schema file template.

处理3:用户资源列表服务得到用户标识符之后基于RBAC权限模型获取用户权限,并且以MAP(K,V)(名值对)的方式返回用户权限。Process 3: After obtaining the user identifier, the user resource list service obtains the user permission based on the RBAC permission model, and returns the user permission in the form of MAP(K, V) (name-value pair).

其中,K为权限名称,V为权限值集合。Among them, K is the permission name, and V is the permission value set.

处理4:服务S根据schema文件模板和用户权限生成schema文件。Process 4: The service S generates a schema file according to the schema file template and user permissions.

下面结合附图详细阐述处理4的具体实现过程。The specific implementation process of processing 4 will be described in detail below with reference to the accompanying drawings.

针对各获取到的用户权限分别执行下述处理:Perform the following processing for each acquired user authority:

A、从schema文件模板中识别出与用户权限的权限名称匹配的标签模板。A. Identify the label template matching the permission name of the user permission from the schema file template.

B、判断所述标签模板的数量是否等于所述用户权限中权限值集合的元素数量。若是,则执行C,若否,则执行D。B. Determine whether the number of label templates is equal to the number of elements in the permission value set in the user permission. If yes, execute C, if not, execute D.

C、在所述文件模板中,利用所述权限值集合中不同的元素,分别对不同的所述标签模板进行占位符替换处理。C. In the file template, use different elements in the permission value set to perform placeholder replacement processing on different label templates respectively.

D、通过所述标签模板以及所述权限值集合中的不同元素,分别生成不同的替换标签,并且,在所述文件模板中,删除所述标签模板并且插入所述替换标签。D. Different replacement labels are respectively generated through the label template and different elements in the permission value set, and, in the file template, the label template is deleted and the replacement label is inserted.

以下给出schema文件模板的局部示例:A partial example of a schema file template is given below:

Figure GDA0001276488690000081
Figure GDA0001276488690000081

Figure GDA0001276488690000091
Figure GDA0001276488690000091

以K为DYNAMIC_CITY的用户权限为例。在上述schema文件模板中,与该用户权限的权限名称匹配的标签模板为:Take the user authority with K as DYNAMIC_CITY as an example. In the schema file template above, the label template that matches the permission name of the user permission is:

<MemberGrant member=”[City Role.Default].[City].[@<MemberGrant member="[City Role.Default].[City].[@

DYNAMIC_CITY@]”access=”all”></MemberGrant>DYNAMIC_CITY@]”access="all”></MemberGrant>

该标签模板的数量为1。如果该用户权限的V为{北京},元素数量也为1,则直接通过“北京”替换该标签模板中的占位符“@DYNAMIC_CITY@”。The number of this label template is 1. If the V of the user permission is {Beijing}, and the number of elements is also 1, then directly replace the placeholder "@DYNAMIC_CITY@" in the label template with "Beijing".

如果该用户权限的V为{上海,北京,沈阳},元素数量为3,则利用该标签模板以及V中的不同元素分别生成不同的替换标签,例如生成的替换标签为:If the V of the user authority is {Shanghai, Beijing, Shenyang}, and the number of elements is 3, use the tag template and different elements in V to generate different replacement tags, for example, the generated replacement tags are:

1、<MemberGrant member=”[City Role.Default].[City].[上海]”access=”all”> </MemberGrant>1. <MemberGrant member=”[City Role.Default].[City].[Shanghai]” access=”all”> </MemberGrant>

2、<MemberGrant member=”[City Role.Default].[City].[北京]”access=”all”> </MemberGrant>2. <MemberGrant member="[City Role.Default].[City].[Beijing]" access="all"> </MemberGrant>

3、<MemberGrant member=”[City Role.Default].[City].[沈阳]”access=”all”> </MemberGrant>3. <MemberGrant member="[City Role.Default].[City].[Shenyang]" access="all"> </MemberGrant>

将生成的替换标签插入到schema文件模板中该标签模板所在的位置,并删除该标签模板。因此,原schema文件模板中的内容:Insert the generated replacement tag into the schema file template where the tag template is located, and delete the tag template. Therefore, the contents of the original schema file template:

<HierarchyGrant hierarchy=”[City Role.Default]”rollupPolicy=”partial” access=”custom”><HierarchyGrant hierarchy=”[City Role.Default]”rollupPolicy=”partial” access=”custom”>

<MemberGrant member=”[City Role.Default].[City].[@ DYNAMIC_CITY@]”access=”all”><MemberGrant member=”[City Role.Default].[City].[@DYNAMIC_CITY@]” access=”all”>

</MemberGrant></MemberGrant>

</HierarchyGrant></HierarchyGrant>

变成:become:

<HierarchyGrant hierarchy=”[City Role.Default]”rollupPolicy=”partial” access=”custom”><HierarchyGrant hierarchy=”[City Role.Default]”rollupPolicy=”partial” access=”custom”>

<MemberGrant member=”[City Role.Default].[City].[上海]”access=”all”><MemberGrant member="[City Role.Default].[City].[Shanghai]" access="all">

</MemberGrant></MemberGrant>

<MemberGrant member=”[City Role.Default].[City].[北京]”access=”all”><MemberGrant member="[City Role.Default].[City].[Beijing]" access="all">

</MemberGrant></MemberGrant>

<MemberGrant member=”[City Role.Default].[City].[沈阳]”access=”all”><MemberGrant member="[City Role.Default].[City].[Shenyang]" access="all">

</MemberGrant></MemberGrant>

</HierarchyGrant></HierarchyGrant>

【方法实施方式8】[Method Embodiment 8]

下面以OLAP场景为例,对本实施方式所提供的数据分析方法进行描述。所述方法包括:The data analysis method provided by this embodiment is described below by taking an OLAP scenario as an example. The method includes:

处理1:客户端发送数据分析请求至OLAP服务。Process 1: The client sends a data analysis request to the OLAP service.

处理2:OLAP服务从接收的数据分析请求中解析出用户标识符。Process 2: The OLAP service parses the user identifier from the received data analysis request.

处理3:OLAP服务根据解析出的用户标识符加载schema文件。Process 3: The OLAP service loads the schema file according to the parsed user identifier.

其中,schema文件是根据用户标识符而生成的定制化文件(具体的生成方式可参见前述文件生成方法,在此不再赘述)。此外,如果schema文件已经生成则不会再次生成,但当用户权限发生变更的时候,需要清理原schema 文件并根据变更后的用户权限生成新的schema文件。The schema file is a customized file generated according to the user identifier (for the specific generation method, please refer to the aforementioned file generation method, which will not be repeated here). In addition, if the schema file has already been generated, it will not be generated again, but when the user permissions are changed, the original schema file needs to be cleaned up and a new schema file is generated according to the changed user permissions.

处理4:OLAP服务从加载的schema文件中获取用户权限。Process 4: The OLAP service obtains user permissions from the loaded schema file.

处理5:OLAP服务根据接收的数据分析请求生成数据库查询请求。Process 5: The OLAP service generates a database query request according to the received data analysis request.

处理6:OLAP服务利用获取的用户权限对生成的数据库查询请求进行过滤。Process 6: The OLAP service uses the acquired user authority to filter the generated database query request.

处理7:OLAP服务将经过滤后的数据库查询请求发送至数据仓库。Process 7: The OLAP service sends the filtered database query request to the data warehouse.

处理8:数据仓库接收数据库查询请求后执行查询处理,并将查询出的数据反馈至OLAP服务。Process 8: The data warehouse performs query processing after receiving the database query request, and feeds back the queried data to the OLAP service.

处理9:OLAP服务根据接收的数据分析请求对数据仓库反馈的数据执行分析处理,并且,将处理结果反馈至客户端。Process 9: The OLAP service performs analysis processing on the data fed back by the data warehouse according to the received data analysis request, and feeds back the processing result to the client.

其中,所述分析处理例如包括但不限于:钻取、切片、以及切块。The analysis processing includes, but is not limited to, drilling, slicing, and dicing, for example.

由于在本发明中,在查询数据库之前执行数据过滤处理,因此可以减小对数据库的压力并且还可以提高权限控制的覆盖率。Since in the present invention, the data filtering process is performed before querying the database, the pressure on the database can be reduced and the coverage rate of authority control can also be improved.

【装置实施方式1】[Apparatus Embodiment 1]

图8是根据本发明装置实施方式1的文件生成装置的结构示意图。参见图8,文件生成装置1包括:获取模块11、确定模块12、以及生成模块13,具体地:FIG. 8 is a schematic structural diagram of a file generating apparatus according to Embodiment 1 of the apparatus of the present invention. Referring to FIG. 8, the file generation apparatus 1 includes: an acquisition module 11, a determination module 12, and a generation module 13, specifically:

获取模块11用于获取文件模板。The obtaining module 11 is used to obtain the file template.

确定模块12用于基于用户标识符确定用户权限。The determination module 12 is used to determine user rights based on the user identifier.

生成模块13用于根据获取模块11获取的文件模板和确定模块12确定的用户权限生成文件。The generating module 13 is configured to generate a file according to the file template acquired by the acquiring module 11 and the user authority determined by the determining module 12 .

在本发明中,所述用户标识符例如包括但不限于:用户编号、用户邮箱等身份识别信息。所述用户权限例如包括但不限于:权限名称以及权限值集合。其中,权限名称用于表明用户对何种资源进行访问控制,权限值集合用于表明用户有能力访问的具体资源,例如,权限名称为:CITY(城市),权限值集合为:{上海,北京,沈阳}。In the present invention, the user identifier includes, but is not limited to, identification information such as a user number, a user mailbox, and the like. The user rights include, but are not limited to, rights names and rights value sets, for example. Among them, the permission name is used to indicate which resources the user performs access control on, and the permission value set is used to indicate the specific resources that the user has the ability to access. For example, the permission name is: CITY (city), and the permission value set is: {Shanghai, Beijing ,Shenyang}.

由于在本发明中,通过用户标识符来确定文件中的用户权限,因此可以定向生成定制化的文件,以实现个性化的权限约束,从而提高用户体验度。Since in the present invention, the user's authority in the file is determined by the user identifier, a customized file can be generated in a targeted manner, so as to realize the personalized authority constraint, thereby improving the user experience.

【装置实施方式2】[Apparatus Embodiment 2]

本实施方式所提供的装置包括了装置实施方式1中的全部内容,在此不再赘述。其中,如图9所示,在本实施方式中,确定模块12包括:获取单元 121、以及确定单元122,具体地:The apparatus provided in this embodiment includes all the contents of the apparatus in Embodiment 1, and details are not repeated here. Wherein, as shown in Figure 9, in this embodiment, the determination module 12 includes: an acquisition unit 121 and a determination unit 122, specifically:

获取单元121用于根据所述用户标识符获取权限模型。The obtaining unit 121 is configured to obtain the permission model according to the user identifier.

确定单元122用于根据获取单元121获取的权限模型确定所述用户权限。The determining unit 122 is configured to determine the user permission according to the permission model acquired by the acquiring unit 121 .

在本发明中,所述权限模型例如包括但不限于:“用户—权限”模型、以及“用户—角色—权限”模型。In the present invention, the permission model includes, but is not limited to, a "user-permission" model and a "user-role-permission" model, for example.

其中,“用户—权限”模型是直接关联用户和权限的模型;而“用户—角色—权限”模型是通过角色关联用户和权限的模型,又称为RBAC模型。Among them, the "user-authority" model is a model that directly associates users and authorities; and the "user-role-authority" model is a model that associates users and authorities through roles, also known as the RBAC model.

【装置实施方式3】[Apparatus Embodiment 3]

本实施方式所提供的装置包括了装置实施方式1或者装置实施方式2中的全部内容,在此不再赘述。其中,如图10所示,在本实施方式中,生成模块13包括:识别单元131、判断单元132、替换单元133、生成单元134、以及删除及插入单元135,具体地:The apparatus provided in this embodiment includes all the contents of the apparatus embodiment 1 or the apparatus embodiment 2, and details are not described herein again. Wherein, as shown in FIG. 10, in this embodiment, the generation module 13 includes: an identification unit 131, a judgment unit 132, a replacement unit 133, a generation unit 134, and a deletion and insertion unit 135, specifically:

识别单元131用于从所述文件模板中识别出与所述用户权限的权限名称匹配的标签模板。The identifying unit 131 is configured to identify, from the file template, a label template matching the authority name of the user authority.

判断单元132用于判断识别单元131识别出的标签模板的数量是否等于所述用户权限中权限值集合的元素数量。The judging unit 132 is configured to judge whether the number of label templates identified by the identifying unit 131 is equal to the number of elements of the permission value set in the user permission.

替换单元133用于在判断单元132判定出标签模板的数量等于所述元素数量的情形下,在所述文件模板中,利用所述权限值集合中不同的元素,分别对不同的所述标签模板进行占位符替换处理。The replacement unit 133 is configured to, in the file template, use different elements in the permission value set, respectively, for the different label templates in the case where the determination unit 132 determines that the number of label templates is equal to the number of elements. Perform placeholder replacement processing.

生成单元134用于在判断单元132判定出标签模板的数量不等于所述元素数量的情形下,通过所述标签模板以及所述权限值集合中的不同元素,分别生成不同的替换标签。The generating unit 134 is configured to respectively generate different replacement labels by using the label template and different elements in the permission value set when the judging unit 132 determines that the number of label templates is not equal to the number of elements.

删除及插入单元135用于所述文件模板中,删除所述标签模板并且插入生成单元134生成的替换标签。The deletion and insertion unit 135 is used in the document template to delete the label template and insert the replacement label generated by the generation unit 134 .

在本发明中,占位符替换处理是指利用指定内容来替换占位符(以@开始并且以@结束的字符串)。In the present invention, placeholder replacement processing refers to replacing a placeholder (a character string starting with @ and ending with @) with specified content.

【装置实施方式4】[Apparatus Embodiment 4]

图11是根据本发明装置实施方式4的数据分析装置的结构示意图。参见图 11,数据分析装置2包括:加载模块21、获取模块22、以及处理模块23,具体地:FIG. 11 is a schematic structural diagram of a data analysis apparatus according to Embodiment 4 of the apparatus of the present invention. 11, the data analysis device 2 includes: a loading module 21, an acquisition module 22, and a processing module 23, specifically:

加载模块21用于基于数据分析请求加载文件。The loading module 21 is used to load the file based on the data analysis request.

其中,所述文件是根据方法实施方式1至3中任一项所述的方法而生成的。Wherein, the file is generated according to the method described in any one of method embodiments 1 to 3.

获取模块22用于从加载模块21加载的文件中获取用户权限。The obtaining module 22 is used to obtain the user authority from the file loaded by the loading module 21 .

处理模块23用于根据所述数据分析请求和获取模块22获取的用户权限执行数据分析处理。The processing module 23 is configured to perform data analysis processing according to the data analysis request and the user authority obtained by the obtaining module 22 .

【装置实施方式5】[Apparatus Embodiment 5]

本实施方式所提供的装置包括了装置实施方式4中的全部内容,在此不再赘述。其中,如图12所示,在本实施方式中,加载模块21包括:解析单元211 以及加载单元212,具体地:The device provided in this embodiment includes all the contents in the device embodiment 4, and details are not repeated here. Among them, as shown in FIG. 12, in this embodiment, the loading module 21 includes: a parsing unit 211 and a loading unit 212, specifically:

解析单元211用于从所述数据分析请求中解析出用户标识符。The parsing unit 211 is configured to parse out the user identifier from the data analysis request.

加载单元212用于根据解析单元211解析出的用户标识符加载所述文件。The loading unit 212 is configured to load the file according to the user identifier parsed by the parsing unit 211 .

【装置实施方式6】[Apparatus Embodiment 6]

本实施方式所提供的装置包括了装置实施方式4或者装置实施方式5中的全部内容,在此不再赘述。其中,如图13所示,在本实施方式中,处理模块 23包括:生成单元231、过滤单元232、读取单元233、以及处理单元234,具体地:The apparatus provided in this embodiment includes all the contents of the apparatus embodiment 4 or the apparatus embodiment 5, and details are not described herein again. Wherein, as shown in Figure 13, in this embodiment, the processing module 23 includes: a generating unit 231, a filtering unit 232, a reading unit 233, and a processing unit 234, specifically:

生成单元231用于根据所述数据分析请求生成数据库查询请求。The generating unit 231 is configured to generate a database query request according to the data analysis request.

过滤单元232用于利用所述用户权限对生成单元231生成的数据库查询请求进行过滤。The filtering unit 232 is configured to filter the database query request generated by the generating unit 231 by using the user authority.

读取单元233用于基于经过滤单元232过滤后的数据库查询请求从数据库中读取数据。The reading unit 233 is configured to read data from the database based on the database query request filtered by the filtering unit 232 .

处理单元234用于对读取单元233读取出的数据执行分析处理。The processing unit 234 is configured to perform analysis processing on the data read by the reading unit 233 .

由于在本发明中,在查询数据库之前执行数据过滤处理,因此可以减小对数据库的压力并且还可以提高权限控制的覆盖率。Since in the present invention, the data filtering process is performed before querying the database, the pressure on the database can be reduced and the coverage rate of authority control can also be improved.

本发明的实施方式还提供了一种移动终端,包括存储器和处理器;其中,Embodiments of the present invention also provide a mobile terminal, including a memory and a processor; wherein,

所述存储器用于存储一条或多条计算机指令,其中,所述一条或多条计算机指令供所述处理器调用执行;The memory is used to store one or more computer instructions, wherein the one or more computer instructions are invoked and executed by the processor;

所述处理器用于进行如方法实施方式1至方法实施方式8中任意一项所述的操作。The processor is configured to perform the operations described in any one of method embodiment 1 to method embodiment 8.

此外,本发明的实施方式还提供一种计算机存储介质,所述计算机存储介质存储有一条或多条计算机指令,当所述一条或多条计算机指令被一个或多个设备执行时,使得所述设备执行方法实施方式1至方法实施方式8中任意一项所述的操作。In addition, an embodiment of the present invention also provides a computer storage medium, the computer storage medium stores one or more computer instructions, when the one or more computer instructions are executed by one or more devices, the one or more computer instructions cause the The device performs the operation described in any one of method embodiment 1 to method embodiment 8.

本领域的技术人员可以清楚地了解到本发明可全部通过软件实现,也可借助软件结合硬件平台的方式来实现。基于这样的理解,本发明的技术方案对背景技术做出贡献的全部或者部分可以以软件产品的形式体现出来,所述计算机软件产品可以存储在存储介质中,如ROM/RAM、磁碟、光盘等,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,智能手机或者网络设备等)执行本发明各个实施方式或者实施方式的某些部分所述的方法。Those skilled in the art can clearly understand that the present invention can be implemented entirely by software, and can also be implemented by means of software combined with a hardware platform. Based on this understanding, all or part of the technical solutions of the present invention that contribute to the background technology can be embodied in the form of software products, and the computer software products can be stored in storage media, such as ROM/RAM, magnetic disks, optical disks etc., including several instructions for causing a computer device (which may be a personal computer, a server, a smart phone or a network device, etc.) to perform the methods described in various embodiments or some parts of the embodiments of the present invention.

本文中所使用的“软件”等词均指一般意义上的任意类型的计算机编码或者计算机可执行指令集,可以运行所述编码或者指令集来使计算机或其他处理器程序化以执行如上所述的本发明的技术方案的各个方面。此外,需要说明的是,根据实施方式的一个方面,在执行时实施本发明的技术方案的方法的一个或多个计算机程序不必须要在一台计算机或处理器上,而是可以分布于多个计算机或者处理器中的模块中,以执行本发明的技术方案的各个方面。As used herein, terms such as "software" refer generally to any type of computer code or set of computer-executable instructions that can be executed to program a computer or other processor to perform the operations described above. various aspects of the technical solutions of the present invention. In addition, it should be noted that, according to an aspect of the embodiment, one or more computer programs that implement the method of the technical solution of the present invention when executed do not necessarily need to be on one computer or processor, but can be distributed over multiple modules in a computer or processor to execute various aspects of the technical solutions of the present invention.

计算机可执行指令可以有许多形式,如程序模块,可以由一台或多台计算机或是其他设备执行。一般地,程序模块包括例程、程序、对象、组件以及数据结构等等,执行特定的任务或是实施特定的抽象数据类型。特别地,在各种实施方式中,程序模块的功能可以根据各个不同实施方式的需要进行结合或者拆分。Computer-executable instructions can take many forms, such as program modules, that can be executed by one or more computers or other devices. Generally, program modules include routines, programs, objects, components, and data structures, etc., that perform particular tasks or implement particular abstract data types. In particular, in various implementations, the functions of the program modules may be combined or split according to the needs of various implementations.

并且,本发明的技术方案可以体现为一种方法,并且已经提供了所述方法的至少一个示例。可以通过任何一种合适的顺序执行动作,所述动作表现为所述方法中的一部分。因此,实施方式可以构造成可以按照与所示出的执行顺序不同的顺序执行动作,其中,可以包括同时地执行一些动作(尽管在示出的实施方式中,这些动作是连续的)。Also, the technical solution of the present invention may be embodied as a method, and at least one example of the method has been provided. Actions may be performed in any suitable order as part of the described method. Accordingly, embodiments may be constructed such that acts may be performed in an order different from that shown, which may include performing some of the acts concurrently (although in the illustrated embodiment, the acts are sequential).

本文所给出的和使用的定义,应当对照字典、通过引用而并入的文档中的定义、和/或其通常意思进行理解。Definitions, given and used herein, should be read against definitions in dictionaries, documents incorporated by reference, and/or their ordinary meanings.

在权利要求书中以及上述的说明书中,所有的过度短语,例如“包括”、“具有”、“包含”、“承载”、“具有”、“涉及”、“主要由…组成”以及类似词语是应理解为是开放式的,即,包含但不限于。只有“由……组成”应该是封闭或半封闭的过度短语。In the claims as well as in the above description, all transitional phrases such as "comprising", "having", "comprising", "bearing", "having", "involving", "consisting essentially of" and similar words is to be understood as open ended, ie, including but not limited to. Only "consisting of" should be a closed or semi-closed over phrase.

本发明说明书中使用的术语和措辞仅仅为了举例说明,并不意味构成限定。本领域技术人员应当理解,在不脱离所公开的实施方式的基本原理的前提下,对上述实施方式中的各细节可进行各种变化。因此,本发明的范围只由权利要求确定,在权利要求中,除非另有说明,所有的术语应按最宽泛合理的意思进行理解。The terms and phraseology used in the specification of the present invention are for the purpose of illustration only and not limitation. It will be understood by those skilled in the art that various changes may be made in the details of the above-described embodiments without departing from the basic principles of the disclosed embodiments. Therefore, the scope of the invention is to be determined only by the appended claims, in which all terms are to be interpreted in their broadest reasonable meaning unless otherwise specified.

本发明公开了A1、一种文件生成方法,包括:The invention discloses A1, a file generation method, comprising:

获取文件模板;Get file template;

基于用户标识符确定用户权限;Determining user rights based on the user identifier;

根据所述文件模板和所述用户权限生成文件。A file is generated according to the file template and the user rights.

A2、如A1所述的方法中,所述基于用户标识符确定用户权限包括:A2. In the method of A1, the determining the user authority based on the user identifier includes:

根据所述用户标识符获取权限模型;obtain a permission model according to the user identifier;

根据所述权限模型确定所述用户权限。The user rights are determined according to the rights model.

A3、如A1或A2所述的方法中,所述根据所述文件模板和所述用户权限生成文件包括:A3. In the method according to A1 or A2, the generating the file according to the file template and the user authority includes:

从所述文件模板中识别出与所述用户权限的权限名称匹配的标签模板;Identifying, from the file template, a label template that matches the authority name of the user authority;

判断所述标签模板的数量是否等于所述用户权限中权限值集合的元素数量;Judging whether the number of label templates is equal to the number of elements in the permission value set in the user permission;

若所述标签模板的数量等于所述元素数量,则在所述文件模板中,利用所述权限值集合中不同的元素,分别对不同的所述标签模板进行占位符替换处理。If the number of the label templates is equal to the number of elements, in the file template, different elements in the permission value set are used to perform placeholder replacement processing on the different label templates respectively.

A4、如A3所述的方法中,所述根据所述文件模板和所述用户权限生成文件还包括:A4. In the method according to A3, the generating the file according to the file template and the user authority further includes:

若所述标签模板的数量不等于所述元素数量,则通过所述标签模板以及所述权限值集合中的不同元素,分别生成不同的替换标签;If the number of the label templates is not equal to the number of elements, different replacement labels are generated respectively through the label templates and different elements in the permission value set;

在所述文件模板中,删除所述标签模板并且插入所述替换标签。In the document template, the tag template is deleted and the replacement tag is inserted.

本发明还公开了A5、一种数据分析方法,包括:The present invention also discloses A5, a data analysis method, comprising:

基于数据分析请求加载根据A1至A4中任一项所述的方法生成的文件;Load the file generated according to the method of any one of A1 to A4 based on the data analysis request;

从所述文件中获取用户权限;obtain user rights from said file;

根据所述数据分析请求和所述用户权限执行数据分析处理。Data analysis processing is performed according to the data analysis request and the user authority.

A6、如A5所述的方法中,所述根据所述数据分析请求和所述用户权限执行数据分析处理包括:A6. In the method according to A5, the performing data analysis processing according to the data analysis request and the user authority includes:

根据所述数据分析请求生成数据库查询请求;generating a database query request according to the data analysis request;

利用所述用户权限对所述数据库查询请求进行过滤;Filter the database query request by using the user authority;

基于经过滤后的数据库查询请求从数据库中读取数据;Read data from the database based on the filtered database query request;

对所述数据执行分析处理。Analytical processing is performed on the data.

本发明还公开了B7、一种文件生成装置,包括:The invention also discloses B7, a file generation device, comprising:

获取模块,用于获取文件模板;Get module, used to get file template;

确定模块,用于基于用户标识符确定用户权限;a determination module for determining user rights based on the user identifier;

生成模块,用于根据所述文件模板和所述用户权限生成文件。A generating module, configured to generate a file according to the file template and the user authority.

B8、如B7所述的装置中,所述确定模块包括:B8. In the device according to B7, the determining module includes:

获取单元,用于根据所述用户标识符获取权限模型;an obtaining unit, configured to obtain a permission model according to the user identifier;

确定单元,用于根据所述权限模型确定所述用户权限。A determining unit, configured to determine the user authority according to the authority model.

B9、如B7或B8所述的装置中,所述生成模块包括:B9. In the device according to B7 or B8, the generating module includes:

识别单元,用于从所述文件模板中识别出与所述用户权限的权限名称匹配的标签模板;an identification unit for identifying, from the file template, a label template matching the authority name of the user authority;

判断单元,用于判断所述标签模板的数量是否等于所述用户权限中权限值集合的元素数量;a judging unit for judging whether the number of the label templates is equal to the number of elements in the permission value set in the user permission;

替换单元,用于在所述标签模板的数量等于所述元素数量的情形下,在所述文件模板中,利用所述权限值集合中不同的元素,分别对不同的所述标签模板进行占位符替换处理。a replacement unit, configured to use different elements in the permission value set in the file template to occupy places for different label templates respectively under the condition that the number of the label templates is equal to the number of elements Character replacement processing.

B10、如B9所述的装置中,所述生成模块还包括:B10. In the device according to B9, the generating module further includes:

生成单元,用于在所述标签模板的数量不等于所述元素数量的情形下,通过所述标签模板以及所述权限值集合中的不同元素,分别生成不同的替换标签;A generating unit, configured to respectively generate different replacement labels through the label template and different elements in the permission value set when the number of the label templates is not equal to the number of elements;

删除及插入单元,用于所述文件模板中,删除所述标签模板并且插入所述替换标签。A deletion and insertion unit is used in the document template to delete the label template and insert the replacement label.

本发明开公开了B11、一种数据分析装置,包括:The present invention discloses B11, a data analysis device, comprising:

加载模块,用于基于数据分析请求加载根据A1至A4中任一项所述的方法生成的文件;A loading module for loading the file generated by the method according to any one of A1 to A4 based on the data analysis request;

获取模块,用于从所述文件中获取用户权限;an acquisition module for acquiring user permissions from the file;

处理模块,用于根据所述数据分析请求和所述用户权限执行数据分析处理。A processing module, configured to perform data analysis processing according to the data analysis request and the user authority.

B12、如B11所述的装置中,所述处理模块包括:B12. In the device according to B11, the processing module includes:

生成单元,用于根据所述数据分析请求生成数据库查询请求;a generating unit, configured to generate a database query request according to the data analysis request;

过滤单元,用于利用所述用户权限对所述数据库查询请求进行过滤;a filtering unit, configured to filter the database query request by using the user authority;

读取单元,用于基于经过滤后的数据库查询请求从数据库中读取数据;a reading unit for reading data from the database based on the filtered database query request;

处理单元,用于对所述数据执行分析处理。a processing unit for performing analysis processing on the data.

本发明还公开C13、一种移动终端,包括存储器和处理器;其中,The present invention also discloses C13, a mobile terminal, comprising a memory and a processor; wherein,

所述存储器用于存储一条或多条计算机指令,其中,所述一条或多条计算机指令供所述处理器调用执行;The memory is used to store one or more computer instructions, wherein the one or more computer instructions are invoked and executed by the processor;

所述处理器用于进行如A1至A6中任意一项所述的操作。The processor is configured to perform operations as described in any one of A1 to A6.

Claims (11)

1.一种文件生成方法,其特征在于,所述方法应用于数据仓库系统中的联机分析处理OLAP服务,所述方法包括:1. a file generation method, is characterized in that, described method is applied to the online analytical processing OLAP service in data warehouse system, described method comprises: 获取schema文件模板;Get the schema file template; 从客户端的数据分析请求中解析出用户的用户标识符,基于用户标识符确定用户权限;The user identifier of the user is parsed from the data analysis request of the client, and the user authority is determined based on the user identifier; 根据所述schema文件模板和所述用户权限生成schema文件,所述schema文件用于所述OLAP服务在响应所述用户的数据分析请求时,根据所述schema文件中的用户权限,对基于所述数据分析请求而生成的数据库查询请求进行过滤;A schema file is generated according to the schema file template and the user authority, and the schema file is used for the OLAP service to respond to the user's data analysis request according to the user authority in the schema file, Filter database query requests generated from data analysis requests; 其中,所述根据所述schema文件模板和所述用户权限生成schema文件包括:Wherein, the generating the schema file according to the schema file template and the user authority includes: 从所述schema文件模板中识别出与所述用户权限的权限名称匹配的标签模板;Identifying, from the schema file template, a label template that matches the permission name of the user permission; 判断所述标签模板的数量是否等于所述用户权限中权限值集合的元素数量;Judging whether the number of label templates is equal to the number of elements in the permission value set in the user permission; 若所述标签模板的数量等于所述元素数量,则在所述schema文件模板中,利用所述权限值集合中不同的元素,分别对不同的所述标签模板进行占位符替换处理。If the number of the label templates is equal to the number of elements, in the schema file template, different elements in the permission value set are used to perform placeholder replacement processing on the different label templates respectively. 2.如权利要求1所述的方法,其特征在于,所述基于用户标识符确定用户权限包括:2. The method of claim 1, wherein the determining the user authority based on the user identifier comprises: 根据所述用户标识符获取权限模型;obtain a permission model according to the user identifier; 根据所述权限模型确定所述用户权限。The user rights are determined according to the rights model. 3.如权利要求1所述的方法,其特征在于,所述根据所述schema文件模板和所述用户权限生成schema文件还包括:3. The method according to claim 1, wherein the generating the schema file according to the schema file template and the user authority further comprises: 若所述标签模板的数量不等于所述元素数量,则通过所述标签模板以及所述权限值集合中的不同元素,分别生成不同的替换标签;If the number of the label templates is not equal to the number of elements, different replacement labels are generated respectively through the label templates and different elements in the permission value set; 在所述schema文件模板中,删除所述标签模板并且插入所述替换标签。In the schema file template, delete the tag template and insert the replacement tag. 4.一种数据分析方法,其特征在于,所述方法包括:4. A data analysis method, characterized in that the method comprises: 基于数据分析请求加载根据权利要求1至3中任一项所述的方法生成的schema文件;Load the schema file generated by the method according to any one of claims 1 to 3 based on the data analysis request; 从所述schema文件中获取用户权限;Obtain user permissions from the schema file; 根据所述数据分析请求和所述用户权限执行数据分析处理。Data analysis processing is performed according to the data analysis request and the user authority. 5.如权利要求4所述的方法,其特征在于,所述根据所述数据分析请求和所述用户权限执行数据分析处理包括:5. The method of claim 4, wherein the performing data analysis processing according to the data analysis request and the user authority comprises: 根据所述数据分析请求生成数据库查询请求;generating a database query request according to the data analysis request; 利用所述用户权限对所述数据库查询请求进行过滤;Filter the database query request by using the user authority; 基于经过滤后的数据库查询请求从数据库中读取数据;Read data from the database based on the filtered database query request; 对所述数据执行分析处理。Analytical processing is performed on the data. 6.一种文件生成装置,其特征在于,所述装置应用于数据仓库系统中的联机分析处理OLAP服务,所述装置包括:6. A file generation device, characterized in that the device is applied to an online analytical processing OLAP service in a data warehouse system, the device comprising: 获取模块,用于获取schema文件模板;Get module, used to get schema file template; 确定模块,用于从客户端的数据分析请求中解析出用户的用户标识符,基于用户标识符确定用户权限;A determination module, configured to parse out the user identifier of the user from the data analysis request of the client, and determine the user authority based on the user identifier; 生成模块,用于根据所述schema文件模板和所述用户权限生成schema文件,所述schema文件用于所述OLAP服务在响应所述用户的数据分析请求时,根据所述schema文件中的用户权限,对基于所述数据分析请求而生成的数据库查询请求进行过滤;A generation module, configured to generate a schema file according to the schema file template and the user authority, and the schema file is used for the OLAP service to respond to the user's data analysis request according to the user authority in the schema file. , filtering the database query request generated based on the data analysis request; 其中,所述生成模块包括:Wherein, the generation module includes: 识别单元,用于从所述schema文件模板中识别出与所述用户权限的权限名称匹配的标签模板;an identification unit, configured to identify, from the schema file template, a label template matching the authority name of the user authority; 判断单元,用于判断所述标签模板的数量是否等于所述用户权限中权限值集合的元素数量;a judging unit for judging whether the number of the label templates is equal to the number of elements in the permission value set in the user permission; 替换单元,用于在所述标签模板的数量等于所述元素数量的情形下,在所述schema文件模板中,利用所述权限值集合中不同的元素,分别对不同的所述标签模板进行占位符替换处理。The replacement unit is configured to, in the schema file template, use different elements in the permission value set to occupy different label templates respectively when the number of the label templates is equal to the number of elements. Bit character replacement processing. 7.如权利要求6所述的装置,其特征在于,所述确定模块包括:7. The apparatus of claim 6, wherein the determining module comprises: 获取单元,用于根据所述用户标识符获取权限模型;an obtaining unit, configured to obtain a permission model according to the user identifier; 确定单元,用于根据所述权限模型确定所述用户权限。A determining unit, configured to determine the user authority according to the authority model. 8.如权利要求6所述的装置,其特征在于,所述生成模块还包括:8. The apparatus of claim 6, wherein the generating module further comprises: 生成单元,用于在所述标签模板的数量不等于所述元素数量的情形下,通过所述标签模板以及所述权限值集合中的不同元素,分别生成不同的替换标签;A generating unit, configured to respectively generate different replacement labels through the label template and different elements in the permission value set when the number of the label templates is not equal to the number of elements; 删除及插入单元,用于所述schema文件模板中,删除所述标签模板并且插入所述替换标签。A deletion and insertion unit, used in the schema file template, deletes the tag template and inserts the replacement tag. 9.一种数据分析装置,其特征在于,所述装置包括:9. A data analysis device, characterized in that the device comprises: 加载模块,用于基于数据分析请求加载根据权利要求1至3中任一项所述的方法生成的schema文件;A loading module for loading a schema file generated by the method according to any one of claims 1 to 3 based on a data analysis request; 获取模块,用于从所述schema文件中获取用户权限;Get a module for obtaining user permissions from the schema file; 处理模块,用于根据所述数据分析请求和所述用户权限执行数据分析处理。A processing module, configured to perform data analysis processing according to the data analysis request and the user authority. 10.如权利要求9所述的装置,其特征在于,所述处理模块包括:10. The apparatus of claim 9, wherein the processing module comprises: 生成单元,用于根据所述数据分析请求生成数据库查询请求;a generating unit, configured to generate a database query request according to the data analysis request; 过滤单元,用于利用所述用户权限对所述数据库查询请求进行过滤;a filtering unit, configured to filter the database query request by using the user authority; 读取单元,用于基于经过滤后的数据库查询请求从数据库中读取数据;a reading unit for reading data from the database based on the filtered database query request; 处理单元,用于对所述数据执行分析处理。a processing unit for performing analysis processing on the data. 11.一种移动终端,其特征在于,所述移动终端包括存储器和处理器;其中,11. A mobile terminal, characterized in that the mobile terminal comprises a memory and a processor; wherein, 所述存储器用于存储一条或多条计算机指令,其中,所述一条或多条计算机指令供所述处理器调用执行;The memory is used to store one or more computer instructions, wherein the one or more computer instructions are invoked and executed by the processor; 所述处理器用于进行如权利要求1至5中任意一项所述的方法 。The processor is adapted to perform the method of any one of claims 1 to 5.
CN201710081979.3A 2017-02-15 2017-02-15 File generation method and device and data analysis method and device Expired - Fee Related CN107122381B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710081979.3A CN107122381B (en) 2017-02-15 2017-02-15 File generation method and device and data analysis method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710081979.3A CN107122381B (en) 2017-02-15 2017-02-15 File generation method and device and data analysis method and device

Publications (2)

Publication Number Publication Date
CN107122381A CN107122381A (en) 2017-09-01
CN107122381B true CN107122381B (en) 2020-11-20

Family

ID=59718213

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710081979.3A Expired - Fee Related CN107122381B (en) 2017-02-15 2017-02-15 File generation method and device and data analysis method and device

Country Status (1)

Country Link
CN (1) CN107122381B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108897877A (en) * 2018-07-03 2018-11-27 浙江赛佳控股有限公司 Big data analysis tool and method based on EXCEL
CN109657215A (en) * 2018-09-27 2019-04-19 深圳壹账通智能科技有限公司 Document structure tree method, equipment, storage medium and device based on template
CN113177696A (en) * 2021-04-09 2021-07-27 上海辛格迪健康科技有限公司 Method and system for generating controlled file template of medicine quality system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102081710A (en) * 2010-12-14 2011-06-01 中国石油集团川庆钻探工程有限公司 Authority setting method and authority control method
CN102508669A (en) * 2011-11-14 2012-06-20 浙江鸿程计算机系统有限公司 Automatic program code generating method

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060212472A1 (en) * 2004-11-30 2006-09-21 Wavenetworx Inc. Method and system for creating a rich media content portal using third-party commercial portal application software

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102081710A (en) * 2010-12-14 2011-06-01 中国石油集团川庆钻探工程有限公司 Authority setting method and authority control method
CN102508669A (en) * 2011-11-14 2012-06-20 浙江鸿程计算机系统有限公司 Automatic program code generating method

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
基于XML 的可灵活配置树形导航菜单的设计实现;李朔;《百度文库》;20110915;第1-7页 *
如何在应用系统中实现数据权限的控制功能;伍华聪;《博客园https://www.cnblogs.com/wuhuacong/p/3664204.html》;20140414;第1-4页 *

Also Published As

Publication number Publication date
CN107122381A (en) 2017-09-01

Similar Documents

Publication Publication Date Title
TWI877610B (en) Nuts: encrypted userdata transit and storage
US12277242B2 (en) Redacting restricted content in files
US9467460B1 (en) Modularized database architecture using vertical partitioning for a state machine
US9727577B2 (en) System and method to store third-party metadata in a cloud storage system
CN117195307A (en) Configurable annotations for privacy-sensitive user content
JP6616774B2 (en) Anti-malware type mobile content data management apparatus and method
WO2019061991A1 (en) Multi-element universal model platform modeling method, electronic device, and computer readable storage medium
CN108885611A (en) document automation
CN102884775B (en) Method and apparatus for accessing resources
CN111859426B (en) Universal encrypted database connector and setting method thereof
CN110188568A (en) Confidential information identification method, device, device and computer-readable storage medium
CN107122381B (en) File generation method and device and data analysis method and device
US20160191432A1 (en) Secure conversation and document binder
RU2586872C2 (en) Removal of corrupted styles from extensible markup language documents
CN101408882B (en) A method and system for retrieving authorized documents
US10956659B1 (en) System for generating templates from webpages
CN104598651B (en) A kind of management method and device of mobile terminal collection
US11138287B1 (en) System for reducing size of transmitted content
CN106503198A (en) A kind of cold data recognition methodss and system based on hadoop metadata
CN108874944B (en) XSL language transformation-based heterogeneous data mapping system and method
JP2012182737A (en) Secret data leakage preventing system, determining apparatus, secret data leakage preventing method and program
CN116541347B (en) Method and device for obtaining document cognition and computing equipment
CN111984631A (en) Production data migration method, device, computer equipment and storage medium
CN109947739B (en) Data source management method and device
CN113505153B (en) Memorandum backup method based on iOS system and related equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information
CB02 Change of applicant information

Address after: Building N3, building 12, No. 27, Jiancai Chengzhong Road, Haidian District, Beijing 100096

Applicant after: Beijing Xingxuan Technology Co.,Ltd.

Address before: 100085 Beijing, Haidian District on the road to the information on the ground floor of the 1 to the 3 floor of the 2 floor, room 11, 202

Applicant before: Beijing Xiaodu Information Technology Co.,Ltd.

GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20201120