CN108009408A - A kind of right management method, device, computer-readable recording medium and storage control - Google Patents
A kind of right management method, device, computer-readable recording medium and storage control Download PDFInfo
- Publication number
- CN108009408A CN108009408A CN201711257019.4A CN201711257019A CN108009408A CN 108009408 A CN108009408 A CN 108009408A CN 201711257019 A CN201711257019 A CN 201711257019A CN 108009408 A CN108009408 A CN 108009408A
- Authority
- CN
- China
- Prior art keywords
- target
- data
- authority
- information
- node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000007726 management method Methods 0.000 title claims abstract description 20
- 238000001914 filtration Methods 0.000 claims abstract description 30
- 238000000034 method Methods 0.000 claims abstract description 27
- 230000008520 organization Effects 0.000 claims description 44
- 238000010276 construction Methods 0.000 claims description 12
- 238000013500 data storage Methods 0.000 claims description 5
- 210000000352 storage cell Anatomy 0.000 claims description 4
- 230000005055 memory storage Effects 0.000 claims description 3
- 230000008569 process Effects 0.000 description 7
- 238000005516 engineering process Methods 0.000 description 4
- 230000008901 benefit Effects 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 238000013523 data management Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 235000019580 granularity Nutrition 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000029058 respiratory gaseous exchange Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
Abstract
The present invention provides a kind of right management method and device, this method includes:Build user group tree;Wherein, the user group tree includes:At least one node, and the corresponding access rights of each described node;According to the user group tree, the corresponding account information of at least one user is built;Wherein, each account information corresponds to a node;Obtain and store at least one data, and the corresponding authority filtering information of each data;Obtain target account information input by user;According to the user group tree, the corresponding target access authority of the target account information is determined;According to the target access authority determined, determine that target authority filters information;Information is filtered according to the target authority, inquires about target data from least one data of storage, and the target data is shown.This programme can improve efficiency data query.
Description
Technical field
The present invention relates to field of computer technology, more particularly to a kind of right management method, device, computer-readable recording medium and storage
Controller.
Background technology
With the rapid development of information technology, more and more government department, enterprise, grains bureaus of county etc. use information management
System carries out data management, to reduce information gathering input and simplify statistic analysis, so as to improve work efficiency.
At present, after different user log-on message management system, the data area viewed is identical.For example, Finance Department
The employee A of door can view the data of Finance Department, can also view the data of sales department, similarly, the employee B of sales department
The data of sales department and Finance Department can be viewed at the same time.
It can be seen from the above that the authority to user and data opereating specification are not defined information management system, this to use
After the log-on message management system of family, it the target data checked need to be wanted from the middle inquiries of substantial amounts of data, so as to cause data to be looked into
Ask less efficient.
The content of the invention
An embodiment of the present invention provides a kind of right management method, device, computer-readable recording medium and storage control, can improve number
According to search efficiency.
In a first aspect, an embodiment of the present invention provides a kind of right management method, including:
Build user group tree;Wherein, the user group tree includes:At least one node, and each described section
The corresponding access rights of point;
According to the user group tree, the corresponding account information of at least one user is built;Wherein, each account
Information corresponds to a node;
Obtain and store at least one data, and the corresponding authority filtering information of each data;
Further include:
Obtain target account information input by user;
According to the user group tree, the corresponding target access authority of the target account information is determined;
According to the target access authority determined, determine that target authority filters information;
Information is filtered according to the target authority, target data is inquired about from least one data of storage, and it is right
The target data is shown.
Preferably,
Structure user group tree, including:
Determine the nodename of each node, and the corresponding tissue rank of each described node;
According to the corresponding tissue rank of each described node, the corresponding access right of each described node is determined
Limit;
According to the nodename and the access rights determined, the user group tree is built.
Preferably,
It is described that the corresponding account information of at least one user is built according to the user group tree, including:
Determine the corresponding at least one user identifier of each described nodename, and export at least one user's mark
Know;
Receive the exterior targeted customer's mark selected from least one user identifier;
Determine that the targeted customer identifies corresponding nodename, and the access right of the corresponding node of the nodename
Limit;
According to the nodename and the corresponding access rights of the nodename determined, build the target and use
Family identifies the corresponding account information.
Preferably,
The authority filtering information includes:Organization identification information and identification information;
The target access authority that the basis is determined, determines that target authority filters information, including:
According to the target access authority, using the organization identification information or the identification information as the target
Authority filters information;
Information is filtered according to the target authority, target data is inquired about from least one data of storage, including:
According to the organization identification information or the identification information and the target account information, from it is described at least
Inquiry and the organization identification information or the corresponding target data of the identification information in a data.
Second aspect, an embodiment of the present invention provides a kind of rights management device, including:Construction unit, data storage are single
Member, authority determination unit and data query unit;Wherein,
The construction unit, for building user group tree;Wherein, the user group tree includes:At least one node,
And the corresponding access rights of each described node, and according to the user group tree, it is right respectively to build at least one user
The account information answered;Wherein, each account information corresponds to a node;
The data storage cell, for obtaining and storing at least one data, and the corresponding authority of each data
Filter information;
The authority determination unit, for obtaining target account information input by user, and according to the user group tree,
Determine the corresponding target access authority of the target account information;
The data query unit, for according to the target access authority determined, determining target authority filtering letter
Breath, and information is filtered according to the target authority, target data is inquired about from least one data of storage, and to described
Target data is shown.
Preferably,
The construction unit, for determining that the nodename of each node, and each described node correspond to
Tissue rank;According to the corresponding tissue rank of each described node, the corresponding access of each described node is determined
Authority;According to the nodename and the access rights determined, the user group tree is built.
Preferably,
The construction unit, for determining the corresponding at least one user identifier of each described nodename, and exports
At least one user identifier;Receive the exterior targeted customer's mark selected from least one user identifier;Determine
The targeted customer identifies corresponding nodename, and the access rights of the corresponding node of the nodename;According to definite
The nodename and the corresponding access rights of the nodename gone out, it is corresponding described to build targeted customer's mark
Account information.
Preferably,
The authority filtering information includes:Organization identification information and identification information;
The data query unit, for according to the target access authority, by the organization identification information or described
People's identification information filters information as the target authority;According to the organization identification information or the identification information and
The target account information, inquiry and the organization identification information or the identification information from least one data
Corresponding target data.
The third aspect, an embodiment of the present invention provides a kind of computer-readable recording medium, including execute instruction, when the place of storage control
When managing the device execution execute instruction, the storage control performs the method that any of the above-described embodiment of the present invention provides.
Fourth aspect, an embodiment of the present invention provides a kind of storage control, including:Processor, memory and bus;Institute
State memory to be used to store execute instruction, the processor is connected with the memory by the bus, when the storage control
During device operation processed, the processor performs the execute instruction of the memory storage, so that the storage control performs
The method that any of the above-described embodiment of the present invention provides.
An embodiment of the present invention provides a kind of right management method, device, computer-readable recording medium and storage control, passes through structure
The user group tree of node including the different access rights of multiple correspondences, it is each further according to the user group tree of structure, structure
The corresponding account information of user, then each account information also have its corresponding access rights.When storing data, determine simultaneously
The authority filtering information of data is recorded, to realize that data filtering inquiry is prepared to be follow-up.When user inquires about data, according to obtaining
The target account information input by user taken and user group tree, determine the corresponding target access authority of the target account, and
Determine that target authority filters information according to target access authority, inquired about further according to target authority filtering information, determine and open up
Show target data.Thus, in data query, according to the corresponding access rights of user account information, information is filtered according to authority
Filtering inquiry is carried out to each data, target data is only searched from the partial data for meet access rights, reduces and inquired about
Data bulk in journey, so as to improve efficiency data query.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing
There is attached drawing needed in technology description to be briefly described, it should be apparent that, drawings in the following description are the present invention
Some embodiments, for those of ordinary skill in the art, without creative efforts, can also basis
These attached drawings obtain other attached drawings.
Fig. 1 is a kind of flow chart of right management method provided by one embodiment of the present invention;
Fig. 2 is a kind of flow chart for right management method that another embodiment of the present invention provides;
Fig. 3 is a kind of structure diagram of rights management device provided by one embodiment of the present invention.
Embodiment
To make the purpose, technical scheme and advantage of the embodiment of the present invention clearer, below in conjunction with the embodiment of the present invention
In attached drawing, the technical solution in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is
Part of the embodiment of the present invention, instead of all the embodiments, based on the embodiments of the present invention, those of ordinary skill in the art
The all other embodiments obtained on the premise of creative work is not made, belong to the scope of protection of the invention.
As shown in Figure 1, an embodiment of the present invention provides a kind of right management method, this method may comprise steps of:
Step 101:Build user group tree;Wherein, the user group tree includes:At least one node, and it is each
The corresponding access rights of a node;
Step 102:According to the user group tree, the corresponding account information of at least one user is built;Wherein, often
One account information corresponds to a node;
Step 103:Obtain and store at least one data, and the corresponding authority filtering information of each data;
Step 104:Obtain target account information input by user;
Step 105:According to the user group tree, the corresponding target access authority of the target account information is determined;
Step 106:According to the target access authority determined, determine that target authority filters information;
Step 107:Information is filtered according to the target authority, number of targets is inquired about from least one data of storage
According to, and the target data is shown.
In above-described embodiment, the user group tree of the node of the different access rights of multiple correspondences is included by structure, then
According to the user group tree of structure, the corresponding account information of each user is built, then each account information also has its correspondence
Access rights.When storing data, the authority filtering information of data is determined and recorded, to realize that data filtering is inquired about to be follow-up
Prepare.When user inquires about data, according to the target account information input by user of acquisition and user group tree, determining should
The corresponding target access authority of target account, and determine that target authority filters information according to target access authority, further according to target
Authority filtering information is inquired about, and is determined and is shown target data.Thus, in data query, according to user account information pair
The access rights answered, filter information according to authority and each data are carried out with filtering inquiry, only from the part number for meeting access rights
According to middle lookup target data, the data bulk in query process is reduced, so as to improve efficiency data query.
In one embodiment of the invention, the embodiment of step 101, can include:
Determine the nodename of each node, and the corresponding tissue rank of each described node;
According to the corresponding tissue rank of each described node, the corresponding access right of each described node is determined
Limit;
According to the nodename and the access rights determined, the user group tree is built.
For example, when building the corresponding user group tree of an enterprise, nodename includes unit, department and employee,
Department and employee's node can be created under unit-node, employee's node can be created under department's node, cannot under employee's node
Create other nodes.Then unit-node is highest level, and employee's node is lowest level.In the authority that accesses to each node
When safeguarding, access rights include two kinds of granularities:One kind is that access rights are accurate to unit or department, and another kind is access rights essence
Really to individual.During concrete configuration, for being accurate to unit or department:Corresponding node is selected, and node selected as " is included down
Level ", and the corresponding user of the node can be enable to check all data in the unit, for being accurate to individual:Directly select tissue
Corresponding user node on tree.Thus, according to the corresponding tissue rank structure user group tree of each node, easy to build
The connection relation between each node is determined in journey, improves the structure efficiency of user group tree, also, the user group tree built
In have each nodename, easy to the corresponding account information of subsequent builds user, so as to be conducive to further improve data query
Efficiency.
In one embodiment of the invention, the embodiment of step 102, can include:
Determine the corresponding at least one user identifier of each described nodename, and export at least one user's mark
Know;
Receive the exterior targeted customer's mark selected from least one user identifier;
Determine that the targeted customer identifies corresponding nodename, and the access right of the corresponding node of the nodename
Limit;
According to the nodename and the corresponding access rights of the nodename determined, build the target and use
Family identifies the corresponding account information.
By taking the corresponding user group tree of enterprise as an example, when building the account information of user, employee name is that must record field.
When building user group tree, each employee name is set onto corresponding node in advance.When the corresponding account of structure user
During number information, existing employee can be selected from the node on user group tree, ensures that each account information can correspond to user
On the node of organization tree.When receiving targeted customer's mark of exterior selection, its corresponding node, and the node are determined
Access rights, then according to the access rights determined, build corresponding account information, then each account information constructed
There are unique corresponding node and access rights, be conducive to subsequent filter data query.It is also, corresponding according to each node
Nodename directly selects the corresponding targeted customer's mark of account information to be built, easy to the selection of user, and without user
Using corresponding identification information is manually inputted into, so as to improve user experience.
In one embodiment of the invention, the authority filtering information includes:Organization identification information and identification information;
The embodiment of step 106, can include:
According to the target access authority, using the organization identification information or the identification information as the target
Authority filters information;
The embodiment of step 107, can include:
According to the organization identification information or the identification information and the target account information, from it is described at least
Inquiry and the organization identification information or the corresponding target data of the identification information in a data.
For example, authority filtering information is organization id and individual ID, then, will be per the corresponding organization id of data when storing data
Stored with personal ID, subsequently to realize that data filtering is prepared.During access service data, configured according to active user
Unit authority, personal authority carry out intelligences combination:When user right is unit authority, data mistake is carried out according to tissue id
Filter;When user right is personal authority, data filtering is carried out according to user id, so as to inquire corresponding target data.
Data instance is inquired about with organization access authority below, right management method provided in an embodiment of the present invention is carried out detailed
Describe in detail it is bright, as shown in Fig. 2, this method may comprise steps of:
Step 201:Determine the nodename of each node, and the corresponding tissue rank of each described node, and
According to the corresponding tissue rank of each described node, the corresponding access rights of each described node are determined, according to institute
State nodename and the access rights, structure user group tree.
Exemplified by building the corresponding user group tree of an enterprise, organizational information table is built first, stores each tissue
Essential information, the organizational information table are as shown in table 1:
Table 1
Field number | Field name | Field type | Explanation |
ORGAN_ID | Organization number | Varchar(32) | Major key |
ORGAN_NAME | Organization name | Varchar(32) | Organization name |
IN_USE | Whether use | Char(1) | Acquiescence:Use |
CTIME | Creation time | Varchar(18) | Creation time |
In addition organizational chart is built, to the relationship between superior and subordinate of the tissue rank, i.e. tissue of storage organization, institutional framework
Table is as shown in table 2:
Table 2
Field number | Field name | Field type | Explanation |
STRU_ID | Structure number | Varchar(32) | Major key |
ORGAN_ID | Organization number | Varchar(32) | Organization number |
STRU_LEVEL | Level | Varchar(2) | Place organizational hierarchy |
STRU_PATH | Address | Varchar(256) | Organization tree address |
STRU_ORDER | Sequence | Varchar(3) | Sort in organization tree |
IS_LEAF | Whether leaf | Char(1) | Whether it is leaf node |
IN_USE | Whether use | Char(1) | Acquiescence:Use |
CTIME | Creation time | Varchar(18) | Creation time |
According to organizational information table and organizational chart, you can determine that each organizes corresponding tissue rank, and determine phase
The access rights answered, then by a node in each setup action user group tree, you can structure user group tree.
Step 202:Determine the corresponding at least one user identifier of each described nodename, and at least one described in exporting
A user identifier.
When building user group tree, by the corresponding node of each employee name's typing of the enterprise, then account is being built
During number information, can directly it be made choice from the corresponding each employee name of node.
Step 203:The exterior targeted customer's mark selected from least one user identifier is received, determines the mesh
Mark the corresponding nodename of user identifier, and the access rights of the corresponding node of the nodename.
Step 204:According to the nodename and the corresponding access rights of the nodename determined, institute is built
State targeted customer and identify corresponding account information.
When the corresponding account information of structure user, existing employee can be selected from the node on user group tree, is ensured
Each account information can be corresponded on the node of user group tree., can after constructing the corresponding account information of each employee
Each account information is stored using account information storage table, account information storage table is as shown in table 3:
Table 3
Field number | Field name | Field type | Explanation |
USER_ID | Customs Assigned Number | Varchar(32) | Major key |
USER_NAME | User's name | Varchar(32) | User's name |
PASSWORD | Password | Varchar(32) | Md5 encryption |
ORGAN_ID | Organization number | Varchar(32) | Organization number |
CTIME | Creation time | Varchar(18) | Creation time |
The corresponding authority of each account information can be stored using user right table, the user right table such as institute of table 4
Show:
Table 4
Field number | Field name | Field type | Explanation |
ID | Major key | Varchar(32) | Major key |
USER_ID | Customs Assigned Number | Varchar(32) | Customs Assigned Number |
STRU_ID | Structure number | Varchar(32) | Structure number |
HAS_JUNIOR | Include subordinate | Char(1) | Include subordinate |
CTIME | Creation time | Varchar(18) | Creation time |
Step 205:Obtain and store at least one data, and the corresponding organization id of each data and individual ID.
Herein, pieces of data can be stored using service design table, service design table is as shown in table 5:
Table 5
Field number | Field name | Field type | Explanation |
ID | Major key | Varchar(32) | Major key |
USER_ID | Customs Assigned Number | Varchar(32) | Customs Assigned Number |
ORGAN_ID | Organization number | Varchar(32) | Organization number |
DATA1 | Business datum | Varchar(32) | Business datum |
CTIME | Creation time | Varchar(18) | Creation time |
Step 206:The target account information of organizing user input is obtained, and according to the user group tree, is determined described
The corresponding target access authority of target account information is organization access authority.
Step 207:According to the organization access authority, using organization id as authority filter condition, from the data of storage
Target data is inquired about, and shows the target data inquired.
In data query, according to the corresponding access rights of user account information, information is filtered to each number according to authority
According to filtering inquiry is carried out, target data is only searched from the partial data for meet access rights, reduces the number in query process
Data bulk, so as to improve efficiency data query.
As shown in figure 3, an embodiment of the present invention provides a kind of rights management device, including:Construction unit 301, data are deposited
Storage unit 302, authority determination unit 303 and data query unit 304;Wherein,
The construction unit 301, for building user group tree;Wherein, the user group tree includes:At least one section
Point, and the corresponding access rights of each described node, and according to the user group tree, build at least one user's difference
Corresponding account information;Wherein, each account information corresponds to a node;
The data storage cell 302, for obtaining and storing at least one data, and the corresponding power of each data
Limit filtering information;
The authority determination unit 303, for obtaining target account information input by user, and according to the user group
Tree, determines the corresponding target access authority of the target account information;
The data query unit 304, for according to the target access authority determined, determining that target authority filters
Information, and information is filtered according to the target authority, target data is inquired about from least one data of storage, and to institute
Target data is stated to be shown.
In one embodiment of the invention, the construction unit 301, for determining the nodename of each node,
And the corresponding tissue rank of each described node;According to the corresponding tissue rank of each described node, determine every
The corresponding access rights of one node;According to the nodename and the access rights determined, described in structure
User group tree.
In one embodiment of the invention, the construction unit 301, for determining that each described nodename is corresponding extremely
A few user identifier, and export at least one user identifier;Outside is received to select from least one user identifier
The targeted customer's mark selected;Determine that the targeted customer identifies corresponding nodename, and the corresponding section of the nodename
The access rights of point;According to the nodename and the corresponding access rights of the nodename determined, described in structure
Targeted customer identifies the corresponding account information.
In one embodiment of the invention, the authority filtering information includes:Organization identification information and identification information;
The data query unit 304, for according to the target access authority, by the organization identification information or described
Identification information filters information as the target authority;According to the organization identification information or the identification information with
And the target account information, inquiry and the organization identification information or person identifier letter from least one data
The corresponding target data of manner of breathing.
The contents such as the information exchange between each unit, implementation procedure in above device, due to implementing with the method for the present invention
Example is based on same design, and particular content can be found in the narration in the method for the present invention embodiment, and details are not described herein again.
The embodiment of the present invention additionally provides a kind of computer-readable recording medium, including execute instruction, when the processor of storage control is held
During the row execute instruction, the storage control performs the method that any of the above-described embodiment of the present invention provides.
The embodiment of the present invention additionally provides a kind of storage control, including:Processor, memory and bus;The storage
Device is used to store execute instruction, and the processor is connected with the memory by the bus, when the storage control is transported
During row, the processor performs the execute instruction of the memory storage, so that the storage control performs the present invention
The method that any of the above-described embodiment provides.
In conclusion more than the present invention each embodiment at least has the advantages that:
1st, in embodiments of the present invention, the user group of the node of the different access rights of multiple correspondences is included by structure
Tree, further according to the user group tree of structure, builds the corresponding account information of each user, then each account information also has it
Corresponding access rights.When storing data, the authority filtering information of data is determined and recorded, with subsequently to realize data filtering
Inquiry is prepared.When user inquires about data, according to the target account information input by user of acquisition and user group tree, really
The corresponding target access authority of the fixed target account, and determine that target authority filters information according to target access authority, further according to
Target authority filtering information is inquired about, and is determined and is shown target data.Thus, in data query, believed according to user account
Corresponding access rights are ceased, filtering information according to authority carries out each data filtering inquiry, only from the portion for meeting access rights
Target data is searched in divided data, reduces the data bulk in query process, so as to improve efficiency data query.
2nd, in embodiments of the present invention, by the title for determining each node and its corresponding tissue rank, and according to
The tissue rank of each node, determines its corresponding access rights, the nodename and access rights that then basis is determined,
Build user group tree.Thus, according to the corresponding tissue rank structure user group tree of each node, easy in building process
Determine the connection relation between each node, improve the structure efficiency of user group tree, also, have in the user group tree built
Each nodename, easy to the corresponding account information of subsequent builds user, so as to be conducive to further improve efficiency data query.
In addition, user data authority and membership credentials are linked up with, significantly reduce multiple relationships between superior and subordinate and bring permission system to set
The complexity of meter, and support multiple and different organizing users to log in same set of system, business datum is separate.
3rd, in embodiments of the present invention, by determining and exporting the corresponding user identifier of each nodename, to use
Family selection target user identifier from the user identifier of output, it is then determined that the targeted customer identifies corresponding access rights, so
Corresponding account information, the then each account information constructed are identified according to the access rights determined, structure targeted customer afterwards
There are unique corresponding node and access rights, be conducive to subsequent filter data query.It is also, corresponding according to each node
User identifier directly selects the corresponding targeted customer's mark of account information to be built, is used without user and is manually inputted into phase
The identification information answered, so as to improve user experience.
It should be noted that herein, such as first and second etc relational terms are used merely to an entity
Or operation is distinguished with another entity or operation, is existed without necessarily requiring or implying between these entities or operation
Any actual relationship or order.Moreover, term " comprising ", "comprising" or its any other variant be intended to it is non-
It is exclusive to include, so that process, method, article or equipment including a series of elements not only include those key elements,
But also including other elements that are not explicitly listed, or further include solid by this process, method, article or equipment
Some key elements.In the absence of more restrictions, the key element limited by sentence " including one ", is not arranged
Except in the process, method, article or apparatus that includes the element also in the presence of other identical factor.
One of ordinary skill in the art will appreciate that:Realizing all or part of step of above method embodiment can pass through
The relevant hardware of programmed instruction is completed, and foregoing program can be stored in computer-readable storage medium, the program
Upon execution, the step of execution includes above method embodiment;And foregoing storage medium includes:ROM, RAM, magnetic disc or light
Disk etc. is various can be with the medium of store program codes.
It is last it should be noted that:The foregoing is merely presently preferred embodiments of the present invention, is merely to illustrate skill of the invention
Art scheme, is not intended to limit the scope of the present invention.Any modification for being made within the spirit and principles of the invention,
Equivalent substitution, improvement etc., are all contained in protection scope of the present invention.
Claims (10)
- A kind of 1. right management method, it is characterised in that including:Build user group tree;Wherein, the user group tree includes:At least one node, and each described node pair The access rights answered;According to the user group tree, the corresponding account information of at least one user is built;Wherein, each account information A corresponding node;Obtain and store at least one data, and the corresponding authority filtering information of each data;Further include:Obtain target account information input by user;According to the user group tree, the corresponding target access authority of the target account information is determined;According to the target access authority determined, determine that target authority filters information;Information is filtered according to the target authority, target data is inquired about from least one data of storage, and to described Target data is shown.
- 2. according to the method described in claim 1, it is characterized in that,Structure user group tree, including:Determine the nodename of each node, and the corresponding tissue rank of each described node;According to the corresponding tissue rank of each described node, the corresponding access rights of each described node are determined;According to the nodename and the access rights determined, the user group tree is built.
- 3. according to the method described in claim 2, it is characterized in that,It is described that the corresponding account information of at least one user is built according to the user group tree, including:Determine the corresponding at least one user identifier of each described nodename, and export at least one user identifier;Receive the exterior targeted customer's mark selected from least one user identifier;Determine that the targeted customer identifies corresponding nodename, and the access rights of the corresponding node of the nodename;According to the nodename and the corresponding access rights of the nodename determined, targeted customer's mark is built Know the corresponding account information.
- 4. according to the method described in claim 1, it is characterized in that,The authority filtering information includes:Organization identification information and identification information;The target access authority that the basis is determined, determines that target authority filters information, including:According to the target access authority, using the organization identification information or the identification information as the target authority Filter information;Information is filtered according to the target authority, target data is inquired about from least one data of storage, including:According to the organization identification information or the identification information and the target account information, from described at least one Inquiry and the organization identification information or the corresponding target data of the identification information in data.
- A kind of 5. rights management device, it is characterised in that including:Construction unit, data storage cell, authority determination unit sum number According to query unit;Wherein,The construction unit, for building user group tree;Wherein, the user group tree includes:At least one node, and The corresponding access rights of each described node, and according to the user group tree, it is corresponding to build at least one user Account information;Wherein, each account information corresponds to a node;The data storage cell, for obtaining and storing at least one data, and the corresponding authority filtering of each data Information;The authority determination unit, for obtaining target account information input by user, and according to the user group tree, determines The corresponding target access authority of the target account information;The data query unit, the target access authority determined for basis, determines that target authority filters information, and Information is filtered according to the target authority, target data is inquired about from least one data of storage, and to the target Data are shown.
- 6. device according to claim 5, it is characterised in thatThe construction unit, for determining the nodename of each node, and each described corresponding group of node Knit rank;According to the corresponding tissue rank of each described node, the corresponding access rights of each described node are determined; According to the nodename and the access rights determined, the user group tree is built.
- 7. device according to claim 6, it is characterised in thatThe construction unit, for determining the corresponding at least one user identifier of each described nodename, and described in exporting At least one user identifier;Receive the exterior targeted customer's mark selected from least one user identifier;Determine described Targeted customer identifies corresponding nodename, and the access rights of the corresponding node of the nodename;According to what is determined The nodename and the corresponding access rights of the nodename, build the targeted customer and identify the corresponding account Information.
- 8. device according to claim 5, it is characterised in thatThe authority filtering information includes:Organization identification information and identification information;The data query unit, for according to the target access authority, the organization identification information or the individual to be marked Know information and filter information as the target authority;According to the organization identification information or the identification information and described Target account information, is inquired about opposite with the organization identification information or the identification information from least one data The target data answered.
- 9. a kind of computer-readable recording medium, including execute instruction, described to deposit when the processor of storage control performs the execute instruction Store up any method in controller perform claim requirement 1 to 4.
- 10. a kind of storage control, including:Processor, memory and bus;The memory is used to store execute instruction, institute State processor to be connected by the bus with the memory, when the storage control is run, the processor performs institute The execute instruction of memory storage is stated, so that any side in storage control perform claim requirement 1 to 4 Method.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711257019.4A CN108009408A (en) | 2017-12-04 | 2017-12-04 | A kind of right management method, device, computer-readable recording medium and storage control |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711257019.4A CN108009408A (en) | 2017-12-04 | 2017-12-04 | A kind of right management method, device, computer-readable recording medium and storage control |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108009408A true CN108009408A (en) | 2018-05-08 |
Family
ID=62056152
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711257019.4A Pending CN108009408A (en) | 2017-12-04 | 2017-12-04 | A kind of right management method, device, computer-readable recording medium and storage control |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108009408A (en) |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108984606A (en) * | 2018-06-05 | 2018-12-11 | 北京圣康汇金科技有限公司 | A kind of company information classified display system and method |
CN109242420A (en) * | 2018-08-22 | 2019-01-18 | 中国平安人寿保险股份有限公司 | Authority control method, device, electronic equipment and storage medium |
CN110297849A (en) * | 2019-05-22 | 2019-10-01 | 中国平安财产保险股份有限公司 | The incompatible permission screening technique of employee, device, computer equipment and storage medium |
CN111191210A (en) * | 2019-12-10 | 2020-05-22 | 未鲲(上海)科技服务有限公司 | Data access right control method and device, computer equipment and storage medium |
CN112115498A (en) * | 2020-09-28 | 2020-12-22 | 上海申铁信息工程有限公司 | Block chain-based data access authority control method and device |
CN112511629A (en) * | 2020-11-30 | 2021-03-16 | 上海简苏网络科技有限公司 | Data compression method and system for account tree of MPT structure |
CN112882990A (en) * | 2021-02-03 | 2021-06-01 | 深圳市纳研科技有限公司 | Visual automatic file use permission management system and method |
CN113721926A (en) * | 2021-09-09 | 2021-11-30 | 中国电信集团系统集成有限责任公司 | Organization tree authority management method |
CN114428802A (en) * | 2022-04-01 | 2022-05-03 | 北京锐融天下科技股份有限公司 | Data filtering method and system based on user permission |
Citations (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1424671A (en) * | 2002-12-27 | 2003-06-18 | 北京邮电大学 | Module classifying managing method and system thereof |
US20040162905A1 (en) * | 2003-02-14 | 2004-08-19 | Griffin Philip B. | Method for role and resource policy management optimization |
CN1823326A (en) * | 2003-07-11 | 2006-08-23 | 日本电信电话株式会社 | System management method, system management device, system management program, and storage medium containing system management program |
WO2007008336A2 (en) * | 2005-07-07 | 2007-01-18 | Cdw Corporation | Website user account linking |
CN101360121A (en) * | 2007-07-31 | 2009-02-04 | 华为技术有限公司 | Authority control method, system and terminal in apparatus management |
CN101593260A (en) * | 2009-07-03 | 2009-12-02 | 杭州华三通信技术有限公司 | A kind of application process of privileges of management system and device |
CN101604421A (en) * | 2009-03-19 | 2009-12-16 | 深圳市青铜器软件系统有限公司 | A kind of based on network project plan management system and method |
CN102457521A (en) * | 2010-11-02 | 2012-05-16 | 株式会社日立制作所 | Access right management device, access right management system, access right management method and access right management program |
CN104094266A (en) * | 2011-11-07 | 2014-10-08 | 独创系统公司 | Methods and systems for identification of causal genomic variants |
CN106055967A (en) * | 2016-05-24 | 2016-10-26 | 福建星海通信科技有限公司 | SAAS platform user organization permission management method and system |
CN106789984A (en) * | 2016-12-08 | 2017-05-31 | 浙江齐治科技股份有限公司 | A kind of access rights specification and visualization method and system |
CN106778345A (en) * | 2016-12-19 | 2017-05-31 | 网易(杭州)网络有限公司 | The treating method and apparatus of the data based on operating right |
CN107403105A (en) * | 2017-06-30 | 2017-11-28 | 华为技术有限公司 | The authority setting method and device of a kind of file system |
-
2017
- 2017-12-04 CN CN201711257019.4A patent/CN108009408A/en active Pending
Patent Citations (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1424671A (en) * | 2002-12-27 | 2003-06-18 | 北京邮电大学 | Module classifying managing method and system thereof |
US20040162905A1 (en) * | 2003-02-14 | 2004-08-19 | Griffin Philip B. | Method for role and resource policy management optimization |
CN1823326A (en) * | 2003-07-11 | 2006-08-23 | 日本电信电话株式会社 | System management method, system management device, system management program, and storage medium containing system management program |
WO2007008336A2 (en) * | 2005-07-07 | 2007-01-18 | Cdw Corporation | Website user account linking |
CN101360121A (en) * | 2007-07-31 | 2009-02-04 | 华为技术有限公司 | Authority control method, system and terminal in apparatus management |
CN101604421A (en) * | 2009-03-19 | 2009-12-16 | 深圳市青铜器软件系统有限公司 | A kind of based on network project plan management system and method |
CN101593260A (en) * | 2009-07-03 | 2009-12-02 | 杭州华三通信技术有限公司 | A kind of application process of privileges of management system and device |
CN102457521A (en) * | 2010-11-02 | 2012-05-16 | 株式会社日立制作所 | Access right management device, access right management system, access right management method and access right management program |
CN104094266A (en) * | 2011-11-07 | 2014-10-08 | 独创系统公司 | Methods and systems for identification of causal genomic variants |
CN106055967A (en) * | 2016-05-24 | 2016-10-26 | 福建星海通信科技有限公司 | SAAS platform user organization permission management method and system |
CN106789984A (en) * | 2016-12-08 | 2017-05-31 | 浙江齐治科技股份有限公司 | A kind of access rights specification and visualization method and system |
CN106778345A (en) * | 2016-12-19 | 2017-05-31 | 网易(杭州)网络有限公司 | The treating method and apparatus of the data based on operating right |
CN107403105A (en) * | 2017-06-30 | 2017-11-28 | 华为技术有限公司 | The authority setting method and device of a kind of file system |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108984606A (en) * | 2018-06-05 | 2018-12-11 | 北京圣康汇金科技有限公司 | A kind of company information classified display system and method |
CN109242420A (en) * | 2018-08-22 | 2019-01-18 | 中国平安人寿保险股份有限公司 | Authority control method, device, electronic equipment and storage medium |
CN109242420B (en) * | 2018-08-22 | 2023-10-13 | 中国平安人寿保险股份有限公司 | Authority control method, authority control device, electronic equipment and storage medium |
CN110297849A (en) * | 2019-05-22 | 2019-10-01 | 中国平安财产保险股份有限公司 | The incompatible permission screening technique of employee, device, computer equipment and storage medium |
CN110297849B (en) * | 2019-05-22 | 2023-09-01 | 中国平安财产保险股份有限公司 | Employee incompatibility authority screening method and device, computer equipment and storage medium |
CN111191210B (en) * | 2019-12-10 | 2022-09-27 | 未鲲(上海)科技服务有限公司 | Method and device for controlling data access authority, computer equipment and storage medium |
CN111191210A (en) * | 2019-12-10 | 2020-05-22 | 未鲲(上海)科技服务有限公司 | Data access right control method and device, computer equipment and storage medium |
CN112115498A (en) * | 2020-09-28 | 2020-12-22 | 上海申铁信息工程有限公司 | Block chain-based data access authority control method and device |
CN112115498B (en) * | 2020-09-28 | 2023-12-01 | 上海申铁信息工程有限公司 | Data access authority control method and device based on blockchain |
CN112511629A (en) * | 2020-11-30 | 2021-03-16 | 上海简苏网络科技有限公司 | Data compression method and system for account tree of MPT structure |
CN112882990A (en) * | 2021-02-03 | 2021-06-01 | 深圳市纳研科技有限公司 | Visual automatic file use permission management system and method |
CN113721926A (en) * | 2021-09-09 | 2021-11-30 | 中国电信集团系统集成有限责任公司 | Organization tree authority management method |
CN114428802A (en) * | 2022-04-01 | 2022-05-03 | 北京锐融天下科技股份有限公司 | Data filtering method and system based on user permission |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108009408A (en) | A kind of right management method, device, computer-readable recording medium and storage control | |
US6735591B2 (en) | Universal information warehouse system and method | |
US7895229B1 (en) | Conducting cross-checks on legal matters across an enterprise system | |
US8200690B2 (en) | System and method for leveraging historical data to determine affected entities | |
US7343628B2 (en) | Authorization data model | |
US20140129268A1 (en) | Role discovery using privilege cluster analysis | |
US20110004622A1 (en) | Method and apparatus for gathering and organizing information pertaining to an entity | |
CA2718002C (en) | Methods and systems for group data management and classification | |
US20110173033A1 (en) | Systems and methods for utilizing an enterprise map to determine affected entities | |
CN106682096A (en) | Method and device for log data management | |
CA2436594A1 (en) | System and method of discovering information | |
CN105117442B (en) | A kind of big data querying method based on probability | |
CN106126551A (en) | A kind of generation method of Hbase database access daily record, Apparatus and system | |
US20090254560A1 (en) | Database system and method with improved locks | |
CN108683673A (en) | Long-range multiple terminals Supervision Organization work service managing and control system | |
WO2016157214A1 (en) | Intellectual property management system and tool | |
US10430413B2 (en) | Data information framework | |
US20140222655A1 (en) | Method and System for Automatic Regulatory Compliance | |
CN104699790A (en) | Bank data relationship building method and device | |
US20230083054A1 (en) | System and method for sql server resources and permissions analysis in identity management systems | |
US20140317008A1 (en) | Method and system for providing and controlling access to candidate information in collections of partner companies | |
CN106682180A (en) | Data inquiry method and device | |
CN106354882A (en) | Query service platform and query method thereof | |
CN108304731A (en) | A kind of method, system and information processing platform that management business data calls | |
US20140279831A1 (en) | Data modeling techniques |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180508 |