CN108875054B - Method for acquiring field value of role property field in form - Google Patents

Method for acquiring field value of role property field in form Download PDF

Info

Publication number
CN108875054B
CN108875054B CN201810690606.0A CN201810690606A CN108875054B CN 108875054 B CN108875054 B CN 108875054B CN 201810690606 A CN201810690606 A CN 201810690606A CN 108875054 B CN108875054 B CN 108875054B
Authority
CN
China
Prior art keywords
user
role
field value
field
employee
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810690606.0A
Other languages
Chinese (zh)
Other versions
CN108875054A (en
Inventor
陈达志
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu Qianniucao Information Technology Co Ltd
Original Assignee
Chengdu Qianniucao Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu Qianniucao Information Technology Co Ltd filed Critical Chengdu Qianniucao Information Technology Co Ltd
Publication of CN108875054A publication Critical patent/CN108875054A/en
Application granted granted Critical
Publication of CN108875054B publication Critical patent/CN108875054B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management

Abstract

The invention discloses a method for acquiring field values of role property fields in a form, which comprises the following steps: displaying candidate field values corresponding to character property fields, wherein the candidate field values are characters, the characters are independent individuals, but not groups/classes, one character can only be associated with a unique user at the same time period, and one user is associated with one or more characters; acquiring a field value: selecting a role from the candidate field values as a field value of the role property field. The field value of the character property field is formed by the character, or the character and the user, or the character and the staff, and the character is an independent individual and not a group/class, so that the character in the field value can judge which post number is responsible for the corresponding character property field, the responsibility division is convenient, the statistical analysis of related affairs by the post number is facilitated, and the responsibility tracing is performed when problems occur.

Description

Method for acquiring field value of role property field in form
Technical Field
The invention relates to a form generation method of management software systems such as ERP (enterprise resource planning) and the like, in particular to a field value acquisition method of a role property field in a form.
Background
Role-based access control (RBAC), which is the most studied and well-conceived database rights management mechanism in recent years, is considered as an ideal candidate for replacing the traditional Mandatory Access Control (MAC) and autonomous access control (DAC). The basic idea of role-based access control (RBAC) is to divide different roles according to different functional posts in an enterprise organization view, encapsulate the access authority of a database resource in the roles, and enable a user to indirectly access the database resource by being endowed with different roles.
In large application systems, a large number of tables and views are often built, which complicates the management and authorization of database resources. It is very difficult for the user to directly manage the access and permission of the database resource, it requires the user to know the database structure very thoroughly, and is familiar with the use of SQL language, and once the application system structure or the security requirement changes, it needs to make a lot of complicated and tedious authorization changes, and it is very easy to have some unexpected authorization mistakes to cause security holes. Therefore, it has become a general need for systems and system users to design a simple and efficient rights management method for large-scale application systems.
The authority control mechanism based on the role can simply and efficiently manage the access authority of the system, greatly reduces the burden and cost of the system authority management, and enables the system authority management to be more in line with the service management standard of an application system.
However, the traditional role-based user right management method all adopts a role-to-user one-to-many association mechanism, and the role is of group/class nature, that is, one role can simultaneously correspond/associate multiple users, and the role is similar to concepts such as post/position/work category, and the like, and the authorization for user rights under the association mechanism is basically divided into the following three forms: 1. as shown in fig. 1, the user is directly authorized, and the disadvantages are that the workload is large, the operation is frequent and troublesome; 2. as shown in fig. 2, the role (class/group/station/work type property) is authorized (one role can be associated with multiple users), and the users obtain the authority through the role; 3. as shown in fig. 3, the above two ways are combined.
In the above expression, 2 and 3 both need to authorize the role of class/group nature, and the authorization manner through the role of class/group/station/job nature has the following disadvantages: 1. the operation is difficult when the user authority is changed: in the actual system use process, often the authority of the user needs to be adjusted in the operation process, such as: when the authority of the employee is changed during processing of the change of the authority of the employee, the authority of the employee related to the role is changed, and the authority of the whole role cannot be changed due to the change of the authority of the individual employee, because the role is also related to other employees with unchanged authority. Therefore, to cope with this situation, either a new role is created to satisfy the employee whose authority has changed, or the employee is directly authorized (out of role) according to the authority requirements. The two processing modes have the advantages that the time needed for authorizing the roles is long under the condition that the roles have more authorities, mistakes are easily made, the operation of a user is complicated and troublesome, and the user is easy to make mistakes to cause the loss of the user of the system.
2. It is difficult to remember the specific permissions that a role contains for a long time: if the authority function points of the roles are more, the specific authority of the roles is hard to remember for a long time, the authority difference between the roles with similar authorities is hard to remember, and if a new user needs to be associated, how to select the association cannot be accurately judged.
3. Because the user authority changes, more and more roles are created (if a new role is not created, the direct authorization to the user is greatly increased), and the specific difference of the authority of each role is more difficult to distinguish.
4. When the post is adjusted, if a plurality of permissions of the adjusted user are to be allocated to other users for bearing, the permissions of the adjusted user must be distinguished during processing, and roles are respectively created to associate other users, so that the operation is not only complicated and time-consuming, but also is easy to generate errors.
A contract form usually contains the field of the contract signer, and if the contract signer is zhang, zhang is the field value of the field of the contract signer. The existing form is usually only filled in as a corresponding employee with the field value of the contract subscriber, which is filled in or selected as Zhang three in the above example. However, when the employee is responsible for the affairs of a plurality of posts, the employee cannot clearly know which post number the affair is engaged in, so that the specific responsibility post number or responsibility department cannot be traced when a problem occurs and responsibility is traced; for example, Zhang III is responsible for the first part of sales and the second part of sales, and when the contract endorser of one contract form is filled in Zhang III but no contract endorsement department is marked on the contract form, the business belonging to the first part of sales or the second part of sales cannot be distinguished; if the responsibility is traced by a problem, the responsibility of which post number needs to be analyzed, namely selling one part or selling two parts except Zhang III, cannot be accurately analyzed.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provides a field value acquisition method of a role property field in a form.
The purpose of the invention is realized by the following technical scheme: the method for acquiring the field value of the role property field in the form comprises the following steps: displaying candidate field values corresponding to character property fields, wherein the candidate field values are characters, the characters are independent individuals, but not groups/classes, one character can only be associated with a unique user at the same time period, and one user is associated with one or more characters; acquiring a field value: selecting a role from the candidate field values as a field value of the role property field.
The method for acquiring the field value of the role property field in the form comprises the following steps: displaying candidate field values corresponding to character property fields, wherein the candidate field values are characters, the characters are independent individuals, but not groups/classes, one character can only be associated with a unique user at the same time period, and one user is associated with one or more characters; acquiring a role field value: selecting a role from the candidate field values as a role field value in the field values of the role property field; acquiring a user field value: and after the role field value is obtained, automatically obtaining a user currently associated with the selected role as a user field value in the role property field value, or automatically obtaining an employee corresponding to the user currently associated with the selected role as a user field value in the role property field value.
Preferably, the method for obtaining the field value further comprises the step of modifying the user field value: and replacing the user currently used as the user field value with one of all users associated with the role, or replacing the employee currently used as the user field value with one of all employees corresponding to all users associated with the role.
Preferably, the user determines the authority through the association between the user and the role, one employee corresponds to one user, and one user corresponds to one employee.
Preferably, the role belongs to a department, the role is authorized according to the work content of the role, the name of the role is unique under the department, and the number of the role is unique in the system.
Preferably, when the user adjusts post across departments, the association between the user and the role in the original department is cancelled, and the user is associated with the role in the new department.
The method for acquiring the field value of the role property field in the form comprises the following steps: acquiring a user field value: automatically acquiring a current user of a login system or an employee corresponding to the current user as a user field value in the field values of the role property fields; acquiring a role field value: after the field value of the user is obtained, if only one role currently associated with the user is available, the role is automatically obtained to serve as the role field value in the field values of the role property field; if the current user has two or more roles associated currently, selecting one role from all roles associated currently by the current user as a role field value in the field values of the role property fields; the roles are independent individuals, not groups/classes, and one role can only be associated with a unique user and one user is associated with one or more roles in the same time period.
Preferably, the user determines (obtains) the authority by its association with the role, one employee for each user and one user for each employee.
The method for acquiring the field value of the role property field in the form comprises the following steps: the staff logs in the system according to the corresponding user; selecting a current role: after the employee logs in the system, the default role of the user is the current role or the employee selects one role except the default role from all roles associated with the user corresponding to the employee as the current role, wherein the default role is one or only one; acquiring a role field value: automatically acquiring the current role as a role field value in the field values of the role property fields, wherein the roles are independent individuals, but not groups/classes, one role can only be associated with a unique user at the same time period, and one user is associated with one or more roles; acquiring a user field value: and after the role field value is obtained, automatically obtaining the user currently associated with the current role as the user field value in the role property field value, or automatically obtaining the employee corresponding to the user currently associated with the current role as the user field value in the role property field value.
Preferably, the user determines (obtains) the authority by its association with the role, one employee for each user and one user for each employee.
The invention has the beneficial effects that: (1) the field value of the character property field is formed by the character, or the character and the user, or the character and the staff, and the character is an independent individual, not a group/class, so that the character in the field value can judge which post number/station number is responsible for the corresponding character property field, the responsibility division is convenient, the statistical analysis of related affairs is facilitated by the post number/station number, and the responsibility tracing is performed when problems occur.
For example, the contract signer of one contract form is salesperson 1, while employee a is responsible for the transaction of salesperson 1 selling one and salesperson 2 selling two (salesperson 1, salesperson 2 are in role); the field value of the contract subscriber is employee A by adopting the traditional method, and the field value of the contract subscriber is salesman 1 (employee A) by adopting the method of the invention; when the contract form has a problem to pursue the responsibility, the traditional method can only pursue the responsibility to the employee A, but the method of the invention can pursue the responsibility to the employee A and the part of the sale (because the role belongs to the department, and can also analyze which post number/role signed contract), thereby being capable of dividing and punishing the responsibility more accurately and reasonably.
(2) In the traditional authority management mechanism, roles are defined as properties such as groups, work types, classes and the like, the roles are in one-to-many relationship with users, and in the actual use process of a system, the authority of the users often needs to be adjusted in the operation process, for example: when the authority of the employee is changed during processing of the change of the authority of the employee, the authority of the employee related to the role is changed, and the authority of the whole role cannot be changed due to the change of the authority of the individual employee, because the role is also related to other employees with unchanged authority. Therefore, to cope with this situation, either a new role is created to satisfy the employee whose authority has changed, or the employee is directly authorized (out of role) according to the authority requirements. The two processing modes have the advantages that the time needed for authorizing the roles is long under the condition that the roles have more authorities, mistakes are easily made, the operation of a user is complicated and troublesome, and the user is easy to make mistakes to cause the loss of the user of the system.
However, under the method of the application, because the role is an independent individual, the purpose can be achieved by selectively changing the role authority. Although the method of the application seems to increase the workload when the system is initialized, the efficiency of creating roles or authorizing the roles can be higher than that of the traditional roles taking groups as properties by methods such as copying, and the like, because the commonness of the roles taking the properties as the groups when the roles meet the associated users is not considered, the scheme of the application can give clear and clear right setting; especially after the system is used for a period of time (the user/role authority dynamically changes), the application scheme can greatly improve the authority management efficiency in the use of the system for a system user, so that the dynamic authorization is simpler, more convenient, clearer and clearer, and the efficiency and reliability of authority setting are improved.
(3) The traditional role authorization method taking the group as the property is easy to make mistakes, and the method greatly reduces the probability of authorization mistakes because the method only needs to consider the role as an independent individual, and does not need to consider the commonality of a plurality of users related to the group of property roles in the traditional method. Even an authorization error affects only the one user associated with the role, whereas a role traditionally in the nature of a group affects all users associated with the role. Even if permission authorization errors occur, the correction method is simple and short in time, the permission commonality of all users related to the role needs to be considered when the traditional role with the group property corrects the errors, the correction is troublesome and complex under the condition of multiple functional points, errors are easy to occur, and the problem can be solved only by newly creating the role under many conditions.
(4) Under the traditional role authorization method taking groups as properties, if the authority function points of roles are more and the time is long, the specific authority of the roles is difficult to remember, the authority difference between the roles with similar authorities is difficult to remember, and if a new user needs to be associated, how to select association cannot be accurately judged. The role of the method has the property of post number/station number, and the selection is clear at a glance.
(5) When the post is adjusted, if a plurality of permissions of the adjusted user are to be allocated to other users for bearing, the permissions of the adjusted user must be distinguished during processing, and roles are respectively created to associate other users, so that the operation is not only complicated and time-consuming, but also is easy to generate errors.
The method comprises the following steps: the method comprises the steps that a user to be subjected to post adjustment is associated with a plurality of roles, when the post adjustment is carried out, the association between the user and the roles in the original department is firstly cancelled (the cancelled roles can be re-associated to other users), and then the user is associated with the roles in the new department. The operation is simple, and errors can be avoided.
(6) Role belongs to department, then the department of the role cannot be replaced, why the role cannot replace the department: reason 1: because the character property of the application is equal to one station number/post number, the work contents/authorities of different station numbers/post numbers are different, for example, the role of salesman 1 in the sales department and the role of developer 1 in the technical department are two completely different station numbers/post numbers, and the authorities are different; reason 2: if the department (sales department) to which the salesperson 1 role belongs is replaced with the technical department and the authority of the salesperson 1 role is not changed, there is a role in the technical department that has the authority of the sales department, which leads to confusion of management and security holes.
Drawings
FIG. 1 is a diagram illustrating a method for directly authorizing a user by a system in the background art;
FIG. 2 is a diagram illustrating a manner in which a system authorizes a group/class property role in the background art;
FIG. 3 is a diagram illustrating a manner of combining direct authorization of a user and authorization of a group/class property role in a system in the background art;
FIG. 4 is a flow chart of an embodiment of the present invention;
FIG. 5 is a schematic diagram of the manner in which the system of the present invention authorizes a user via an individual personality trait role;
FIG. 6 is a flow chart of yet another embodiment of the present invention;
FIG. 7 is a flow chart of yet another embodiment of the present invention;
FIG. 8 is a flow chart of yet another embodiment of the present invention.
Detailed Description
The technical solutions of the present invention are further described in detail below with reference to the accompanying drawings, but the scope of the present invention is not limited to the following.
As shown in fig. 4, a method for obtaining a field value of a role property field in a form includes: and displaying candidate field values corresponding to the character property fields, wherein the candidate field values are characters. For example, the form contains the role property field "contracting subscriber" and the candidate field values include salesman 1, salesman 2 and salesman 3.
As shown in fig. 5, the roles are independent individuals, not groups/classes, and one role can only be associated with a unique user and one user is associated with one or more roles in the same time period. The role belongs to a department, the role is authorized according to the work content of the role, the name of the role is unique under the department, and the serial number of the role is unique in the system.
And (3) defining roles: the role has no properties of group/class/category/position/work category and the like, but has a non-collective property, the role has uniqueness, and the role is an independent individual which independently exists; the time sequence is equivalent to a position number in the application of an enterprise and public institution (the position number is not the position, a position can have a plurality of employees at the same time, and one position number only corresponds to one employee in the same time period).
Examples are: the following roles may be created in a company system: the association relationship between users and roles of a master manager, a slave master manager 1, a slave master manager 2, a first Beijing sales manager, a second Beijing sales manager, a third Beijing sales manager, a Shanghai sales engineer 1, a Shanghai sales engineer 2, a Shanghai sales engineer 3, a Shanghai sales engineer 4 and a Shanghai sales engineer 5 … …: if the employee of the company plays three roles as the subsidiary general manager 2 of the company and plays the role of selling one manager in Beijing at the same time, the roles needing to be associated with the third role are the subsidiary general manager 2 and the manager sold in Beijing, and the third role has the authority of the two roles.
The concept of traditional roles is group/class/position/job type nature, one role can correspond to multiple users. The concept of "role" in this application is equivalent to post/station number and is also similar to the role in movie and television play: a character can only be shown by one actor during the same time period (childhood, teenager, middle age … …), and one actor may be shown with multiple angles.
And when the user adjusts the post across departments, canceling the association between the user and the role in the original department, and associating the user with the role in the new department. After the roles are created, the roles can be associated in the process of creating the user, or can be associated at any time after the creation of the user is completed. After the user associates the roles, the association relation with the roles can be released at any time, and the association relation with other roles can be established at any time.
Acquiring a field value: selecting a role from the candidate field values as a field value of the role property field. For example, the candidate field values include salesperson 1, salesperson 2 and salesperson 3, and when a field value is set for a character property field "contractor" included in the form, salesperson 2 is selected as a field value for the character property field "contractor", that is, the field value for the contractor is "salesperson 2" from the candidate field values.
As shown in fig. 6, a method for obtaining a field value of a role property field in a form includes: the field value defining the role property field includes a role field value and a user field value, i.e., a role field value and a user field value are part of the field value, respectively.
And displaying candidate field values corresponding to the character property fields, wherein the candidate field values are characters. For example, the form contains the role property field "contracting subscriber" and the candidate field values include salesman 1, salesman 2 and salesman 3.
The roles are independent individuals, not groups/classes, and one role can only be associated with a unique user and one user is associated with one or more roles in the same time period. The role belongs to a department, the role is authorized according to the work content of the role, the name of the role is unique under the department, and the serial number of the role is unique in the system. The user determines (obtains) the authority by its association with the role, one employee to each user and one user to each employee.
And when the user adjusts the post across departments, canceling the association between the user and the role in the original department, and associating the user with the role in the new department. After the roles are created, the roles can be associated in the process of creating the user, or can be associated at any time after the creation of the user is completed. After the user associates the roles, the association relation with the roles can be released at any time, and the association relation with other roles can be established at any time.
Acquiring a role field value: selecting a role from the candidate field values as a role field value in the field values of the role property field. For example, candidate field values include salesperson 1, salesperson 2 and salesperson 3, and when a field value is set for a character property field "contract endorser" included in the form, salesperson 2 is selected from the candidate field values as a character field value in the field value of the character property field "contract endorser".
Acquiring a user field value: and after the role field value is obtained, automatically obtaining a user currently associated with the selected role as a user field value in the role property field value, or automatically obtaining an employee corresponding to the user currently associated with the selected role as a user field value in the role property field value. For example, the salesperson 2 is currently associated with the user a, the candidate field values include salesperson 1, salesperson 2 and salesperson 3, and when a field value is set for a character property field "contract endorsing person" included in the form, when the salesperson 2 is selected as a character field value in the field values of the contract endorsing person, the user a is automatically set as a user field value in the field values of the contract endorsing person, that is, the field value of the contract endorsing person is "salesperson 2 (user a)". For another example, when the salesperson 2 is currently associated with the user a, the user a corresponds to employee zhang, the candidate field values include salesperson 1, salesperson 2 and salesperson 3, and when a field value is set for a character property field "contractor" included in the form, the salesperson 2 automatically takes zhang as a user field value in the field values of the contractor, that is, the field value of the contractor is "salesperson 2 (zhang)", after the salesperson 2 is selected as a character field value in the field values of the contractor.
The field value obtaining method also comprises the step of modifying the user field value: and replacing the user currently used as the user field value with one of all users associated with the role, or replacing the employee currently used as the user field value with one of all employees corresponding to all users associated with the role. All users with which a role is associated here include users with which a role is currently associated and users with which a role has been associated. For example, the user currently associated with salesperson 2 is user a, the users with which salesperson 2 has been associated are user b, user c and user d, and the form includes a role property field "contract subscriber"; after the salesman 2 is selected as a role field value in the field values of the contract endorsing persons, automatically taking the user A as a user field value in the field values of the contract endorsing persons, namely the field values of the contract endorsing persons are 'salesman 2 (user A)'; due to the change of work, the user field value needs to be changed from the user A to the user C, the user C is directly used as the user field value in the field value of the contract endorsing person, and the field value of the contract endorsing person is 'salesman 2 (user C)'. For another example, for example, the user currently associated with the salesman 2 is user a, the user once associated with the salesman 2 is user b, user c and user d, the user a corresponds to employee zhang three, the user b corresponds to employee lie four, the user c corresponds to employee zhang five, and the user d corresponds to employee lie six, and the form includes a character property field "contract subscriber"; after the salesman 2 is selected as a role field value in the field values of the contract endorsing persons, Zhang III is automatically taken as a user field value in the field values of the contract endorsing persons, namely the field values of the contract endorsing persons are 'salesman 2 (Zhang III'); due to the change of work, the user field value needs to be changed from Zhang III to Zhang V, and the Zhang V is directly used as the user field value in the field value of the contract endorsing person, and the field value of the contract endorsing person is 'salesman 2 (Zhang V)'.
Fig. 7 illustrates a field value obtaining method for a role property field in a form, including: the field value defining the role property field includes a role field value and a user field value, i.e., a role field value and a user field value are part of the field value, respectively.
Acquiring a user field value: and automatically acquiring a current user of the login system or an employee corresponding to the current user as a user field value in the field values of the role property fields. For example, when the current user logging in the system is a user A and a field value is set for a role property field 'contract signer' contained in the form, the user A is automatically used as the user field value in the field value of the contract signer. For another example, when the current user who logs in the system is user a, the user a corresponds to employee zhang, and a field value is set for a character property field "contract signer" contained in the form, zhang san is automatically used as the user field value in the field value of the contract signer.
Acquiring a role field value: after the field value of the user is obtained, if only one role currently associated with the user is available, the role is automatically obtained to serve as the role field value in the field values of the role property field; if the current user has two or more roles associated currently, selecting one role from all roles associated currently by the current user as a role field value in the field values of the role property fields; the roles are independent individuals, not groups/classes, and one role can only be associated with a unique user and one user is associated with one or more roles in the same time period. For example, if the current user logging in the system is user a, and the user a is associated with salesperson 1, and after the user a is selected as the user field value of the contract endorsing person, the value of the role field in the field value of the contract endorsing person, that is, the field value of the contract endorsing person is "user a (salesperson 1)", automatically. For another example, if the current user logged in to the system is user a, and user a is associated with salesperson 1, clerk 1 and cashier 1, after user a is selected as the user field value of the contract endorsing person, salesperson 1 is selected as the role field value among the field values of the contract endorsing person, that is, the field value of the contract endorsing person is "user a (salesperson 1).
The role belongs to a department, the role is authorized according to the work content of the role, the name of the role is unique under the department, and the serial number of the role is unique in the system. The user determines (obtains) the authority by its association with the role, one employee to each user and one user to each employee.
And when the user adjusts the post across departments, canceling the association between the user and the role in the original department, and associating the user with the role in the new department. After the roles are created, the roles can be associated in the process of creating the user, or can be associated at any time after the creation of the user is completed. After the user associates the roles, the association relation with the roles can be released at any time, and the association relation with other roles can be established at any time.
Fig. 8 illustrates a field value obtaining method for a role property field in a form, including: the field value defining the role property field includes a role field value and a user field value, i.e., a role field value and a user field value are part of the field value, respectively.
And the staff logs in the system according to the corresponding user.
Selecting a current role: after the employee logs in the system, the default role of the user is the current role or the employee selects one role except the default role from all roles associated with the user corresponding to the employee as the current role, and the default role is one or only one. For example, employee zhang corresponds to user a, user a associates salesman 1, clerk 1, and cashier 1, and salesman 1 is the default role, and salesman 1 is the current role, or one of clerk 1 and cashier 1 may be selected as the current role.
After the employee logs in the system, the system displays the default roles (one user has and only has one default role) associated with the user and the authority corresponding to the default roles to the employee, and the employee can select one role other than the default role in all roles associated with the employee and the authority corresponding to the role to display. After the system displays the default role to the employee, if the employee does not select the role any more, the default role is the current role, if the employee selects the role again, the selected role is the current role, the system displays according to the authority of the current role, and the user operates according to the authority of the current role.
Acquiring a role field value: and automatically acquiring the current role as a role field value in the field values of the role property fields, wherein the roles are independent individuals rather than groups/classes, one role can only be associated with a unique user at the same time period, and one user is associated with one or more roles. For example, when the current role is salesperson 1 and a field value is set for the role property field "contractor" in the form, salesperson 1 is automatically set as a role field value in the field value of the contractor.
The role belongs to a department, the role is authorized according to the work content of the role, the name of the role is unique under the department, and the serial number of the role is unique in the system. The user determines (obtains) the authority by its association with the role, one employee to each user and one user to each employee.
And when the user adjusts the post across departments, canceling the association between the user and the role in the original department, and associating the user with the role in the new department. After the roles are created, the roles can be associated in the process of creating the user, or can be associated at any time after the creation of the user is completed. After the user associates the roles, the association relation with the roles can be released at any time, and the association relation with other roles can be established at any time.
Acquiring a user field value: and after the role field value is obtained, automatically obtaining the user currently associated with the current role as the user field value in the role property field value, or automatically obtaining the employee corresponding to the user currently associated with the current role as the user field value in the role property field value. For example, when the current role is salesperson 1, the salesperson 1 is currently associated with a user a, and when a field value is set for a role property field "contract endorsing person" in the form, after the value of the role field in the field value of the salesperson 1 is regarded as the contract endorsing person, the value of the user field in the field value of the contract endorsing person is automatically regarded as the user field value, that is, the field value of the contract endorsing person is "salesperson 1 (user a)". For another example, when the current role is salesperson 1, the salesperson 1 is currently associated with user a, the user a corresponds to employee zhang, and when a field value is set for the role property field "contract endorsing person" in the form, after the salesperson 1 is set as the role field value in the field values for the contract endorsing person, the zhang is automatically set as the user field value in the field values for the contract endorsing person, that is, the field value for the contract endorsing person is "salesperson 1 (zhang)".
The foregoing is illustrative of the preferred embodiments of this invention, and it is to be understood that the invention is not limited to the precise form disclosed herein and that various other combinations, modifications, and environments may be resorted to, falling within the scope of the concept as disclosed herein, either as described above or as apparent to those skilled in the relevant art. And that modifications and variations may be effected by those skilled in the art without departing from the spirit and scope of the invention as defined by the appended claims.

Claims (10)

1. The method for acquiring the field value of the role property field in the form is characterized by comprising the following steps:
displaying candidate field values corresponding to character property fields, wherein the candidate field values are characters, the characters are independent individuals, but not groups/classes, one character can only be associated with a unique user at the same time period, and one user is associated with one or more characters; one employee corresponds to one user, and one user corresponds to one employee;
acquiring a field value: selecting a role from the candidate field values as a field value of the role property field;
the field value obtaining method also comprises the step of modifying the user field value: and replacing the user currently used as the user field value with one of all users associated with the role, or replacing the employee currently used as the user field value with one of all employees corresponding to all users associated with the role.
2. The method for acquiring the field value of the role property field in the form is characterized by comprising the following steps:
displaying candidate field values corresponding to character property fields, wherein the candidate field values are characters, the characters are independent individuals, but not groups/classes, one character can only be associated with a unique user at the same time period, and one user is associated with one or more characters; one employee corresponds to one user, and one user corresponds to one employee;
acquiring a role field value: selecting a role from the candidate field values as a role field value in the field values of the role property field;
acquiring a user field value: and after the role field value is obtained, automatically obtaining a user currently associated with the selected role as a user field value in the role property field value, or automatically obtaining an employee corresponding to the user currently associated with the selected role as a user field value in the role property field value.
3. The method for obtaining the field value of the character property field in the form according to claim 2, wherein the method for obtaining the field value further comprises the step of modifying the field value of the user: and replacing the user currently used as the user field value with one of all users associated with the role, or replacing the employee currently used as the user field value with one of all employees corresponding to all users associated with the role.
4. The method for obtaining the field value of the character property field in the form according to claim 2 or 3, wherein the user determines the authority by the association of the user with the character, one employee for each user, and one user for each employee.
5. The method for obtaining a field value of a character property field in a form according to claim 2, wherein the character belongs to a department, the character is authorized according to work content of the character, a name of the character is unique under the department, and a number of the character is unique in a system.
6. The method for obtaining the field value of the character property field in the form according to claim 5, wherein when the user performs post adjustment across departments, the association between the user and the character in the original department is cancelled, and the user and the character in the new department are associated.
7. The method for acquiring the field value of the role property field in the form is characterized by comprising the following steps:
acquiring a user field value: automatically acquiring a current user of a login system or an employee corresponding to the current user as a user field value in the field values of the role property fields;
acquiring a role field value: after the field value of the user is obtained, if only one role currently associated with the user is available, the role is automatically obtained to serve as the role field value in the field values of the role property field; if the current user has two or more roles associated currently, selecting one role from all roles associated currently by the current user as a role field value in the field values of the role property fields; the roles are independent individuals, not groups/classes, one role can only be associated with a unique user at the same time period, and one user is associated with one or more roles; one employee corresponds to one user and one user corresponds to one employee.
8. The method for obtaining the field value of the character property field in the form according to claim 7, wherein the user determines the authority by its association with the character, one employee to one user and one user to one employee.
9. The method for acquiring the field value of the role property field in the form is characterized by comprising the following steps:
the staff logs in the system according to the corresponding user;
selecting a current role: after the employee logs in the system, the default role of the user is the current role or the employee selects one role except the default role from all roles associated with the user corresponding to the employee as the current role, wherein the default role is one or only one;
acquiring a role field value: automatically acquiring the current role as a role field value in the field values of the role property fields, wherein the roles are independent individuals, but not groups/classes, one role can only be associated with a unique user at the same time period, and one user is associated with one or more roles; one employee corresponds to one user, and one user corresponds to one employee;
acquiring a user field value: and after the role field value is obtained, automatically obtaining the user currently associated with the current role as the user field value in the role property field value, or automatically obtaining the employee corresponding to the user currently associated with the current role as the user field value in the role property field value.
10. The method for obtaining the field value of the character property field in the form according to claim 9, wherein the user determines the authority by its association with the character, one employee to one user and one user to one employee.
CN201810690606.0A 2017-07-07 2018-06-28 Method for acquiring field value of role property field in form Active CN108875054B (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201710553309.7A CN107292144A (en) 2017-07-07 2017-07-07 The field value-acquiring method of role's property field in list
CN2017105533097 2017-07-07

Publications (2)

Publication Number Publication Date
CN108875054A CN108875054A (en) 2018-11-23
CN108875054B true CN108875054B (en) 2021-04-09

Family

ID=60100954

Family Applications (2)

Application Number Title Priority Date Filing Date
CN201710553309.7A Pending CN107292144A (en) 2017-07-07 2017-07-07 The field value-acquiring method of role's property field in list
CN201810690606.0A Active CN108875054B (en) 2017-07-07 2018-06-28 Method for acquiring field value of role property field in form

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CN201710553309.7A Pending CN107292144A (en) 2017-07-07 2017-07-07 The field value-acquiring method of role's property field in list

Country Status (2)

Country Link
CN (2) CN107292144A (en)
WO (1) WO2019007261A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107292144A (en) * 2017-07-07 2017-10-24 成都牵牛草信息技术有限公司 The field value-acquiring method of role's property field in list
CN112632391A (en) * 2020-12-30 2021-04-09 深圳市华傲数据技术有限公司 Data processing method, device and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102004868A (en) * 2009-09-01 2011-04-06 上海杉达学院 Role access control-based information system data storage layer and building method
CN102053969A (en) * 2009-10-28 2011-05-11 上海宝信软件股份有限公司 Web ERP (enterprise resource planning) user right management system
CN104462888A (en) * 2014-12-25 2015-03-25 遵义国正科技有限责任公司 User authority management system in passenger transportation management information system
CN106488789A (en) * 2014-07-11 2017-03-08 科乐美数码娱乐株式会社 Games system, game control device, program and information storage medium
CN106790060A (en) * 2016-12-20 2017-05-31 微梦创科网络科技(中国)有限公司 The right management method and device of a kind of role-base access control

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7284000B2 (en) * 2003-12-19 2007-10-16 International Business Machines Corporation Automatic policy generation based on role entitlements and identity attributes
US8271527B2 (en) * 2004-08-26 2012-09-18 Illinois Institute Of Technology Refined permission constraints using internal and external data extraction in a role-based access control system
CN101299694B (en) * 2007-04-30 2012-04-25 华为技术有限公司 Method and system for managing caller in household network, household gateway
CN102930226B (en) * 2012-10-25 2015-01-07 无锡中科泛在信息技术研发中心有限公司 Method for controlling use permission of fine-grained client
CN103632082B (en) * 2013-12-10 2016-08-17 惠州华阳通用电子有限公司 A kind of general-purpose rights management system and method
KR101668550B1 (en) * 2015-01-07 2016-10-21 충북대학교 산학협력단 Apparatus and Method for Allocating Role and Permission based on Password
CN107292144A (en) * 2017-07-07 2017-10-24 成都牵牛草信息技术有限公司 The field value-acquiring method of role's property field in list

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102004868A (en) * 2009-09-01 2011-04-06 上海杉达学院 Role access control-based information system data storage layer and building method
CN102053969A (en) * 2009-10-28 2011-05-11 上海宝信软件股份有限公司 Web ERP (enterprise resource planning) user right management system
CN106488789A (en) * 2014-07-11 2017-03-08 科乐美数码娱乐株式会社 Games system, game control device, program and information storage medium
CN104462888A (en) * 2014-12-25 2015-03-25 遵义国正科技有限责任公司 User authority management system in passenger transportation management information system
CN106790060A (en) * 2016-12-20 2017-05-31 微梦创科网络科技(中国)有限公司 The right management method and device of a kind of role-base access control

Also Published As

Publication number Publication date
WO2019007261A1 (en) 2019-01-10
CN108875054A (en) 2018-11-23
CN107292144A (en) 2017-10-24

Similar Documents

Publication Publication Date Title
CN108764833B (en) Method for setting approval roles according to departments by workflow approval nodes
CN108920915B (en) Form field value operation authority authorization method
CN109032458B (en) Form data authorization method based on role acquisition
CN108694557B (en) Workflow and method for setting form field operation authority of approval node thereof
CN109214150B (en) Form operation authority authorization method based on role
CN108805532B (en) Efficient examination and approval method for workflow examination and approval nodes
CN107103228B (en) Role-based one-to-one authorization method and system for user permission
CN108804948B (en) Associated information authorization method of form
CN109064138B (en) Authorization method for displaying current authority state of all system users
CN109104425B (en) Method for setting operation record viewing authority based on time period
CN108898317B (en) Method for respectively authorizing form operation authority according to form field values
CN108984715B (en) Method for setting approval process based on basis field
CN108875391B (en) Authority display method for system after employee logs in account
CN108921520B (en) Statistical list operation authority authorization method
CN108920940B (en) Method for authorizing field value of form field through third-party field
CN108985659B (en) Method for carrying out approval process and approval node authorization on user
KR20200029029A (en) How to set authority in the user's information exchange unit in the system
CN108958870B (en) Shortcut function setting method
CN108830565B (en) Menu authorization method based on role
CN109033861B (en) Method for authorizing authorized operator in system
CN108875054B (en) Method for acquiring field value of role property field in form
WO2018205940A1 (en) Organizational structure chart generation method based on one-to-one correspondence between roles and users, and application method
CN108875324B (en) Form authorization method based on form time property field
CN109067736B (en) Method for user/employee to obtain mailbox account in system
CN109086418B (en) Method for respectively authorizing operation authority of statistical list based on column values

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant