CN109558751A - A kind of access method of application program, device, server and storage medium - Google Patents
A kind of access method of application program, device, server and storage medium Download PDFInfo
- Publication number
- CN109558751A CN109558751A CN201811457392.9A CN201811457392A CN109558751A CN 109558751 A CN109558751 A CN 109558751A CN 201811457392 A CN201811457392 A CN 201811457392A CN 109558751 A CN109558751 A CN 109558751A
- Authority
- CN
- China
- Prior art keywords
- function
- open condition
- access
- user
- interface
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/629—Protecting access to data via a platform, e.g. using keys or access control rules to features or functions of an application
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of access method of application program, device, server and storage mediums.This method comprises: obtaining the user information of access application;The function access authority strategy of application program is called according to the user information, the function access authority strategy includes function field name and permission open condition item;Corresponding permission open condition field value is inquired according to the function field name;The permission open condition field value is matched with the permission open condition item, then to corresponding function interface in user's open applications program.Through the above technical solutions, the related data for obtaining user right automatically may be implemented, thus to having the function of that the user of permission opens.
Description
Technical field
The present embodiments relate to Internet technical field more particularly to a kind of access methods of application program, device, clothes
Business device and storage medium.
Background technique
With the rapid development of internet and database technology, the feature of present internet product maximum is exactly to need not
The update or upgrading stopped.Due to needing online new product in the business demand short time, and newly-increased product, function or component are usually wanted
It first runs and verifies under the test environment, therefore application developer first can only allow a part of user to produce using new function or newly
Product or certain products, certain functions are only open to certain specific users, to achieve the purpose that test and improvement, then opening
Originator needs to configure complete gray scale strategy in the database, is respectively processed to the access request of different user, gray scale plan
Slightly have the function of that the certain customers of permission are open specified for selecting.
Gray scale strategy is divided into two parts: dimension and rule.In access application, gray scale strategy is function access
Authorization policy, wherein what dimension referred to is exactly the permission open condition item of specified function, such as user geographical location (province, city,
Area etc.) and cell-phone number;Rule is exactly that specified function is open to the target user for meeting all dimensions, such as will be new online
It is specific province, city and region to geographical location that test function is open and mobile phone tail number is 0/1/2/3 user, realizes user with this
It shunts, open different function to different user.
Relevant data are usually all stored in Redies by the access method of the existing application program using gray scale strategy
In database, when handling the access request of user, needs to obtain the data of permission open condition item and execute corresponding function
Access authority strategy, these data are usually to write code manually by research staff to obtain, and parameter is write in code
The sentences such as assembly, access interface, the value of search access right open condition item, execution function access authority strategy.This mode exists
It is clearly disadvantageous: to write code dependent on research staff, need to spend the workload of many exploitations, joint debugging, test, Mei Dangxin
When increasing or deleting permission open condition item, requires research staff and write new code again, it is complicated for operation, strongly professional,
It researches and develops at high cost.
Summary of the invention
The present invention provides a kind of access method of application program, device, server and storage mediums, are obtained automatically with realizing
The related data of user right is taken, thus to having the function of that the user of permission opens.
In a first aspect, the embodiment of the invention provides a kind of access methods of application program, comprising:
Obtain the user information of access application;
The function access authority strategy of application program, the function access authority strategy packet are called according to the user information
Include function field name and permission open condition item;
Corresponding permission open condition field value is inquired according to the function field name;
The permission open condition field value is matched with the permission open condition item, then in user's open applications program
Corresponding function interface.
Further, before the user information for obtaining user's access application, further includes:
The corresponding permission open condition item of configuration feature access authority strategy and function field name;
The corresponding interface message of the function field name is configured, the interface message includes interface IP address and read method.
It is further, described that corresponding permission open condition field value is inquired according to the function field name, comprising:
Corresponding interface IP address and read method are inquired according to the function field name;
The interface IP address is accessed according to the read method;
Receive the data for the flat structure that the interface IP address returns;
Permission open condition field value is extracted from the data of the flat structure.
It is further, described that corresponding permission open condition field value is inquired according to the function field name, further includes:
Registration service list is obtained in ZooKeeper according to the interface message;
Long connection is established by Dubbo frame and the registration service list.
Further, before the user information for obtaining user's access application, further includes: configuration feature access
The priority of authorization policy.
Second aspect, the embodiment of the invention provides a kind of access mechanisms of application program, comprising:
Login module, for obtaining the user information of user's access application;
Tactful calling module, it is described for calling the function access authority strategy of application program according to the user information
Function access authority strategy includes function field name and permission open condition item;
Enquiry module, for inquiring corresponding permission open condition field value according to the function field name;
Permission opens module, matches for the permission open condition field value with the permission open condition item, then right
Corresponding function interface in user's open applications program.
Further, described device further include:
First configuration module, for before the user information for obtaining user's access application, configuration feature to be visited
Ask the corresponding permission open condition item of authorization policy and function field name;
Second configuration module, for configuring the corresponding interface message of the function field name, the interface message includes connecing
Port address and read method.
Further, the enquiry module, comprising:
Interface polls unit, for inquiring corresponding interface IP address and read method according to the function field name;
Access unit, for accessing the interface IP address according to the read method;
Receiving unit, for receiving the data for the flat structure that the interface IP address returns;
Extraction unit, for extracting permission open condition field value from the data of the flat structure.
The third aspect, the embodiment of the invention provides a kind of servers, comprising:
One or more processors;
Memory, for storing one or more programs;
When one or more of programs are executed by one or more of processors, so that one or more of processing
Device realizes the access method of application program as described in relation to the first aspect.
Fourth aspect, the embodiment of the invention also provides a kind of computer readable storage mediums, are stored thereon with computer
Program realizes the access method of application program as described in relation to the first aspect when the program is executed by processor.
The embodiment of the invention provides a kind of access method of application program, device, server and storage medium, this method
It include: the user information for obtaining user's access application;The function access right of application program is called according to the user information
Limit strategy, the function access authority strategy includes function field name and permission open condition item;According to the function field name
Inquire corresponding permission open condition field value;The permission open condition field value is matched with the permission open condition item,
Then to corresponding function interface in user's open applications program.Through the above technical solutions, may be implemented to obtain user's power automatically
The related data of limit, thus to having the function of that the user of permission opens.
Detailed description of the invention
Fig. 1 is a kind of flow chart of the access method for application program that the embodiment of the present invention one provides;
Fig. 2 is the schematic diagram for user's login application program that the embodiment of the present invention one provides;
Fig. 3 is the schematic diagram that function interface is specified in the opening that the embodiment of the present invention one provides;
Fig. 4 is a kind of flow chart of the access method of application program provided by Embodiment 2 of the present invention;
Fig. 5 is the schematic diagram of configuration interface provided by Embodiment 2 of the present invention;
Fig. 6 is another schematic diagram of configuration interface provided by Embodiment 2 of the present invention;
Fig. 7 is a kind of structural schematic diagram of the access mechanism for application program that the embodiment of the present invention three provides;
Fig. 8 is a kind of hardware structural diagram for server that the embodiment of the present invention four provides.
Specific embodiment
The present invention is described in further detail with reference to the accompanying drawings and examples.It is understood that this place is retouched
The specific embodiment stated is used only for explaining the present invention rather than limiting the invention.It also should be noted that in order to just
Only the parts related to the present invention are shown in description, attached drawing rather than entire infrastructure.
Embodiment one
Fig. 1 is a kind of flow chart of the access method for application program that the embodiment of the present invention one provides, and the present embodiment can fit
When for access application the case where specified function open to certain customers, used especially with gray scale policy system to part
Family opens the case where specified function.Specifically, the access method of the application program can be executed by the access mechanism of application program,
The access mechanism of the application program can be realized by way of software and/or hardware, and integrate in the server.Further
, server includes but is not limited to: industrial integrating server, system background server and cloud server.
With reference to Fig. 1, this method specifically comprises the following steps:
S110, the user information for obtaining user's access application.
Specifically, application program refers to complete the computer program of a certain or multinomial specific application purpose, it can be logical
Software, multimedia software, business software etc. are interrogated, application program operates in user mode, can interact with user, and having can
Depending on user interface, user can be by the client on the intelligent terminals such as computer, mobile phone, APP login application program, can also be by clear
Device of looking at logs in web application.Illustratively, when user logs in, server can obtain user's letter of user's access application
Breath, such as user identity proves (User Identification, UID) or account information, login password etc., wherein UID is
Each distinctive mark of user, the array that usually letter or number forms, to uniquely identify user's individual, UID
It is to judge whether the user has the essential feature of specified permission.In addition to this, user information may be that user uses application
The information that the information or user generated during program is filled in and uploaded.
Fig. 2 is the schematic diagram for user's login application program that the embodiment of the present invention one provides.As shown in Fig. 2, user logs in
When application program, need to input unique UID and corresponding login password, which can be cell-phone number, email address or word
The array of female, number and symbol composition after user clicks login button, sends access request to server, server, which receives, to be used
The access request at family carries out verifying login, while obtaining the user information of user's access application, contains in user information
The UID of the user.
Further, some specified functions and corresponding permission are set in the computer program of application program, for example, right
The function of brush face login is developed in multimedia application A, needs that a part of user is selected to test, then is logged in user
When application program, server also can get the set information that the application program specifies function.Illustratively, user, which logs in, applies journey
When sequence, the user information that server is got includes: that UID is Abcd111, this specified function is logged in brush face and is accessed
Limitation, i.e., the function of only logging in the open brush face of the user for meeting permission open condition, specifies the set information of function by applying
The developer of program sets in computer program, and in form can be able to be a strategy with online change or upgrading
Code, such as the set information of brush face login function is " Face1 ", when user needs to access this specified function, can call calculating
Tactful code " Face1 " in machine program, and judged whether according to the corresponding function access authority strategy of the strategy code to the user
This open function.
S120, the function access authority strategy that application program is called according to the user information, the function access authority
Strategy includes function field name and permission open condition item.
Specifically, including the set information of UID and specified function in the user information that server obtains, can call accordingly pre-
If function access authority strategy, the function access authority strategy includes function field name and permission open condition item.Function
Access authority strategy be it is preset, which defines that specified function can be used in the user for meeting what permission open condition
Can, and ungratified user is not available specified function then, wherein permission open condition item is the dimension in gray scale strategy,
Function field name is unique name to specify function and the setting of corresponding permission open condition item, to subsequent as inquiry
The foundation of permission open condition field value, function field name are corresponding with permission open condition item.Illustratively, for application
The brush face of program A logs in this specified function, calling function access authority strategy, the permission open condition item being related to are as follows: user
Geographical location (province, city, area), the corresponding function field name of this group of permission open condition item is denoted as First_channel.
It should be noted that gray scale strategy includes two parts: regular set and the dimension values for regular operation.
Wherein, rule can be the combination of complicated various logic, such as (A&&B&&C) | | (D&&E);Dimension values meet the logical groups
The user of conjunction is just the user with function access authority, to the open corresponding function of this kind of user.The set of rule can be adjusted
Whole and update.
S130, corresponding permission open condition field value is inquired according to the function field name.
Specifically, can specify what it was related to after calling function access authority strategy during access application
Permission open condition item and function field name can determine which permission open condition field needed to obtain according to function field name
Value, the permission open condition field value i.e. user correspond to the real-time actual value of permission open condition item, which can lead to
Cross the reading of access api interface.Illustratively, by function field name First_channel can to user geographical location (province, city,
Area) it is read out, which is by access application programming interface (Application Programming
Interface, API) it realizes, wherein API is some functions predetermined, and effect is to provide application program and developer
The ability with one group of course of access based on software or hardware, without accessing source code, internal work mechanism need not be specified.Example
Such as, it can be accessed to the api interface for obtaining user's real-time geographical locations by function field name First_channel, from the API
The data of user's actual geographic position are obtained in the data that interface returns.Above-mentioned query interface reads permission open condition field
The process of value is all not necessarily to research staff and writes code, but can be obtained automatically according to user information.
It should be noted that function field name and permission open condition item, corresponding API in function access authority strategy
Interface IP address be all it is pre-configured, when user's login application program, server need to only obtain the setting of UID and specified function
Information can inquire corresponding api interface address in the data being locally stored, and accessing the address can be obtained permission opening
Condition field value.Permission open condition field value be in real time, different user, different time permission open condition field value can
Can be different, but be all that the specific api interface of access obtains, therefore, it is pre-configured with each permission open condition item and function field name
Corresponding api interface address can obtain real-time permission open condition field value by accessing the address.
S140, the permission open condition field value are matched with the permission open condition item, then to user's open applications
Corresponding function interface in program.
Specifically, the permission open condition field value is matched with the permission open condition item, i.e., the user, which meets, is somebody's turn to do
The permission open condition of function, then to corresponding function interface in user's open applications program.Wherein, permission open condition item can
User is thought during access application, any personal information for the user that server is identified and stored, including but
It is not limited to the action trail data of user, account information, geographical location information, information of store purchase commodity etc..Illustratively,
Permission open condition item includes geographical location and UID tail number;Function access authority strategy is to geographical location be the raw area S, the city N M,
And the open brush face login function of the user that UID tail number is 5, and the permission open condition field value read by api interface
Are as follows: geographical location is the area S, the city N, M province, and UID tail number is 5, then the user meets permission open condition, and corresponding function is opened to it
Interface;If the permission open condition field value read by api interface are as follows: geographical location is the area S, the city N, M province, but UID tail
Number be 8, then the user is unsatisfactory for permission open condition, and corresponding function interface is not opened to it.
Fig. 3 is the schematic diagram that function interface is specified in the opening that the embodiment of the present invention one provides.As shown in figure 3, when permission is opened
When putting condition field value and matching with permission open condition item, which meets permission open condition, then corresponding function is opened to it
Energy interface, that is, go to the interface of brush face login, carries out face recognition to the user.And for permission open condition field value and power
The unmatched user of open condition item is limited, does not open the function of brush face login to it, such user can only be by as shown in Figure 2
Interface logs in.
The access method for a kind of application program that the embodiment of the present invention one provides, comprising: obtain user's access application
User information;The function access authority strategy of application program, the function access authority plan are called according to the user information
It slightly include function field name and permission open condition item;Corresponding permission open condition field is inquired according to the function field name
Value;The permission open condition field value is matched with the permission open condition item, then to corresponding in user's open applications program
Function interface.Through the above technical solutions, may be implemented to access api interface automatically to obtain the related data of user right,
To having the function of that the user of permission opens.
Embodiment two
Fig. 4 be a kind of flow chart of the access method of application program provided by Embodiment 2 of the present invention, the present embodiment be
On the basis of above-described embodiment, embodied.With reference to Fig. 4, this method specifically comprises the following steps:
The corresponding permission open condition item of S210, configuration feature access authority strategy and function field name.
Specifically, it is pre-configured with the corresponding permission open condition item of function access authority strategy and function field name, it is same
The function access authority strategy of application program can there are many, set in computer program by exploitation side, and can have
Different priority, such as level-one strategy, second level strategy.
Fig. 5 is the schematic diagram of configuration interface provided by Embodiment 2 of the present invention.Visualization interface as shown in Figure 5, research and development
Personnel can by button shown in interface and the corresponding permission open condition item of input frame editting function access authority strategy and
Function field name, to improve the ease for operation of configuration, without being realized by writing code.Illustratively, the level-one strategy in Fig. 5
Refer to that the function access authority strategy of brush face login function, permission open condition item are that field value compares digit, action type, ash
Angle value, the corresponding entitled UID of function field.The condition that permission open condition item needs to meet is configured simultaneously, for example, field value ratio
Compared with last position that digit is UID, action type is to compare whether it meets≤gray value, and gray value 9 is above to constitute
Function access authority strategy.
Further, it is gone forward side by side edlin by clicking rule editing button optional function access authority strategy;Pass through click
Inserting line button can add new strategy, i.e. second level strategy, and second level strategy is added under the premise of level-one strategy is opened,
For further judging the permission of user on the basis of level-one strategy, for example, the permission open condition item of second level strategy is word
Segment value compares digit, action type, gray value, and the corresponding entitled second_channel of function field, is to judge user
Log in whether channel is preset channel, for example, field value compares whole positions that digit is channel mark number, action type is packet
Containing (in) gray value, it includes 100010 (i.e. A channels) in the channel mark number of channel that gray value 100010, i.e. user, which log in,
When, specified function could be accessed, constitutes function access authority strategy above.
Optionally, the letter such as modification people, modification time, rule state, field description, remarks recently can be added in configuration process
Editor's information is checked convenient for administrative staff and recorded to breath.When developing new function, needing to configure new permission open condition item,
New permission open condition item and corresponding function field name can be increased by inserting line button.
S220, the corresponding interface message of the configuration function field name, the interface message includes interface IP address and reading
Method.
Specifically, be pre-configured with the information of api interface according to different function field names, to when user logs in from right
Search access right open condition field value in the api interface answered, the interface message include interface IP address and read method.Interface
Location is access address, and read method is substantially the method code for accessing the address, including interface IP address, return format, requesting party
Formula, Service Instance etc., when for user's login application program, server can be automatically according to the read method access interface of configuration
Location obtains permission open condition field value.
Fig. 6 is another schematic diagram of configuration interface provided by Embodiment 2 of the present invention.As shown in fig. 6, for function field
Name credit_sub_bu_type (the accredited channel that the function needs to read credit user), corresponding api interface address is
Com.fenqile.server.quota.limit.data.service..., then interface IP address and read method are pre-configured with
And be stored in local, when users log on, according to the function field name of acquisition can the corresponding interface IP address of Auto-matching, utilize
The read method of configuration obtains real-time permission open condition field value, for example, can be checked quickly fastly by access api interface address
Ask out geographical location information where user, including province, city, area etc..
It should be noted that different function field names has different interface messages, various function access authority strategies
Permission open condition item, function field name and interface message be preconfigured, and have corresponding relationship, user log in when,
Server can be inquired automatically and access corresponding api interface.Research staff can modify API by Edit button as shown in FIG. 6
The information of interface is matched when developing new function, needing to read new permission open condition field value also by addition field button
Set new function field name and corresponding interface message.
S230, the user information for obtaining user's access application.
It should be noted that the technical detail of detailed description not can be found in above-mentioned any embodiment in the present embodiment.
S240, the function access authority strategy that application program is called according to the user information, the function access authority
Strategy includes function field name and permission open condition item.
Specifically, the corresponding permission open condition item of function access authority strategy and function field name are in such as Fig. 3 institute
Be pre-configured in the configuration interface shown, the user information obtained according to server can calling function access authority strategy, according to matching
Set and automatically determine corresponding function field name and permission open condition item, wherein function access authority strategy can for one or
Multiple, multiple function access authority strategies have different priority.
S250, corresponding interface IP address and read method are inquired according to the function field name.
Specifically, corresponding interface IP address and read method, function field can be inquired automatically after determining function field name
The corresponding interface IP address of name and read method configure in configuration interface as shown in Figure 5 in advance.
S260, the interface IP address is accessed according to the read method.
S270, the data for receiving the flat structure that the interface IP address returns.
Specifically, receiving the JSON object of its return, the i.e. data of flat structure after accessing the interface IP address, wherein
JSON (JavaScript Object Notation) is a kind of data interchange format of lightweight, is programmed using being totally independent of
The text formatting of language stores and indicates data, has that succinct and clearly structure, easy to read and parsing can effectively mention
Rise network transmission efficiency.The form for the JSON object that api interface returns is as follows:
/**
* permission open condition field -- user uid
*/
private Interger uid;
/**
* permission open condition field -- province
*/
private Interger provinceId;
/**
* permission open condition field -- city
*/
private Interger cityId;
Show to the clear data of above-mentioned flat structure permission open condition field value.
S280, permission open condition field value is extracted from the data of the flat structure.
Specifically, it is corresponding to contain each permission open condition item side by side in the data for the flat structure that api interface returns
Field value therefrom can recognize and extract permission open condition field value as reading result.
S290, the permission open condition field value are matched with the permission open condition item, then to user's open applications
Corresponding function interface in program.
Specifically, meet permission open condition if permission open condition field value is matched with permission open condition item, it can
To the interface for specifying function in user's open applications program.
Further, when permission open condition field value is matched with permission open condition item, to user's open applications journey
Corresponding function interface in sequence, can refer to allows user using specified function, such as function newly developed is open to a small amount of use
Family is on probation;It is also possible to open after the code optimization reconstruct of application program to a small amount of user to carry out test verifying, to reduce generation
Code reconstruct brings dysgenic risk to user;Or the opening of crucial entrance is controlled, such as the lower single interface of control
It is open, when finding that certain class user has very high risk of fraud, the visit of this kind of user is closed by function access authority strategy
Ask entrance;It can also be the switching of control function and process, such as when inquiring the authentication information of the Ministry of Public Security, there is different public affairs
Department for application program provides query service, when the service of company A is unstable, can be switched to B by function access authority strategy
The service of company can be with if the service of all companies is all unstable or exception all occurs in the external interface of the entire Ministry of Public Security
It is switched to spare processing function by function access authority strategy, to guarantee the stability of user's access application.
Need illustrate to, in the access method of the application program of the present embodiment, function privilege opening strategy dependency number
According to all configuring in advance, and intuitively configured in visualization interface, and in user's login application program, only need
By following code, according to ginseng is simply entered, it can be realized and judge permission and the function specified to the user's opening just having permission,
Code is as follows:
Wherein, only pass through if (switchCache.isHitGrayStrategy (" LBS_REPORT ", uid)) language
Sentence simply enters ginseng by function privilege opening strategy and UID, can inquire and access api interface automatically, obtains function privilege
Open condition field value, to judge that the user meets gray level logic and (meets permission open condition, specified function can be opened to it
Can), or should be normal logic (being unsatisfactory for permission open condition, specified function is not opened to it).
It is further, described that corresponding permission open condition field value is inquired according to the function field name, further includes:
Registration service list is obtained in ZooKeeper according to the interface message;
Long connection is established by Dubbo frame and the registration service list.
Specifically, ZooKeeper is one distributed, the distributed application program coordination service of open source code,
ZooKeeper can guarantee server automatic sensing api interface and issue access request to these api interfaces, generate the API and connect
The registration service list of mouth simultaneously stores registration service information.Dubbo is a kind of high performance distributed service framework, is capable of providing
Remote service invocation scheme realizes the output and input function of service, and long connection refers to can continuously transmit in a connection
Multiple data packets establish long connection by Dubbo frame and the registration service list, i.e., can be to multiple by Dubbo frame
Api interface carries out asynchronous call, while initiating multiple concurrent interface access requests to obtain different permission open condition words
Segment value, in addition, Dubbo frame also has the characteristics that extensive calling, it can be achieved that dynamically calling on api interface under different scenes,
Immediately it establishes connection and dynamic replaces target interface, improve the execution efficiency of function access authority strategy.
Further, before the user information for obtaining user's access application, further includes: configuration feature access
The priority of authorization policy.
Specifically, function access authority strategy can be to be multiple, multiple function access authority strategies have different preferential
Grade, such as level-one strategy and second level strategy.
Further, before the user information for obtaining user's access application, further includes: configuration feature access
The white list of authorization policy.
Specifically, be the target user of function access authority strategy by specific user setting by configuring white list,
Then when user's login application program, the interface of specified function is directly opened to it, is no longer needed to according to function field name query interface
Information simultaneously reads permission open condition field value.
A kind of access method of application program provided by Embodiment 2 of the present invention carries out excellent on the basis of the above embodiments
Change, by the relevant information of visualization interface quickly and easily configuration feature access authority strategy, and configures interface message, it can
Neatly increase, deletion, modification authority open condition item and interface message;It can be in configured information according to function field name
It inquires corresponding interface IP address and accesses, receive the data of the flat structure of return, convenient for automatic identification and extract permission
Open condition field value;Long connection is established by Dubbo frame, to realize dynamic, asynchronous call api interface, access is improved and connects
The efficiency of mouth, and then realize to utilize and simply enter to join the related data that can obtain user right automatically, thus to permission
The open function of user.
Embodiment three
Fig. 7 is a kind of structural schematic diagram of the access mechanism for application program that the embodiment of the present invention three provides.The present embodiment
The access mechanism of the application program of offer includes:
Login module 310, for obtaining the user information of user's access application;
Tactful calling module 320, for calling the function access authority strategy of application program, institute according to the user information
Stating function access authority strategy includes function field name and permission open condition item;
Enquiry module 330, for inquiring corresponding permission open condition field value according to the function field name;
Permission opens module 340, matches for the permission open condition field value with the permission open condition item, then
To corresponding function interface in user's open applications program.
A kind of access mechanism for application program that the embodiment of the present invention four provides obtains user's access by login module and answers
With the user information of program;The function access authority plan of application program is called according to the user information by tactful calling module
Slightly, the function access authority strategy includes function field name and permission open condition item;By enquiry module according to the function
It can the corresponding permission open condition field value of field name inquiry;By the open module of permission in the permission open condition field value
When being matched with the permission open condition item, to corresponding function interface in user's open applications program.Pass through above-mentioned technical side
The related data for obtaining user right automatically may be implemented, thus to having the function of that the user of permission opens in case.
On the basis of the above embodiments, described device further include:
First configuration module, for before the user information for obtaining user's access application, configuration feature to be visited
Ask the corresponding permission open condition item of authorization policy and function field name;
Second configuration module, for configuring the corresponding interface message of the function field name, the interface message includes connecing
Port address and read method
Further, the enquiry module 330, comprising:
Interface polls unit, for inquiring corresponding interface IP address and read method according to the function field name;
Access unit, for accessing the interface IP address according to the read method;
Receiving unit, for receiving the data for the flat structure that the interface IP address returns;
Extraction unit, for extracting permission open condition field value from the data of the flat structure.
Further, the enquiry module 330, further includes:
Registration service list acquiring unit, for obtaining registration service column in ZooKeeper according to the interface message
Table;
Connection unit, for establishing long connection by Dubbo frame and the registration service list.
Further, described device further include:
Third configuration module, for before the user information for obtaining user's access application, configuration feature to be visited
Ask the priority of authorization policy.
The access mechanism for the application program that the embodiment of the present invention four provides can be used for executing above-mentioned any embodiment and provide
Application program access method, have corresponding function and beneficial effect.
Example IV
Fig. 8 is a kind of hardware structural diagram for server that the embodiment of the present invention four provides.As shown in figure 8, this implementation
A kind of server that example provides, comprising: processor 410 and storage device 420.Processor in the server can be one or
Multiple, in Fig. 8 by taking a processor 410 as an example, processor 410 and storage device 420 in the server can be by total
Line or other modes connect, in Fig. 8 for being connected by bus.
One or more of programs are executed by one or more of processors 410, so that one or more of places
Reason device realizes the access method of any application program in above-described embodiment.
Storage device 420 in the server is used as a kind of computer readable storage medium, can be used for storing one or more
A program, described program can be software program, computer executable program and module, as applied journey in the embodiment of the present invention
Corresponding program instruction/the module of the access method of sequence is (for example, the module in the access mechanism of attached application program shown in fig. 5, packet
It includes: login module 310, tactful calling module 320, enquiry module 330 and the open module 340 of permission).Processor 410 passes through
Run the software program, instruction and the module that are stored in storage device 420, thereby executing server various function application with
And data processing, that is, realize the access method of the application program in above method embodiment.
Storage device 420 mainly includes storing program area and storage data area, wherein storing program area can store operation system
Application program needed for system, at least one function;Storage data area, which can be stored, uses created data etc. according to server
(the permission open condition field value in such as above-described embodiment, user information).In addition, storage device 420 may include high speed
Random access memory, can also include nonvolatile memory, a for example, at least disk memory, flush memory device or
Other non-volatile solid state memory parts.In some instances, storage device 420 can further comprise relative to processor 410
Remotely located memory, these remote memories can pass through network connection to server.The example of above-mentioned network include but
It is not limited to internet, intranet, local area network, mobile radio communication and combinations thereof.
Also, when one or more program included in above-mentioned server is by one or more of processors 410
When execution, program is proceeded as follows:
Obtain the user information of user's access application;The function access of application program is called according to the user information
Authorization policy, the function access authority strategy include function field name and permission open condition item;According to the function field
Name inquires corresponding permission open condition field value;The permission open condition field value and the permission open condition item
Match, then to corresponding function interface in user's open applications program.
The access method for the application program that the equipment and above-described embodiment that the present embodiment proposes propose belongs to same invention structure
Think, the technical detail of detailed description not can be found in above-mentioned any embodiment in the present embodiment, and the present embodiment has and holds
The identical beneficial effect of the access method of row application program.
On the basis of the above embodiments, the present embodiment also provides a kind of computer readable storage medium, is stored thereon with
Computer program realizes the application journey in the above-mentioned any embodiment of the present invention when program is executed by the access mechanism of application program
The access method of sequence, this method comprises:
Obtain the user information of user's access application;The function access of application program is called according to the user information
Authorization policy, the function access authority strategy include function field name and permission open condition item;According to the function field
Name inquires corresponding permission open condition field value;The permission open condition field value and the permission open condition item
Match, then to corresponding function interface in user's open applications program.
Certainly, a kind of storage medium comprising computer executable instructions, computer provided by the embodiment of the present invention
The access method for the application program that executable instruction is not limited to the described above operates, and any embodiment of that present invention institute can also be performed
Relevant operation in the access method of the application program of offer, and have corresponding function and beneficial effect.
By the description above with respect to embodiment, it is apparent to those skilled in the art that, the present invention
It can be realized by software and required common hardware, naturally it is also possible to which by hardware realization, but in many cases, the former is more
Good embodiment.Based on this understanding, technical solution of the present invention substantially in other words contributes to the prior art
Part can be embodied in the form of software products, which can store in computer readable storage medium
In, floppy disk, read-only memory (Read-Only Memory, ROM), random access memory (Random such as computer
Access Memory, RAM), flash memory (FLASH), hard disk or CD etc., including some instructions are with so that a computer is set
Standby (can be personal computer, server or the network equipment etc.) executes application program described in each embodiment of the present invention
Access method.
Note that the above is only a better embodiment of the present invention and the applied technical principle.It will be appreciated by those skilled in the art that
The invention is not limited to the specific embodiments described herein, be able to carry out for a person skilled in the art it is various it is apparent variation,
It readjusts and substitutes without departing from protection scope of the present invention.Therefore, although being carried out by above embodiments to the present invention
It is described in further detail, but the present invention is not limited to the above embodiments only, without departing from the inventive concept, also
It may include more other equivalent embodiments, and the scope of the invention is determined by the scope of the appended claims.
Claims (10)
1. a kind of access method of application program characterized by comprising
Obtain the user information of access application;
The function access authority strategy of application program is called according to the user information, the function access authority strategy includes function
It can field name and permission open condition item;
Corresponding permission open condition field value is inquired according to the function field name;
The permission open condition field value is matched with the permission open condition item, then to corresponding in user's open applications program
Function interface.
2. the method according to claim 1, wherein in the user information for obtaining user's access application
Before, further includes:
The corresponding permission open condition item of configuration feature access authority strategy and function field name;
The corresponding interface message of the function field name is configured, the interface message includes interface IP address and read method.
3. according to the method described in claim 2, it is characterized in that, described inquire corresponding permission according to the function field name
Open condition field value, comprising:
Corresponding interface IP address and read method are inquired according to the function field name;
The interface IP address is accessed according to the read method;
Receive the data for the flat structure that the interface IP address returns;
Permission open condition field value is extracted from the data of the flat structure.
4. according to the method described in claim 3, it is characterized in that, described inquire corresponding permission according to the function field name
Open condition field value, further includes:
Registration service list is obtained in ZooKeeper according to the interface message;
Long connection is established by Dubbo frame and the registration service list.
5. the method according to claim 1, wherein in the user information for obtaining user's access application
Before, further includes:
The priority of configuration feature access authority strategy.
6. a kind of access mechanism of application program characterized by comprising
Login module, for obtaining the user information of user's access application;
Tactful calling module, for calling the function access authority strategy of application program, the function according to the user information
Access authority strategy includes function field name and permission open condition item;
Enquiry module, for inquiring corresponding permission open condition field value according to the function field name;
Permission opens module, matches for the permission open condition field value with the permission open condition item, then to user
Corresponding function interface in open applications program.
7. device according to claim 6, which is characterized in that further include:
First configuration module, for it is described obtain user's access application user information before, configuration feature access right
The corresponding permission open condition item of limit strategy and function field name;
Second configuration module, for configuring the corresponding interface message of the function field name, the interface message includes interface
Location and read method.
8. device according to claim 6, which is characterized in that the enquiry module, comprising:
Interface polls unit, for inquiring corresponding interface IP address and read method according to the function field name;
Access unit, for accessing the interface IP address according to the read method;
Receiving unit, for receiving the data for the flat structure that the interface IP address returns;
Extraction unit, for extracting permission open condition field value from the data of the flat structure.
9. a kind of server characterized by comprising
One or more processors;
Memory, for storing one or more programs;
When one or more of programs are executed by one or more of processors, so that one or more of processors are real
Now such as the access method of application program as claimed in any one of claims 1 to 5.
10. a kind of computer readable storage medium, is stored thereon with computer program, which is characterized in that the program is by processor
The access method such as application program as claimed in any one of claims 1 to 5 is realized when execution.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811457392.9A CN109558751A (en) | 2018-11-30 | 2018-11-30 | A kind of access method of application program, device, server and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811457392.9A CN109558751A (en) | 2018-11-30 | 2018-11-30 | A kind of access method of application program, device, server and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109558751A true CN109558751A (en) | 2019-04-02 |
Family
ID=65868353
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811457392.9A Pending CN109558751A (en) | 2018-11-30 | 2018-11-30 | A kind of access method of application program, device, server and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109558751A (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110213290A (en) * | 2019-06-14 | 2019-09-06 | 无锡华云数据技术服务有限公司 | Data capture method, API gateway and storage medium |
| CN110287709A (en) * | 2019-05-22 | 2019-09-27 | 深圳壹账通智能科技有限公司 | User's operation authority control method, device, equipment and medium |
| CN110889132A (en) * | 2019-11-04 | 2020-03-17 | 中盈优创资讯科技有限公司 | Distributed application permission verification method and device |
| CN110888814A (en) * | 2019-11-29 | 2020-03-17 | 中国银行股份有限公司 | Application program gray level publishing method and device based on white list |
| CN111277638A (en) * | 2020-01-15 | 2020-06-12 | 北京奇艺世纪科技有限公司 | Control method and server |
| CN111709050A (en) * | 2020-05-21 | 2020-09-25 | 四川虹美智能科技有限公司 | Method and device for initializing permission configuration parameters |
| CN111949970A (en) * | 2020-07-20 | 2020-11-17 | 上海淇馥信息技术有限公司 | Method and device for acquiring target resource data and electronic equipment |
| CN112052030A (en) * | 2020-08-24 | 2020-12-08 | 东风汽车有限公司 | Interface authority configuration method, storage medium and system of vehicle-mounted application program |
| CN112380524A (en) * | 2020-11-13 | 2021-02-19 | 浪潮电子信息产业股份有限公司 | Interface service authority management method and system based on WEB platform |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101004680A (en) * | 2006-11-23 | 2007-07-25 | 福建顶点软件股份有限公司 | Flexible, fast software development method and support system by using kernels of direct operation object model definition |
| US7461135B2 (en) * | 2004-10-29 | 2008-12-02 | Hitachi, Ltd. | Computer and access control method in a computer |
| CN103534705A (en) * | 2011-05-27 | 2014-01-22 | 苹果公司 | Private and public applications |
| CN103530568A (en) * | 2012-07-02 | 2014-01-22 | 阿里巴巴集团控股有限公司 | Authority control method, device and system |
| CN107295077A (en) * | 2017-06-16 | 2017-10-24 | 深圳易嘉恩科技有限公司 | Distributed cloud platform system based on micro services framework |
-
2018
- 2018-11-30 CN CN201811457392.9A patent/CN109558751A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7461135B2 (en) * | 2004-10-29 | 2008-12-02 | Hitachi, Ltd. | Computer and access control method in a computer |
| CN101004680A (en) * | 2006-11-23 | 2007-07-25 | 福建顶点软件股份有限公司 | Flexible, fast software development method and support system by using kernels of direct operation object model definition |
| CN103534705A (en) * | 2011-05-27 | 2014-01-22 | 苹果公司 | Private and public applications |
| CN103530568A (en) * | 2012-07-02 | 2014-01-22 | 阿里巴巴集团控股有限公司 | Authority control method, device and system |
| CN107295077A (en) * | 2017-06-16 | 2017-10-24 | 深圳易嘉恩科技有限公司 | Distributed cloud platform system based on micro services framework |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110287709A (en) * | 2019-05-22 | 2019-09-27 | 深圳壹账通智能科技有限公司 | User's operation authority control method, device, equipment and medium |
| CN110287709B (en) * | 2019-05-22 | 2023-04-28 | 深圳壹账通智能科技有限公司 | User operation authority control method, device, equipment and medium |
| CN110213290A (en) * | 2019-06-14 | 2019-09-06 | 无锡华云数据技术服务有限公司 | Data capture method, API gateway and storage medium |
| CN110889132A (en) * | 2019-11-04 | 2020-03-17 | 中盈优创资讯科技有限公司 | Distributed application permission verification method and device |
| CN110888814A (en) * | 2019-11-29 | 2020-03-17 | 中国银行股份有限公司 | Application program gray level publishing method and device based on white list |
| CN110888814B (en) * | 2019-11-29 | 2023-09-12 | 中国银行股份有限公司 | Application program gray level release method and device based on white list |
| CN111277638A (en) * | 2020-01-15 | 2020-06-12 | 北京奇艺世纪科技有限公司 | Control method and server |
| CN111709050A (en) * | 2020-05-21 | 2020-09-25 | 四川虹美智能科技有限公司 | Method and device for initializing permission configuration parameters |
| CN111949970A (en) * | 2020-07-20 | 2020-11-17 | 上海淇馥信息技术有限公司 | Method and device for acquiring target resource data and electronic equipment |
| CN112052030A (en) * | 2020-08-24 | 2020-12-08 | 东风汽车有限公司 | Interface authority configuration method, storage medium and system of vehicle-mounted application program |
| CN112380524A (en) * | 2020-11-13 | 2021-02-19 | 浪潮电子信息产业股份有限公司 | Interface service authority management method and system based on WEB platform |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109558751A (en) | A kind of access method of application program, device, server and storage medium | |
| KR102211374B1 (en) | Method and device for outputting risk information and constructing risk information | |
| Schoon et al. | Decolonising digital media research methods: Positioning African digital experiences as epistemic sites of knowledge production | |
| US20210342547A1 (en) | System for focused conversation context management in a reasoning agent/behavior engine of an agent automation system | |
| US20180203857A1 (en) | Automated data exploration and validation | |
| CN112084315A (en) | Question-answer interaction method, device, storage medium and equipment | |
| CN109977216A (en) | Dialogue recommended method and system based on scene | |
| US20220172303A1 (en) | Social networking conversation participants | |
| US11645623B1 (en) | Resource management system | |
| US10366162B2 (en) | Cognitive entity reference recognition | |
| US20210133692A1 (en) | Routing participants to meetings | |
| US10679003B2 (en) | Assisting with written communication style based on recipient dress style | |
| Dell’erba et al. | Exploiting semantic web technologies for harmonizing e-markets | |
| US11870635B2 (en) | System and method for integration of dynamic embedded process communications | |
| CN116578984A (en) | Risk management and control method, system, equipment and medium for business data | |
| Apolinarski et al. | Automating the generation of privacy policies for context-sharing applications | |
| WO2022206307A1 (en) | Method for electronic messaging using image based noisy content | |
| Sambir et al. | Recruiting software architecture using user generated data | |
| KR20080042212A (en) | System and method for multichannel composer and majority and minority report pulication | |
| WO2019019456A1 (en) | Claim settlement data processing method and apparatus, computer device and storage medium | |
| CN111145004B (en) | Intelligent financial auditing platform based on editable workflow | |
| US20210065573A1 (en) | Answer validation and education within artificial intelligence (ai) systems | |
| US12019627B2 (en) | Automatically and incrementally specifying queries through dialog understanding in real time | |
| US20230004555A1 (en) | Automatically and incrementally specifying queries through dialog understanding in real time | |
| Bergholm | Development of a Facebook Messenger chatbot application for social media event discovery |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190402 |
|
| RJ01 | Rejection of invention patent application after publication |