CN110750765A - Service system, front-end page control method thereof, computer device, and storage medium - Google Patents
Service system, front-end page control method thereof, computer device, and storage medium Download PDFInfo
- Publication number
- CN110750765A CN110750765A CN201910923664.8A CN201910923664A CN110750765A CN 110750765 A CN110750765 A CN 110750765A CN 201910923664 A CN201910923664 A CN 201910923664A CN 110750765 A CN110750765 A CN 110750765A
- Authority
- CN
- China
- Prior art keywords
- server
- user information
- verification
- user
- service server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 69
- 238000012795 verification Methods 0.000 claims abstract description 162
- 238000004590 computer program Methods 0.000 claims description 8
- 230000004044 response Effects 0.000 claims description 3
- 230000009471 action Effects 0.000 abstract description 5
- 230000008569 process Effects 0.000 description 5
- 238000010586 diagram Methods 0.000 description 3
- 230000000694 effects Effects 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 238000013475 authorization Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000009877 rendering Methods 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/448—Execution paradigms, e.g. implementations of programming paradigms
- G06F9/4482—Procedural
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Storage Device Security (AREA)
Abstract
本发明提供了一种服务系统及其前端页面控制方法、计算机设备和存储介质。该服务系统包括业务服务器、验证服务器、前端和数据库,该方法包括:前端接收用户的登录请求,发送口令获取请求至验证服务器,验证服务器对账号信息进行验证,在验证通过后向前端返回访问口令;前端发送第一访问请求至业务服务器,业务服务器发送用户信息获取请求至验证服务器,验证服务器对访问口令进行验证,在验证通过后前端获得用户信息,发送第二访问请求至业务服务器,获取元素可见性,前端在操作页面上显示元素可见性指示可见的操作控件,隐藏元素可见性指示不可见的操作控件。通过本发明,能够提升操作权限控制的安全性以及用户体验。
The present invention provides a service system and its front-end page control method, computer equipment and storage medium. The service system includes a business server, a verification server, a front end and a database. The method includes: the front end receives a user's login request, sends a password acquisition request to the verification server, the verification server verifies the account information, and returns an access password to the front end after the verification is passed. The front end sends the first access request to the service server, the service server sends the user information acquisition request to the verification server, the verification server verifies the access password, and after the verification passes, the front end obtains the user information, sends the second access request to the service server, and obtains the element Visibility, the front end displays the element visibility on the action page to indicate visible action controls, and hides the element visibility to indicate invisible action controls. Through the present invention, the security of the operation authority control and the user experience can be improved.
Description
技术领域technical field
本发明涉及数据处理技术领域,尤其涉及一种服务系统及其前端页面控制方法、计算机设备和存储介质。The present invention relates to the technical field of data processing, in particular to a service system and its front-end page control method, computer equipment and storage medium.
背景技术Background technique
在服务系统中,经常需要针对不同的用户设置不同的操作权限,例如,在公司内部业务服务系统中,需要针对不同职能的员工设置不同的操作权限。现有技术提供的一种服务系统中,用户通过前端登录服务系统后,前端直接显示统一的操作页面,用户根据自身的权限选择可操作的控件。当用户选择权限之内的操作控件时,业务服务器即可返回对应的服务数据,操作权限控制的安全性较低,当用户选择权限之外的操作控件时,前端返回“没有操作权限”等提示信息,用户体验差。In a service system, it is often necessary to set different operation rights for different users. For example, in a company's internal business service system, it is necessary to set different operation rights for employees of different functions. In a service system provided by the prior art, after a user logs in to the service system through the front end, the front end directly displays a unified operation page, and the user selects operable controls according to his own authority. When the user selects an operation control within the authority, the business server can return the corresponding service data, and the security of the operation authority control is low. When the user selects an operation control outside the authority, the front end returns a prompt such as "no operation authority" information, poor user experience.
因此,提供一种服务系统及其前端页面控制方法、计算机设备和存储介质,以提升操作权限控制的安全性以及用户体验,成为本领域亟需解决的技术问题。Therefore, it is an urgent technical problem to be solved in the art to provide a service system and its front-end page control method, computer device and storage medium to improve the security of operation authority control and user experience.
发明内容SUMMARY OF THE INVENTION
本发明的目的是提供一种服务系统及其前端页面控制方法、计算机设备和存储介质,用于解决现有技术中服务系统的前端页面控制方法中,操作权限控制的安全性低且用户体验感差的技术问题。The purpose of the present invention is to provide a service system and its front-end page control method, computer equipment and storage medium, which are used to solve the problem that in the front-end page control method of the service system in the prior art, the security of the operation authority control is low and the user experience sense is low. Bad technical issues.
一方面,为实现上述目的,本发明提供了一种服务系统的前端页面控制方法。On the one hand, in order to achieve the above object, the present invention provides a front-end page control method of a service system.
该服务系统包括:业务服务器、验证服务器、前端和数据库,该前端页面控制方法包括:前端接收用户的登录请求,其中,登录请求包括账号信息;前端发送口令获取请求至验证服务器,其中,口令获取请求包括账号信息;验证服务器对账号信息进行验证,并在验证通过后向前端返回访问口令;前端接收验证服务器发送的访问口令;前端发送第一访问请求至业务服务器,其中,第一访问请求包括访问口令,第一访问请求访问业务服务器获取用户信息的第一接口;业务服务器发送用户信息获取请求至验证服务器,其中,用户信息获取请求包括访问口令;验证服务器对访问口令进行验证,并在验证通过后向业务服务器返回用户信息;业务服务器接收验证服务器发送的用户信息;前端接收第一接口返回的用户信息;前端发送第二访问请求至业务服务器,其中,第二访问请求包括用户信息,第二访问请求访问业务服务器获取元素可见性的第二接口;业务服务器根据用户信息查询数据库,以获取元素可见性,其中,数据库包括权限配置信息,权限配置信息包括用户信息与元素可见性的对应关系;前端接收第二接口返回的元素可见性;以及前端在操作页面上显示元素可见性指示可见的操作控件,隐藏元素可见性指示不可见的操作控件,其中,可见的操作控件为用户操作权限内的操作控件,不可见的操作控件为用户操作权限外的操作控件。The service system includes: a business server, a verification server, a front end and a database, and the front-end page control method includes: the front end receives a user's login request, wherein the login request includes account information; the front end sends a password acquisition request to the verification server, wherein the password acquisition request The request includes account information; the verification server verifies the account information, and returns an access password to the front end after the verification is passed; the front end receives the access password sent by the verification server; the front end sends a first access request to the business server, wherein the first access request includes Access password, the first access request accesses the first interface of the business server to obtain user information; the business server sends the user information acquisition request to the verification server, wherein the user information acquisition request includes the access password; the verification server verifies the access password, and in the verification The user information is returned to the service server through the back end; the service server receives the user information sent by the verification server; the front end receives the user information returned by the first interface; the front end sends a second access request to the service server, wherein the second access request includes the user information, and the first 2. The access request accesses the second interface of the business server to obtain the element visibility; the business server queries the database according to the user information to obtain the element visibility, wherein the database includes permission configuration information, and the permission configuration information includes the corresponding relationship between user information and element visibility ; The front end receives the element visibility returned by the second interface; and the front end displays the visible operation controls on the operation page, and hides the invisible operation controls, wherein the visible operation controls are within the user's operation authority. The operation controls that are not visible are those outside the user's operation authority.
进一步地,第二访问请求还包括访问口令,在前端发送第二访问请求至业务服务器的步骤之后,在业务服务器根据用户信息查询数据库,以获取元素可见性的步骤之前,前端页面控制方法还包括:业务服务器发送访问口令验证请求至验证服务器,其中,访问口令验证请求包括访问口令;验证服务器对访问口令进行验证,并将验证结果返回至业务服务器;其中,业务服务器在接收到的验证结果为验证通过时,根据用户信息查询数据库,以获取元素可见性。Further, the second access request also includes an access password, and after the step of sending the second access request to the business server by the front end, and before the step of the business server querying the database according to the user information to obtain element visibility, the front-end page control method also includes: : The business server sends an access password verification request to the verification server, wherein the access password verification request includes the access password; the verification server verifies the access password and returns the verification result to the business server; wherein, the verification result received by the business server is: When validation passes, query the database based on user information to obtain element visibility.
进一步地,前端页面控制方法还包括:前端响应于用户对操作控件的操作,发送第三访问请求至业务服务器,其中,第三访问请求包括用户信息,第三访问请求访问业务服务器完成被操作的操作控件对应服务的第三接口;业务服务器根据用户信息查询数据库,以判断用户是否具有操作控件对应的操作权限,其中,权限配置信息还包括用户信息与操作权限的对应关系;当用户具有操作控件对应的操作权限时,业务服务器向前端返回服务的数据。Further, the front-end page control method also includes: the front-end responds to the user's operation on the operation control, and sends a third access request to the service server, wherein the third access request includes user information, and the third access request accesses the service server to complete the operation. The third interface of the corresponding service for the operation control; the business server queries the database according to the user information to determine whether the user has the operation authority corresponding to the operation control, wherein the authority configuration information also includes the corresponding relationship between the user information and the operation authority; when the user has the operation control When the corresponding operation authority is satisfied, the business server returns the service data to the front end.
进一步地,第三访问请求还包括访问口令,在前端发送第三访问请求至业务服务器的步骤之后,在业务服务器根据用户信息查询数据库,以判断用户是否具有操作控件对应的操作权限的步骤之前,前端页面控制方法还包括:业务服务器发送访问口令验证请求至验证服务器,其中,访问口令验证请求包括访问口令;验证服务器对访问口令进行验证,并将验证结果返回至业务服务器;其中,业务服务器在接收到的验证结果为验证通过时,根据用户信息查询数据库,以判断用户是否具有操作控件对应的操作权限。Further, the third access request also includes an access password, after the step of sending the third access request to the business server at the front end, and before the business server queries the database according to the user information, to determine whether the user has the corresponding operation authority of the operation control, before the step, The front-end page control method further includes: the business server sends an access password verification request to the verification server, wherein the access password verification request includes the access password; the verification server verifies the access password, and returns the verification result to the business server; wherein, the business server is in the When the received verification result is that the verification is passed, the database is queried according to the user information to determine whether the user has the operation authority corresponding to the operation control.
进一步地,数据库还包括用户列表,业务服务器接收验证服务器发送的用户信息之后,前端页面控制方法还包括:业务服务器在用户列表中查询用户信息,其中,当业务服务器在用户列表中查询不到用户信息时,将用户信息写入用户列表,并标记为待配置用户信息;前端在操作页面上显示元素可见性指示可见的操作控件的步骤包括:前端在操作页面上显示权限配置操作控件;当用户具有操作控件对应的操作权限时,业务服务器向前端返回服务的数据的步骤包括:当用户具有权限配置操作控件对应的操作权限时,业务服务器向前端返回用户列表中的待配置用户信息。Further, the database also includes a user list, and after the service server receives the user information sent by the verification server, the front-end page control method further includes: the service server queries the user information in the user list, wherein, when the service server cannot query the user list in the user list. When the information is displayed, the user information is written into the user list and marked as the user information to be configured; the steps of the front-end displaying the visible operation controls on the operation page of the element visibility indication include: the front-end displaying the rights configuration operation controls on the operation page; when the user When the user has the operation authority corresponding to the operation control, the step of returning the service data to the front end by the business server includes: when the user has the operation authority corresponding to the authorization configuration operation control, the business server returns the user information to be configured in the user list to the front end.
进一步地,权限配置信息包括第一对应关系、第二对应关系和第三对应关系,第一对应关系为标识用户信息与角色的对应关系,第二对应关系为标识角色与操作权限的对应关系,第三对应关系为标识操作权限与元素可见性的对应关系,业务服务器根据用户信息查询数据库,以获取元素可见性的步骤包括:业务服务器在第一对应关系中查找与用户信息对应的若干角色;业务服务器在第二对应关系中查找与每个角色对应的操作权限;业务服务器在第三对应关系中查找与每种操作权限对应的元素可见性;业务服务器汇总所有角色所对应的元素可见性。Further, the authority configuration information includes a first correspondence, a second correspondence and a third correspondence, the first correspondence is the correspondence between the identification user information and the role, and the second correspondence is the correspondence between the identification role and the operation authority, The third corresponding relationship is the corresponding relationship between the identification operation authority and the element visibility. The business server queries the database according to the user information, and the step of obtaining the element visibility includes: the business server searches the first corresponding relationship for several roles corresponding to the user information; The service server searches the second correspondence for the operation authority corresponding to each role; the service server searches the third correspondence for the element visibility corresponding to each operation authority; the service server summarizes the element visibility corresponding to all roles.
进一步地,前端页面控制方法还包括:前端在操作页面上隐藏元素可见性指示不可见的操作控件之后,在不可见的操作控件对应的位置显示预设的替代图标。Further, the front-end page control method further includes: after the front-end hides the operation controls whose element visibility indicates invisible on the operation page, displaying a preset substitute icon at a position corresponding to the invisible operation control.
另一方面,为实现上述目的,本发明提供了一种服务系统。On the other hand, in order to achieve the above object, the present invention provides a service system.
该服务系统包括:业务服务器、验证服务器、前端和数据库,其中:前端用于接收用户的登录请求,其中,登录请求包括账号信息;前端还用于发送口令获取请求至验证服务器,其中,口令获取请求包括账号信息;验证服务器用于对账号信息进行验证,并在验证通过后向前端返回访问口令;前端还用于接收验证服务器发送的访问口令;前端还用于发送第一访问请求至业务服务器,其中,第一访问请求包括访问口令,第一访问请求访问业务服务器获取用户信息的第一接口;业务服务器用于发送用户信息获取请求至验证服务器,其中,用户信息获取请求包括访问口令;验证服务器还用于对访问口令进行验证,并在验证通过后向业务服务器返回用户信息;业务服务器还用于接收验证服务器发送的用户信息;前端还用于接收第一接口返回的用户信息;前端还用于发送第二访问请求至业务服务器,其中,第二访问请求包括用户信息,第二访问请求访问业务服务器获取元素可见性的第二接口;业务服务器还用于根据用户信息查询数据库,以获取元素可见性,其中,数据库包括权限配置信息,权限配置信息包括用户信息与元素可见性的对应关系;前端还用于接收第二接口返回的元素可见性;以及前端还用于在操作页面上显示元素可见性指示可见的操作控件,隐藏元素可见性指示不可见的操作控件,其中,可见的操作控件为用户操作权限内的操作控件,不可见的操作控件为用户操作权限外的操作控件。The service system includes: a business server, a verification server, a front end and a database, wherein: the front end is used to receive a user's login request, wherein the login request includes account information; the front end is also used to send a password acquisition request to the verification server, wherein the password acquisition request The request includes account information; the verification server is used to verify the account information, and returns an access password to the front-end after the verification is passed; the front-end is also used to receive the access password sent by the verification server; the front-end is also used to send the first access request to the business server , wherein the first access request includes an access password, and the first access request accesses a first interface through which the business server obtains user information; the business server is configured to send a user information obtaining request to a verification server, wherein the user information obtaining request includes an access password; verifying The server is also used to verify the access password, and returns the user information to the service server after the verification is passed; the service server is also used to receive the user information sent by the authentication server; the front end is also used to receive the user information returned by the first interface; is used to send a second access request to the service server, wherein the second access request includes user information, and the second access request accesses the service server to obtain a second interface for element visibility; the service server is further configured to query the database according to the user information to obtain Element visibility, wherein the database includes permission configuration information, and the permission configuration information includes the corresponding relationship between user information and element visibility; the front end is also used to receive the element visibility returned by the second interface; and the front end is also used to display on the operation page The element visibility indicates the visible operation controls, and the hidden element visibility indicates the invisible operation controls, wherein the visible operation controls are the operation controls within the user's operation authority, and the invisible operation controls are the operation controls outside the user's operation authority.
为实现上述目的,本发明还提供一种计算机设备,包括存储器、处理器以及存储在存储器上并可在处理器上运行的计算机程序,该处理器执行计算机程序时实现上述方法的步骤。In order to achieve the above object, the present invention also provides a computer device, comprising a memory, a processor, and a computer program stored in the memory and running on the processor, the processor implements the steps of the above method when the processor executes the computer program.
为实现上述目的,本发明还提供计算机可读存储介质,其上存储有计算机程序,该计算机程序被处理器执行时实现上述方法的步骤。To achieve the above object, the present invention also provides a computer-readable storage medium on which a computer program is stored, and when the computer program is executed by a processor, implements the steps of the above method.
本发明提供的服务系统及其前端页面控制方法、计算机设备和存储介质,服务系统包括业务服务器、验证服务器、前端和数据库,前端接收到用户的登录请求后,先向验证服务器获取访问口令,再通过访问口令去访问业务服务器的第一接口,以获取用户信息;业务服务器的第一接口接收到访问时,向验证服务器验证访问口令,验证服务器在验证通过后将用户信息发送至服务器,服务器的第一接口将用户信息返回至前端,前端再通过用户信息去访问服务器的第二接口,以获取元素可见性;业务服务器的第二接口接收到访问时,根据用户信息获取元素可见性,并将其返回至前端;前端在操作页面上显示元素可见性指示可见的操作控件,隐藏元素可见性指示不可见的操作控件,对于用户而言,其所见的操作控件均为其操作权限内的操作控件,用户无需关注操作权限,提升了用户体验,同时,在控制操作页面上所显示的操作控件时,需要通过验证服务器验证访问口令,并在验证通过后才能获取到用户信息,进而才能够在数据库中通过用户信息获取元素可见性,提升了服务系统对操作权限控制的安全性。The present invention provides a service system and its front-end page control method, computer equipment and storage medium. The service system includes a business server, a verification server, a front-end and a database. After receiving the user's login request, the front-end first obtains an access password from the verification server, and then Access the first interface of the business server through the access password to obtain user information; when the first interface of the business server receives the access, it verifies the access password to the verification server, and the verification server sends the user information to the server after the verification is passed. The first interface returns the user information to the front end, and the front end accesses the second interface of the server through the user information to obtain the element visibility; when the second interface of the business server receives the access, it obtains the element visibility according to the user information, and uses the user information to obtain the element visibility. It returns to the front end; the front end displays the operation controls whose element visibility indicates visible on the operation page, and hides the operation controls whose element visibility indicates invisible. For users, the operation controls they see are the operations within their operation authority. Controls, the user does not need to pay attention to the operation authority, which improves the user experience. At the same time, when controlling the operation controls displayed on the operation page, the access password needs to be verified by the verification server, and the user information can be obtained after the verification is passed. The visibility of elements is obtained through user information in the database, which improves the security of the service system's control of operation rights.
附图说明Description of drawings
图1为本发明实施例一提供的服务系统的前端页面控制方法的流程图;1 is a flowchart of a front-end page control method of a service system provided by Embodiment 1 of the present invention;
图2为本发明实施例二提供的服务系统的前端页面控制方法的流程图;2 is a flowchart of a front-end page control method of a service system provided by Embodiment 2 of the present invention;
图3为本发明实施例三提供的服务系统的前端页面控制方法的流程图;3 is a flowchart of a front-end page control method of a service system provided by Embodiment 3 of the present invention;
图4为本发明实施例四提供的服务系统的框图;4 is a block diagram of a service system provided by Embodiment 4 of the present invention;
图5为本发明实施例五提供的计算机设备的硬件结构图。FIG. 5 is a hardware structure diagram of a computer device according to Embodiment 5 of the present invention.
具体实施方式Detailed ways
为了使本发明的目的、技术方案及优点更加清楚明白,以下结合附图及实施例,对本发明进行进一步详细说明。应当理解,此处所描述的具体实施例仅用以解释本发明,并不用于限定本发明。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。In order to make the objectives, technical solutions and advantages of the present invention clearer, the present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are only used to explain the present invention, but not to limit the present invention. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.
本发明提供了一种服务系统及其前端页面控制方法、计算机设备和存储介质。在该服务系统的前端页面控制方法中,用户通过前端登录服务系统后,前端向验证服务器进行账号信息的验证,并在验证通过后获取到访问口令,然后前端将访问口令写入访问业务服务器第一接口的第一访问请求;业务服务器的第一接口被访问时,将访问口令写入用户信息获取请求发送至验证服务器,验证服务器在访问口令验证通过后将用户信息返回至业务服务器,业务服务器将用户信息作为前端访问第一接口的返回信息,发送至前端;前端在获得用户信息之后,将用户信息写入访问业务服务器第二接口的第二访问请求;业务服务器的第二接口被访问时,根据第二访问请求的用户信息查询数据库,数据库包括权限配置信息,该权限配置信息包括用户信息与元素可见性的对应关系,业务服务器通过用户信息可查找到元素可见性并返回至前端,其中,元素可见性用于指示哪些操作控件可见,哪些操作控件不可见,可见的操作控件为用户操作权限内的操作控件,不可见的操作控件为用户操作权限外的操作控件。前端接收到元素可见性后,在操作页面上显示元素可见性指示可见的操作控件,也即将用户操作权限内的操作控件显示,同时隐藏元素可见性指示不可见的操作控件,也即将用户操作权限外的操作控件隐藏。The invention provides a service system and its front-end page control method, computer equipment and storage medium. In the front-end page control method of the service system, after the user logs in to the service system through the front-end, the front-end verifies the account information to the verification server, and obtains the access password after the verification is passed, and then the front-end writes the access password into the first access service server. The first access request of an interface; when the first interface of the business server is accessed, the access password is written into the user information acquisition request and sent to the verification server, and the verification server returns the user information to the business server after the verification of the access password is passed. The user information is sent to the front-end as the return information of the front-end accessing the first interface; after obtaining the user information, the front-end writes the user information into the second access request for accessing the second interface of the service server; when the second interface of the service server is accessed , query the database according to the user information of the second access request, the database includes rights configuration information, the rights configuration information includes the corresponding relationship between user information and element visibility, the service server can find the element visibility through the user information and return to the front end, wherein , element visibility is used to indicate which operation controls are visible and which are invisible. The visible operation controls are the operation controls within the user's operation authority, and the invisible operation controls are the operation controls outside the user's operation authority. After the front-end receives the element visibility, it displays the visible operation controls on the operation page, that is, the operation controls within the user's operation authority, and hides the invisible operation controls of the element's visibility indication, that is, the user's operation authority. The external operation controls are hidden.
从中可以看出,前端在操作页面上显示的操作控件,均在用户的操作权限内,用户无需关注哪些操作控件属于操作权限内,哪些操作权限属于操作权限外,提升了用户体验,同时,在控制操作页面上所显示的操作控件时,需要通过验证服务器验证访问口令,并在验证通过后才能获取到用户信息,进而才能够在数据库中通过用户信息获取元素可见性,提升了服务系统对操作权限控制的安全性。It can be seen from this that the operation controls displayed on the operation page by the front end are all within the user's operation authority, and the user does not need to pay attention to which operation controls belong to the operation authority and which operation authority is outside the operation authority, which improves the user experience. When controlling the operation controls displayed on the operation page, it is necessary to verify the access password through the verification server, and after the verification is passed, the user information can be obtained, and then the element visibility can be obtained through the user information in the database, which improves the service system's ability to operate Access control security.
关于本发明提供的服务系统及其前端页面控制方法、计算机设备和存储介质的具体实施例,将在下文中详细描述。Specific embodiments of the service system and its front-end page control method, computer device and storage medium provided by the present invention will be described in detail below.
实施例一Example 1
本发明实施例一提供了一种服务系统的前端页面控制方法,该前端页面控制方法应用于服务系统,能够提升服务系统操作权限控制的安全性以及用户体验,其中,服务系统包括业务服务器、验证服务器、前端和数据库,基于前端、验证服务器和业务服务器之间的交互,以及业务服务器对数据库的读写,实现了本实施例提供的服务系统的前端页面控制方法。具体地,图1为本发明实施例一提供的服务系统的前端页面控制方法的流程图,如图1所示,该实施例提供的服务系统的前端页面控制方法包括如下的步骤S101至步骤S113。Embodiment 1 of the present invention provides a front-end page control method of a service system. The front-end page control method is applied to a service system and can improve the security and user experience of operating authority control of the service system. The server, the front end and the database, based on the interaction between the front end, the verification server and the business server, and the reading and writing of the database by the business server, realize the front-end page control method of the service system provided by this embodiment. Specifically, FIG. 1 is a flowchart of a front-end page control method of a service system provided by Embodiment 1 of the present invention. As shown in FIG. 1 , the front-end page control method of a service system provided by this embodiment includes the following steps S101 to S113 .
步骤S101:前端接收用户的登录请求。Step S101: The front end receives a user's login request.
其中,前端提供服务系统的登录窗口,用户通过登录窗口输入账号信息和密码信息等信息,也即前端接收到登录请求,该登录请求包括账号信息和密码信息。The front end provides a login window of the service system, and the user inputs account information and password information through the login window, that is, the front end receives a login request, and the login request includes account information and password information.
前端在接收到登录请求后,可先对账号信息和密码信息等进行验证,并在验证通过后,向验证服务器获取访问口令。After receiving the login request, the front-end can first verify the account information and password information, etc., and after the verification is passed, obtain the access password from the verification server.
步骤S102:前端发送口令获取请求至验证服务器。Step S102: The front end sends a password acquisition request to the verification server.
其中,口令获取请求包括账号信息。The password acquisition request includes account information.
步骤S103:验证服务器对账号信息进行验证,并在验证通过后向前端返回访问口令。Step S103: The verification server verifies the account information, and returns an access password to the front end after the verification is passed.
验证服务器在接收到口令获取请求后,先对账号信息进行验证,并在验证通过后向前端返回访问口令,返回的访问口令可以为与账号信息相对应的访问口令。After receiving the password acquisition request, the verification server verifies the account information first, and returns the access password to the front end after the verification is passed, and the returned access password may be the access password corresponding to the account information.
步骤S104:前端接收验证服务器发送的访问口令。Step S104: the front end receives the access password sent by the authentication server.
步骤S105:前端发送第一访问请求至业务服务器。Step S105: the front end sends the first access request to the service server.
其中,第一访问请求包括访问口令,第一访问请求访问业务服务器获取用户信息的第一接口。The first access request includes an access password, and the first access request accesses a first interface through which the service server obtains user information.
步骤S106:业务服务器发送用户信息获取请求至验证服务器。Step S106: the service server sends a user information acquisition request to the verification server.
其中,用户信息获取请求包括访问口令。The user information acquisition request includes an access password.
可选地,访问口令作为第一访问请求的头信息。业务服务器在接收到第一访问请求后,解析头信息获得访问口令,同时将访问口令作为用户信息获取请求的头信息,并将用户信息获取请求发送至验证服务器。Optionally, the access password is used as header information of the first access request. After receiving the first access request, the service server parses the header information to obtain the access password, and at the same time uses the access password as the header information of the user information acquisition request, and sends the user information acquisition request to the verification server.
步骤S107:验证服务器对访问口令进行验证,并在验证通过后向业务服务器返回用户信息。Step S107: The verification server verifies the access password, and returns the user information to the service server after the verification is passed.
验证服务器在接收到用户信息获取请求后,解析头信息获得访问口令,并利用验证服务器的数据对解析到的访问口令进行验证,在验证成功时,将访问口令对应的用户信息发送至业务服务器。After receiving the user information acquisition request, the verification server parses the header information to obtain the access password, and uses the data of the verification server to verify the parsed access password, and when the verification succeeds, sends the user information corresponding to the access password to the service server.
步骤S108:业务服务器接收验证服务器发送的用户信息。Step S108: the service server receives the user information sent by the verification server.
业务服务器接收到验证服务器发送的用户信息后,经由第一接口将用户信息返回至前端。After receiving the user information sent by the verification server, the service server returns the user information to the front end via the first interface.
步骤S109:前端接收第一接口返回的用户信息。Step S109: the front end receives the user information returned by the first interface.
步骤S110:前端发送第二访问请求至业务服务器。Step S110: The front end sends a second access request to the service server.
其中,第二访问请求包括用户信息,第二访问请求访问业务服务器获取元素可见性的第二接口。The second access request includes user information, and the second access request accesses a second interface through which the service server obtains element visibility.
步骤S111:业务服务器根据用户信息查询数据库,以获取元素可见性。Step S111: The service server queries the database according to the user information to obtain element visibility.
业务服务器在接收访问第二接口的第二访问请求时,解析第二访问请求获得用户信息,以用户信息为查询参数,查询数据库。When receiving the second access request for accessing the second interface, the service server parses the second access request to obtain user information, and uses the user information as a query parameter to query the database.
其中,数据库包括权限配置信息,权限配置信息包括用户信息与元素可见性的对应关系,也即当权限配置信息包括某用户信息及其对应的元素可见性时,通过该用户信息即可在权限配置信息中查找到元素可见性。元素可见性用于指示哪些操作控件对该用户信息对应的用户可见,哪些操作控件对该用户对应的用户不可见,可见的操作控件为用户操作权限内的操作控件,不可见的操作控件为用户操作权限外的操作控件。可选地,元素可见性可以为多个键值对,其中,键值对中的健为操作控件的标识信息,键值对中的值为操作控件是否可见的标识。或者,元素可见性也可以采用其他任何可以标识出操作控件可见和不可见的数据格式。Among them, the database includes permission configuration information, and the permission configuration information includes the corresponding relationship between user information and element visibility, that is, when the permission configuration information includes a certain user information and its corresponding element visibility, the user information can be used in the permission configuration information. Element visibility found in info. Element visibility is used to indicate which operation controls are visible to the user corresponding to the user information, and which operation controls are invisible to the user corresponding to the user. The visible operation controls are the operation controls within the user's operation authority, and the invisible operation controls are the user's Operation controls outside the operation authority. Optionally, the element visibility may be multiple key-value pairs, wherein the key in the key-value pair is the identification information of the operation control, and the value in the key-value pair is the identification of whether the operation control is visible. Alternatively, element visibility can be in any other data format that identifies visible and invisible action controls.
业务服务器在获取到元素可见性后,将其返回前端。After the business server gets the element visibility, it returns it to the front end.
可选地,权限配置信息包括第一对应关系、第二对应关系和第三对应关系,第一对应关系为标识用户信息与角色的对应关系,第二对应关系为标识角色与操作权限的对应关系,第三对应关系为标识操作权限与元素可见性的对应关系。该步骤S111在实现元素可见性的获取时,具体执行如下的步骤:业务服务器在第一对应关系中查找与用户信息对应的若干角色;业务服务器在第二对应关系中查找与每个角色对应的操作权限;业务服务器在第三对应关系中查找与每种操作权限对应的元素可见性;业务服务器汇总所有角色所对应的元素可见性。Optionally, the authority configuration information includes a first correspondence, a second correspondence, and a third correspondence, the first correspondence is the correspondence between the identification user information and the role, and the second correspondence is the correspondence between the identification role and the operation authority. , and the third corresponding relationship is the corresponding relationship between the identification operation authority and the element visibility. In this step S111, when obtaining the element visibility, the following steps are specifically performed: the service server searches for several roles corresponding to the user information in the first correspondence; the service server searches for the roles corresponding to each role in the second correspondence Operation authority; the business server searches the third corresponding relationship for the element visibility corresponding to each operation authority; the business server summarizes the element visibility corresponding to all roles.
步骤S112:前端接收第二接口返回的元素可见性。Step S112: The front end receives the element visibility returned by the second interface.
步骤S113:前端在操作页面上显示元素可见性指示可见的操作控件,隐藏元素可见性指示不可见的操作控件。Step S113 : the front end displays the operation controls whose element visibility indicates visible on the operation page, and hides the operation controls whose element visibility indicates invisible.
前端渲染操作页面时,将可见的操作控件显示,将不可见的操作控件隐藏,从而具有不同操作权限的用户能够在操作页面上看到不同的操作控件。When the front end renders the operation page, the visible operation controls are displayed and the invisible operation controls are hidden, so that users with different operation rights can see different operation controls on the operation page.
可选地,前端在操作页面上隐藏元素可见性指示不可见的操作控件之后,在不可见的操作控件对应的位置显示预设的替代图标,从而前端在渲染操作页面时,能够采用统一的框架,只需在隐藏的操作控件对应的位置处显示替代图标即可。Optionally, after the front-end hides the invisible operation controls on the operation page, the front-end displays a preset substitute icon at the position corresponding to the invisible operation control, so that the front-end can use a unified framework when rendering the operation page. , just display an alternate icon in the location corresponding to the hidden action control.
采用该实施例提供的服务系统的前端页面控制方法,服务系统包括业务服务器、验证服务器、前端和数据库,前端接收到用户的登录请求后,先向验证服务器获取访问口令,再通过访问口令去访问业务服务器的第一接口,以获取用户信息;业务服务器的第一接口接收到访问时,向验证服务器验证访问口令,验证服务器在验证通过后将用户信息发送至服务器,服务器的第一接口将用户信息返回至前端,前端再通过用户信息去访问服务器的第二接口,以获取元素可见性;业务服务器的第二接口接收到访问时,根据用户信息获取元素可见性,并将其返回至前端;前端在操作页面上显示元素可见性指示可见的操作控件,隐藏元素可见性指示不可见的操作控件,对于用户而言,其所见的操作控件均为其操作权限内的操作控件,用户无需关注操作权限,提升了用户体验,同时,在控制操作页面上所显示的操作控件时,需要通过验证服务器验证访问口令,并在验证通过后才能获取到用户信息,进而才能够在数据库中通过用户信息获取元素可见性,提升了服务系统对操作权限控制的安全性。Using the front-end page control method of the service system provided by this embodiment, the service system includes a business server, a verification server, a front-end and a database. After receiving a user's login request, the front-end first obtains an access password from the verification server, and then uses the access password to access The first interface of the business server to obtain user information; when the first interface of the business server receives the access, it verifies the access password to the verification server, and the verification server sends the user information to the server after the verification is passed, and the first interface of the server sends the user information to the server. The information is returned to the front end, and the front end accesses the second interface of the server through the user information to obtain the element visibility; when the second interface of the business server receives the access, it obtains the element visibility according to the user information, and returns it to the front end; On the operation page, the front end displays the operation controls whose element visibility indicates visible, and hides the operation controls whose element visibility indicates invisible. For users, the operation controls they see are the operation controls within their operation authority, and users do not need to pay attention to them. The operation authority improves the user experience. At the same time, when controlling the operation controls displayed on the operation page, the access password needs to be verified by the verification server, and the user information can be obtained after the verification is passed, and then the user information can be passed in the database. Obtaining element visibility improves the security of the service system's control of operation permissions.
实施例二Embodiment 2
本发明实施例二提供了一种优选的服务系统的前端页面控制方法,该前端页面控制方法应用于服务系统,能够进一步提升服务系统操作权限控制的安全性,其中,服务系统包括业务服务器、验证服务器、前端和数据库。该实施例二提供的服务系统的前端页面控制方法中,部分技术特征及相应的技术效果与上述实施例一相同,该实施例中仅简略描述。具体地,图2为本发明实施例二提供的服务系统的前端页面控制方法的流程图,如图2所示,该实施例提供的服务系统的前端页面控制方法包括如下的步骤S201至步骤S215。The second embodiment of the present invention provides a preferred front-end page control method for a service system. The front-end page control method is applied to the service system, which can further improve the security of the operation authority control of the service system. Server, front end and database. In the front-end page control method of the service system provided in the second embodiment, some technical features and corresponding technical effects are the same as those in the above-mentioned first embodiment, which are only briefly described in this embodiment. Specifically, FIG. 2 is a flowchart of a front-end page control method of a service system provided by Embodiment 2 of the present invention. As shown in FIG. 2 , the front-end page control method of a service system provided by this embodiment includes the following steps S201 to S215 .
步骤S201:前端接收用户的登录请求,发送口令获取请求至验证服务器。Step S201: The front end receives the user's login request, and sends a password acquisition request to the authentication server.
其中,登录请求和口令获取请求均包括账号信息。The login request and the password acquisition request both include account information.
步骤S202:验证服务器对账号信息进行验证,并在验证通过后向前端返回访问口令。Step S202: The verification server verifies the account information, and returns an access password to the front end after the verification is passed.
步骤S203:前端接收验证服务器发送的访问口令,发送第一访问请求至业务服务器。Step S203: The front end receives the access password sent by the verification server, and sends a first access request to the service server.
其中,第一访问请求包括访问口令,第一访问请求访问业务服务器获取用户信息的第一接口。The first access request includes an access password, and the first access request accesses a first interface through which the service server obtains user information.
步骤S204:业务服务器发送用户信息获取请求至验证服务器。Step S204: the service server sends a user information acquisition request to the verification server.
其中,用户信息获取请求包括访问口令。The user information acquisition request includes an access password.
步骤S205:验证服务器对访问口令进行验证,并在验证通过后向业务服务器返回用户信息。Step S205: The verification server verifies the access password, and returns the user information to the service server after the verification is passed.
步骤S206:业务服务器接收验证服务器发送的用户信息。Step S206: the service server receives the user information sent by the verification server.
步骤S207:前端接收第一接口返回的用户信息,并发送第二访问请求至业务服务器。Step S207: The front end receives the user information returned by the first interface, and sends a second access request to the service server.
其中,第二访问请求包括用户信息和访问口令,第二访问请求访问业务服务器获取元素可见性的第二接口。Wherein, the second access request includes user information and an access password, and the second access request accesses a second interface through which the service server obtains element visibility.
步骤S208:业务服务器发送访问口令验证请求至验证服务器。Step S208: the service server sends an access password verification request to the verification server.
其中,访问口令验证请求包括访问口令。Wherein, the access token verification request includes the access token.
步骤S209:验证服务器对访问口令进行验证,并将验证结果返回至业务服务器。Step S209: The verification server verifies the access password, and returns the verification result to the service server.
步骤S210:业务服务器在接收到的验证结果为验证通过时,根据用户信息查询数据库,以获取元素可见性。Step S210: When the received verification result is that the verification is passed, the service server queries the database according to the user information to obtain the element visibility.
其中,数据库包括权限配置信息,权限配置信息包括用户信息与元素可见性的对应关系。The database includes permission configuration information, and the permission configuration information includes the corresponding relationship between user information and element visibility.
步骤S211:前端接收第二接口返回的元素可见性,在操作页面上显示元素可见性指示可见的操作控件,隐藏元素可见性指示不可见的操作控件,并响应于用户对操作控件的操作,发送第三访问请求至业务服务器。Step S211: the front end receives the element visibility returned by the second interface, displays the operation controls whose element visibility indicates visible on the operation page, hides the operation controls whose element visibility indicates invisible, and responds to the user's operation on the operation control, sending The third access request is to the service server.
其中,可见的操作控件为用户操作权限内的操作控件,不可见的操作控件为用户操作权限外的操作控件,第三访问请求包括用户信息和访问口令,第三访问请求访问业务服务器完成被操作的操作控件对应服务的第三接口。Among them, the visible operation controls are the operation controls within the user's operation authority, the invisible operation controls are the operation controls outside the user's operation authority, the third access request includes user information and an access password, and the third access request accesses the business server to complete the operation. The operation control corresponds to the third interface of the service.
步骤S212:业务服务器发送访问口令验证请求至验证服务器。Step S212: The service server sends an access password verification request to the verification server.
其中,访问口令验证请求包括访问口令。Wherein, the access token verification request includes the access token.
步骤S213:验证服务器对访问口令进行验证,并将验证结果返回至业务服务器。Step S213: The verification server verifies the access password, and returns the verification result to the service server.
步骤S214:业务服务器在接收到的验证结果为验证通过时,根据用户信息查询数据库,以判断用户是否具有操作控件对应的操作权限。Step S214: When the received verification result is that the verification is passed, the service server queries the database according to the user information to determine whether the user has the operation authority corresponding to the operation control.
其中,权限配置信息还包括用户信息与操作权限的对应关系。Wherein, the authority configuration information further includes the corresponding relationship between the user information and the operation authority.
步骤S215:当用户具有操作控件对应的操作权限时,业务服务器向前端返回服务的数据。Step S215: When the user has the operation authority corresponding to the operation control, the service server returns the service data to the front end.
采用该实施例提供的服务系统的前端页面控制方法,前端访问业务服务器的接口时,访问请求均会包括访问口令,业务服务器的接口在响应访问请求时,首先向验证服务器验证访问请求携带的访问口令,当业务服务器收到验证通过的验证结果后,再去执行接口真正的业务,进一步提高服务系统的安全性。此外,业务服务器的第三接口接收到访问请求时,业务服务器首先在数据库中查询操作权限,并当满足操作权限时,才返回服务数据,避免非服务系统中的前端请求没有操作权限的服务,进一步提高服务系统的安全性。With the front-end page control method of the service system provided by this embodiment, when the front-end accesses the interface of the business server, the access request will include an access password, and when the interface of the business server responds to the access request, it first verifies the access carried in the access request to the verification server. Password, when the business server receives the verification result that passes the verification, it will execute the real business of the interface to further improve the security of the service system. In addition, when the third interface of the business server receives an access request, the business server first queries the database for the operation authority, and only returns the service data when the operation authority is satisfied, so as to prevent the front-end in the non-service system from requesting services without operation authority. Further improve the security of the service system.
实施例三Embodiment 3
本发明实施例三提供了一种优选的服务系统的前端页面控制方法,该前端页面控制方法应用于服务系统,能够进一步提升服务系统操作权限控制的安全性,其中,服务系统包括业务服务器、验证服务器、前端和数据库。该实施例三提供的服务系统的前端页面控制方法中,部分技术特征及相应的技术效果与上述实施例一相同,该实施例中仅简略描述。需要说明的是,该实施例包括第一前端和第二前端,两前端中登录的账号不同。具体地,图3为本发明实施例三提供的服务系统的前端页面控制方法的流程图,如图3所示,该实施例提供的服务系统的前端页面控制方法包括如下的步骤S301至步骤S312。Embodiment 3 of the present invention provides a preferred front-end page control method for a service system. The front-end page control method is applied to a service system and can further improve the security of operating authority control of the service system. Server, front end and database. In the front-end page control method of the service system provided in the third embodiment, some technical features and corresponding technical effects are the same as those in the above-mentioned first embodiment, which are only briefly described in this embodiment. It should be noted that this embodiment includes a first front end and a second front end, and the accounts logged in the two front ends are different. Specifically, FIG. 3 is a flowchart of a front-end page control method of a service system provided by Embodiment 3 of the present invention. As shown in FIG. 3 , the front-end page control method of a service system provided by this embodiment includes the following steps S301 to S312 .
步骤S301:第一前端接收第一用户的登录请求,第一前端发送口令获取请求至验证服务器。Step S301: The first front end receives a login request from the first user, and the first front end sends a password acquisition request to the authentication server.
其中,登录请求和口令获取请求均包括账号信息。The login request and the password acquisition request both include account information.
步骤S302:验证服务器对账号信息进行验证,并在验证通过后向第一前端返回访问口令。Step S302: The verification server verifies the account information, and returns an access password to the first front end after the verification is passed.
步骤S303:第一前端接收验证服务器发送的访问口令,并发送第一访问请求至业务服务器。Step S303: The first front end receives the access password sent by the verification server, and sends a first access request to the service server.
其中,第一访问请求包括访问口令,第一访问请求访问业务服务器获取用户信息的第一接口。The first access request includes an access password, and the first access request accesses a first interface through which the service server obtains user information.
步骤S304:业务服务器发送第一用户信息获取请求至验证服务器。Step S304: The service server sends the first user information acquisition request to the verification server.
其中,第一用户信息获取请求包括访问口令。Wherein, the first user information acquisition request includes an access password.
步骤S305:验证服务器对访问口令进行验证,并在验证通过后向业务服务器返回第一用户信息。Step S305: The verification server verifies the access password, and returns the first user information to the service server after the verification is passed.
步骤S306:业务服务器接收验证服务器发送的第一用户信息,并在用户列表中查询第一用户信息,当业务服务器在用户列表中查询不到第一用户信息时,将第一用户信息写入用户列表,并标记为待配置用户信息。Step S306: the service server receives the first user information sent by the verification server, and queries the first user information in the user list, and when the service server cannot query the first user information in the user list, writes the first user information into the user list and mark it as user information to be configured.
步骤S307:第二前端发送第二访问请求至业务服务器。Step S307: The second front end sends a second access request to the service server.
其中,第二访问请求包括第二用户信息,第二访问请求访问业务服务器获取元素可见性的第二接口。Wherein, the second access request includes second user information, and the second access request accesses a second interface through which the service server obtains element visibility.
步骤S308:业务服务器根据用户信息查询数据库,以获取元素可见性。Step S308: The service server queries the database according to the user information to obtain element visibility.
其中,数据库包括权限配置信息,权限配置信息包括用户信息与元素可见性的对应关系。The database includes permission configuration information, and the permission configuration information includes the corresponding relationship between user information and element visibility.
步骤S309:第二前端接收第二接口返回的元素可见性,在操作页面上显示元素可见性指示可见的操作控件,隐藏元素可见性指示不可见的操作控件。Step S309 : the second front end receives the element visibility returned by the second interface, displays the operation controls whose element visibility indicates visible on the operation page, and hides the operation controls whose element visibility indicates invisible.
其中,可见的操作控件为第二用户操作权限内的操作控件,不可见的操作控件为第二用户操作权限外的操作控件,在该实施例中,操作页面上显示的操作控件包括权限配置操作控件。第二用户信息的操作权限包括权限配置。Wherein, the visible operation controls are the operation controls within the second user's operation authority, and the invisible operation controls are the operation controls outside the second user's operation authority. In this embodiment, the operation controls displayed on the operation page include the authority configuration operation controls. The operation authority of the second user information includes authority configuration.
步骤S310:第二前端响应于第二用户对权限配置操作控件的操作,发送第三访问请求至业务服务器。Step S310: The second front end sends a third access request to the service server in response to the second user's operation on the permission configuration operation control.
其中,第三访问请求包括第二用户信息,第三访问请求访问业务服务器完成权限配置服务的第三接口。Wherein, the third access request includes the second user information, and the third access request accesses the third interface of the service server to complete the permission configuration service.
步骤S311:业务服务器根据第二用户信息查询数据库,以判断用户是否具有权限配置操作控件对应的操作权限。Step S311: The service server queries the database according to the second user information to determine whether the user has the operation authority corresponding to the authority configuration operation control.
其中,权限配置信息还包括用户信息与操作权限的对应关系。Wherein, the authority configuration information further includes the corresponding relationship between the user information and the operation authority.
步骤S312:当第二用户具有权限配置操作控件对应的操作权限时,业务服务器向第二前端返回用户列表中的待配置用户信息。Step S312: When the second user has the operation authority corresponding to the authority configuration operation control, the service server returns the user information to be configured in the user list to the second front end.
采用该实施例提供的服务系统的前端页面控制方法,业务服务器向验证服务器获取到用户信息后,在用户列表中进行查询,当查询不到用户信息时,表明该用户信息还未在数据库中配置,此时,将用户信息写入用户列表,同时标记为待配置用户信息,当具有权限配置操作权限的用户操作权限配置空间时,业务服务器将用户列表中的待配置用户信息反馈至前端,从而能够使未配置的用户信息第一时间被配置,且无需具有权限配置操作权限的用户去关注哪些用户信息还未配置,增加用户的便利性。With the front-end page control method of the service system provided by this embodiment, after the service server obtains the user information from the verification server, it searches the user list. If the user information cannot be queried, it indicates that the user information has not been configured in the database. , at this time, the user information is written into the user list, and is marked as the user information to be configured. When the user with the permission configuration operation permission operates the permission configuration space, the service server feeds back the user information to be configured in the user list to the front end, thereby The unconfigured user information can be configured at the first time, and it is not necessary for the user with the authority configuration operation authority to pay attention to which user information has not been configured, thereby increasing the convenience of the user.
实施例四Embodiment 4
对应于上述各个实施例,本发明实施例四提供了一种服务系统,该实施例中的技术特征可参考上述实施例,该处仅作简单描述。图4为本发明实施例四提供的服务系统的框图,如图4所示,该服务系统包括:业务服务器401、验证服务器402、前端403和数据库404,其中:Corresponding to the foregoing embodiments, Embodiment 4 of the present invention provides a service system, and the technical features in this embodiment may refer to the foregoing embodiments, which are only briefly described herein. FIG. 4 is a block diagram of a service system provided by Embodiment 4 of the present invention. As shown in FIG. 4 , the service system includes: a business server 401, a verification server 402, a front end 403, and a database 404, wherein:
前端403用于接收用户的登录请求,其中,登录请求包括账号信息;The front end 403 is configured to receive a user's login request, wherein the login request includes account information;
前端403还用于发送口令获取请求至验证服务器402,其中,口令获取请求包括账号信息;The front end 403 is further configured to send a password acquisition request to the verification server 402, wherein the password acquisition request includes account information;
验证服务器402用于对账号信息进行验证,并在验证通过后向前端403返回访问口令;The verification server 402 is used to verify the account information, and returns an access password to the front end 403 after the verification is passed;
前端403还用于接收验证服务器402发送的访问口令;The front end 403 is further configured to receive the access password sent by the authentication server 402;
前端403还用于发送第一访问请求至业务服务器401,其中,第一访问请求包括访问口令,第一访问请求访问业务服务器401获取用户信息的第一接口;The front end 403 is further configured to send a first access request to the service server 401, wherein the first access request includes an access password, and the first access request accesses the first interface through which the service server 401 obtains user information;
业务服务器401用于发送用户信息获取请求至验证服务器402,其中,用户信息获取请求包括访问口令;The service server 401 is configured to send a user information acquisition request to the verification server 402, wherein the user information acquisition request includes an access password;
验证服务器402还用于对访问口令进行验证,并在验证通过后向业务服务器401返回用户信息;The verification server 402 is also used to verify the access password, and returns the user information to the service server 401 after the verification is passed;
业务服务器401还用于接收验证服务器402发送的用户信息;The service server 401 is further configured to receive user information sent by the verification server 402;
前端403还用于接收第一接口返回的用户信息;The front end 403 is further configured to receive user information returned by the first interface;
前端403还用于发送第二访问请求至业务服务器401,其中,第二访问请求包括用户信息,第二访问请求访问业务服务器401获取元素可见性的第二接口;The front end 403 is further configured to send a second access request to the service server 401, wherein the second access request includes user information, and the second access request accesses the service server 401 to obtain a second interface for element visibility;
业务服务器401还用于根据用户信息查询数据库404,以获取元素可见性,其中,数据库404包括权限配置信息,权限配置信息包括用户信息与元素可见性的对应关系;The service server 401 is further configured to query the database 404 according to the user information to obtain element visibility, wherein the database 404 includes permission configuration information, and the permission configuration information includes the corresponding relationship between user information and element visibility;
前端403还用于接收第二接口返回的元素可见性;以及The front end 403 is further configured to receive the element visibility returned by the second interface; and
前端403还用于在操作页面上显示元素可见性指示可见的操作控件,隐藏元素可见性指示不可见的操作控件,其中,可见的操作控件为用户操作权限内的操作控件,不可见的操作控件为用户操作权限外的操作控件。The front end 403 is also used to display the visible operation controls on the operation page, and hide the invisible operation controls of the element visibility, wherein the visible operation controls are the operation controls within the user's operation authority, and the invisible operation controls. It is an operation control outside the user's operation authority.
可选地,在一种是实施例中,第二访问请求还包括访问口令,业务服务器401还用于在前端403发送第二访问请求至业务服务器401的步骤之后,在业务服务器401根据用户信息查询数据库404,以获取元素可见性之前,发送访问口令验证请求至验证服务器402,其中,访问口令验证请求包括访问口令;验证服务器402还用于对访问口令进行验证,并将验证结果返回至业务服务器401,其中,业务服务器401还用于在接收到的验证结果为验证通过时,根据用户信息查询数据库404,以获取元素可见性。Optionally, in one embodiment, the second access request further includes an access password, and the service server 401 is further configured to, after the step of sending the second access request to the service server 401 by the front end 403, the service server 401 according to the user information. Before querying the database 404 to obtain the element visibility, an access token verification request is sent to the verification server 402, wherein the access token verification request includes the access token; the verification server 402 is also used to verify the access token and return the verification result to the service The server 401, wherein the service server 401 is further configured to query the database 404 according to the user information to obtain the element visibility when the received verification result is that the verification is passed.
可选地,在一种是实施例中,前端403还用于响应于用户对操作控件的操作,发送第三访问请求至业务服务器401,其中,第三访问请求包括用户信息,第三访问请求访问业务服务器401完成被操作的操作控件对应服务的第三接口;业务服务器401还用于根据用户信息查询数据库404,以判断用户是否具有操作控件对应的操作权限,当用户具有操作控件对应的操作权限时,向前端403返回服务的数据其中,权限配置信息还包括用户信息与操作权限的对应关系;Optionally, in one embodiment, the front end 403 is further configured to send a third access request to the service server 401 in response to the user's operation on the operation control, wherein the third access request includes user information, and the third access request Access the business server 401 to complete the third interface of the service corresponding to the operated operation control; the business server 401 is also used to query the database 404 according to the user information to determine whether the user has the operation authority corresponding to the operation control, when the user has the operation corresponding to the operation control In the case of authority, the data of the service is returned to the front end 403, wherein the authority configuration information also includes the corresponding relationship between user information and operation authority;
可选地,在一种是实施例中,第三访问请求还包括访问口令,在前端403发送第三访问请求至业务服务器401之后,在业务服务器401根据用户信息查询数据库404,以判断用户是否具有操作控件对应的操作权限之前,业务服务器401还用于发送访问口令验证请求至验证服务器402,其中,访问口令验证请求包括访问口令;验证服务器402还用于对访问口令进行验证,并将验证结果返回至业务服务器401,其中,业务服务器401还用于在接收到的验证结果为验证通过时,根据用户信息查询数据库404,以判断用户是否具有操作控件对应的操作权限。Optionally, in one embodiment, the third access request further includes an access password. After the front end 403 sends the third access request to the service server 401, the service server 401 queries the database 404 according to the user information to determine whether the user is Before having the operation authority corresponding to the operation control, the business server 401 is also used to send an access password verification request to the verification server 402, wherein the access password verification request includes the access password; the verification server 402 is also used to verify the access password, and verify the The result is returned to the service server 401, where the service server 401 is further configured to query the database 404 according to the user information to determine whether the user has the operation authority corresponding to the operation control when the received verification result is that the verification is passed.
可选地,在一种是实施例中,数据库404还包括用户列表,业务服务器401接收验证服务器402发送的用户信息之后,还用于在用户列表中查询用户信息,其中,当在用户列表中查询不到用户信息时,将用户信息写入用户列表,并标记为待配置用户信息;前端403还用于在操作页面上显示权限配置操作控件;当用户具有权限配置操作控件对应的操作权限时,业务服务器401还用于向前端403返回用户列表中的待配置用户信息。Optionally, in one embodiment, the database 404 further includes a user list, and after receiving the user information sent by the verification server 402, the service server 401 is further configured to query the user information in the user list, wherein, when the user information is in the user list When the user information cannot be queried, the user information is written into the user list and marked as the user information to be configured; the front end 403 is also used to display the permission configuration operation control on the operation page; when the user has the operation permission corresponding to the permission configuration operation control , the service server 401 is further configured to return the user information to be configured in the user list to the front end 403 .
可选地,在一种是实施例中,权限配置信息包括第一对应关系、第二对应关系和第三对应关系,第一对应关系为标识用户信息与角色的对应关系,第二对应关系为标识角色与操作权限的对应关系,第三对应关系为标识操作权限与元素可见性的对应关系,业务服务器401根据用户信息查询数据库404,以获取元素可见性时,具体执行的步骤包括:在第一对应关系中查找与用户信息对应的若干角色;在第二对应关系中查找与每个角色对应的操作权限;在第三对应关系中查找与每种操作权限对应的元素可见性;汇总所有角色所对应的元素可见性。Optionally, in one embodiment, the authority configuration information includes a first corresponding relationship, a second corresponding relationship and a third corresponding relationship, the first corresponding relationship is the corresponding relationship between the identification user information and the role, and the second corresponding relationship is The corresponding relationship between the identification role and the operation authority, and the third corresponding relationship is the corresponding relationship between the identification operation authority and the element visibility. When the service server 401 queries the database 404 according to the user information to obtain the element visibility, the specific execution steps include: in the first step Find several roles corresponding to the user information in one correspondence; find the operation authority corresponding to each role in the second correspondence; find the element visibility corresponding to each operation authority in the third correspondence; summarize all roles Corresponding element visibility.
可选地,在一种是实施例中,前端403还用于在操作页面上隐藏元素可见性指示不可见的操作控件之后,在不可见的操作控件对应的位置显示预设的替代图标。Optionally, in one embodiment, the front end 403 is further configured to display a preset substitute icon at a position corresponding to the invisible operation control after hiding the operation control whose element visibility indicates that the element is invisible on the operation page.
实施例五Embodiment 5
本实施例还提供一种计算机设备,如可以执行程序的智能手机、平板电脑、笔记本电脑、台式计算机、机架式业务服务器、刀片式业务服务器、塔式业务服务器或机柜式业务服务器(包括独立的业务服务器,或者多个业务服务器所组成的业务服务器集群)等。如图5所示,本实施例的计算机设备01至少包括但不限于:可通过系统总线相互通信连接的存储器011、处理器012,如图5所示。需要指出的是,图5仅示出了具有组件存储器011和处理器012的计算机设备01,但是应理解的是,并不要求实施所有示出的组件,可以替代的实施更多或者更少的组件。This embodiment also provides a computer device, such as a smart phone, a tablet computer, a notebook computer, a desktop computer, a rack-type service server, a blade-type service server, a tower-type service server, or a cabinet-type service server (including independent business server, or a business server cluster composed of multiple business servers), etc. As shown in FIG. 5 , the computer device 01 in this embodiment at least includes but is not limited to: a memory 011 and a processor 012 that can be communicatively connected to each other through a system bus, as shown in FIG. 5 . It should be pointed out that FIG. 5 only shows the computer device 01 having the component memory 011 and the processor 012, but it should be understood that it is not required to implement all the shown components, and more or less may be implemented instead. components.
本实施例中,存储器011(即可读存储介质)包括闪存、硬盘、多媒体卡、卡型存储器(例如,SD或DX存储器等)、随机访问存储器(RAM)、静态随机访问存储器(SRAM)、只读存储器(ROM)、电可擦除可编程只读存储器(EEPROM)、可编程只读存储器(PROM)、磁性存储器、磁盘、光盘等。在一些实施例中,存储器011可以是计算机设备01的内部存储单元,例如该计算机设备01的硬盘或内存。在另一些实施例中,存储器011也可以是计算机设备01的外部存储设备,例如该计算机设备01上配备的插接式硬盘,智能存储卡(Smart Media Card,SMC),安全数字(Secure Digital,SD)卡,闪存卡(Flash Card)等。当然,存储器011还可以既包括计算机设备01的内部存储单元也包括其外部存储设备。本实施例中,存储器011通常用于存储安装于计算机设备01的操作系统和各类应用软件,例如实施例一的服务系统的前端页面控制方法的程序代码等。此外,存储器011还可以用于暂时地存储已经输出或者将要输出的各类数据。In this embodiment, the memory 011 (that is, a readable storage medium) includes flash memory, hard disk, multimedia card, card-type memory (for example, SD or DX memory, etc.), random access memory (RAM), static random access memory (SRAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), Programmable Read Only Memory (PROM), Magnetic Memory, Magnetic Disk, Optical Disk, etc. In some embodiments, the memory 011 may be an internal storage unit of the computer device 01 , such as a hard disk or a memory of the computer device 01 . In other embodiments, the memory 011 may also be an external storage device of the computer device 01, such as a plug-in hard disk, a smart memory card (Smart Media Card, SMC), a secure digital (Secure Digital, SD) card, flash memory card (Flash Card), etc. Of course, the memory 011 may also include both the internal storage unit of the computer device 01 and its external storage device. In this embodiment, the memory 011 is generally used to store the operating system and various application software installed in the computer device 01, for example, the program code of the front-end page control method of the service system of the first embodiment. In addition, the memory 011 can also be used to temporarily store various types of data that have been output or will be output.
处理器012在一些实施例中可以是中央处理器(Central Processing Unit,CPU)、控制器、微控制器、微处理器、或其他数据处理芯片。该处理器012通常用于控制计算机设备01的总体操作。本实施例中,处理器012用于运行存储器011中存储的程序代码或者处理数据,例如服务系统的前端页面控制方法等。The processor 012 may be a central processing unit (Central Processing Unit, CPU), a controller, a microcontroller, a microprocessor, or other data processing chips in some embodiments. The processor 012 is typically used to control the overall operation of the computer device 01 . In this embodiment, the processor 012 is configured to run program codes or process data stored in the memory 011, such as a front-end page control method of the service system, and the like.
实施例六Embodiment 6
本实施例六还提供一种计算机可读存储介质,如闪存、硬盘、多媒体卡、卡型存储器(例如,SD或DX存储器等)、随机访问存储器(RAM)、静态随机访问存储器(SRAM)、只读存储器(ROM)、电可擦除可编程只读存储器(EEPROM)、可编程只读存储器(PROM)、磁性存储器、磁盘、光盘、业务服务器、App应用商城等等,其上存储有计算机程序,程序被处理器执行时实现相应功能。本实施例的计算机可读存储介质用于存储服务系统,被处理器执行时实现实施例一的服务系统的前端页面控制方法。The sixth embodiment also provides a computer-readable storage medium, such as flash memory, hard disk, multimedia card, card-type memory (for example, SD or DX memory, etc.), random access memory (RAM), static random access memory (SRAM), Read-Only Memory (ROM), Electrically Erasable Programmable Read-Only Memory (EEPROM), Programmable Read-Only Memory (PROM), Magnetic Memory, Disk, Optical Disc, Service Server, App Store, etc., on which a computer is stored A program, when executed by a processor, implements a corresponding function. The computer-readable storage medium of this embodiment is used to store a service system, and when executed by a processor, implements the front-end page control method of the service system of Embodiment 1.
需要说明的是,在本文中,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者装置不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者装置所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括该要素的过程、方法、物品或者装置中还存在另外的相同要素。It should be noted that, herein, the terms "comprising", "comprising" or any other variation thereof are intended to encompass non-exclusive inclusion, such that a process, method, article or device comprising a series of elements includes not only those elements, It also includes other elements not expressly listed or inherent to such a process, method, article or apparatus. Without further limitation, an element qualified by the phrase "comprising a..." does not preclude the presence of additional identical elements in a process, method, article or apparatus that includes the element.
上述本发明实施例序号仅仅为了描述,不代表实施例的优劣。The above-mentioned serial numbers of the embodiments of the present invention are only for description, and do not represent the advantages or disadvantages of the embodiments.
通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到上述实施例方法可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件,但很多情况下前者是更佳的实施方式。From the description of the above embodiments, those skilled in the art can clearly understand that the method of the above embodiment can be implemented by means of software plus a necessary general hardware platform, and of course can also be implemented by hardware, but in many cases the former is better implementation.
以上仅为本发明的优选实施例,并非因此限制本发明的专利范围,凡是利用本发明说明书及附图内容所作的等效结构或等效流程变换,或直接或间接运用在其他相关的技术领域,均同理包括在本发明的专利保护范围内。The above are only preferred embodiments of the present invention, and are not intended to limit the scope of the present invention. Any equivalent structure or equivalent process transformation made by using the contents of the description and drawings of the present invention, or directly or indirectly applied in other related technical fields , are similarly included in the scope of patent protection of the present invention.
Claims (10)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910923664.8A CN110750765B (en) | 2019-09-27 | 2019-09-27 | Service system, front-end page control method thereof, computer device, and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910923664.8A CN110750765B (en) | 2019-09-27 | 2019-09-27 | Service system, front-end page control method thereof, computer device, and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110750765A true CN110750765A (en) | 2020-02-04 |
| CN110750765B CN110750765B (en) | 2022-03-01 |
Family
ID=69277264
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910923664.8A Active CN110750765B (en) | 2019-09-27 | 2019-09-27 | Service system, front-end page control method thereof, computer device, and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110750765B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111343168A (en) * | 2020-02-19 | 2020-06-26 | 深圳壹账通智能科技有限公司 | Identity authentication method and device, computer equipment and readable storage medium |
| CN112528198A (en) * | 2020-11-26 | 2021-03-19 | 福州智象信息技术有限公司 | Front-end-based detail authority control method, system, equipment and medium |
| CN113301045A (en) * | 2021-05-25 | 2021-08-24 | 四川虹魔方网络科技有限公司 | Login service access security control method |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050028105A1 (en) * | 2003-02-28 | 2005-02-03 | Scott Musson | Method for entitling a user interface |
| CN106201461A (en) * | 2016-06-27 | 2016-12-07 | 浪潮(北京)电子信息产业有限公司 | Generation method, system and the background server at a kind of interface |
| CN106911687A (en) * | 2017-02-20 | 2017-06-30 | 深圳国泰安教育技术股份有限公司 | A kind of page makeup control method and device |
| CN109669597A (en) * | 2018-10-31 | 2019-04-23 | 武汉艺果互动科技股份有限公司 | Front end authority control method, equipment and storage equipment when user browses web sites |
| CN109740379A (en) * | 2019-01-03 | 2019-05-10 | 山东浪潮通软信息科技有限公司 | A kind of front end authority control method |
| CN109815656A (en) * | 2018-12-11 | 2019-05-28 | 平安科技(深圳)有限公司 | Login authentication method, device, equipment and computer readable storage medium |
| CN110009314A (en) * | 2019-04-18 | 2019-07-12 | 武汉鼠标科技有限公司 | A kind of educational system and teaching platform of the behavioural analysis based on big data |
| CN110069730A (en) * | 2019-03-15 | 2019-07-30 | 平安城市建设科技(深圳)有限公司 | Front end page display control method, device, equipment and readable storage medium storing program for executing |
-
2019
- 2019-09-27 CN CN201910923664.8A patent/CN110750765B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050028105A1 (en) * | 2003-02-28 | 2005-02-03 | Scott Musson | Method for entitling a user interface |
| CN106201461A (en) * | 2016-06-27 | 2016-12-07 | 浪潮(北京)电子信息产业有限公司 | Generation method, system and the background server at a kind of interface |
| CN106911687A (en) * | 2017-02-20 | 2017-06-30 | 深圳国泰安教育技术股份有限公司 | A kind of page makeup control method and device |
| CN109669597A (en) * | 2018-10-31 | 2019-04-23 | 武汉艺果互动科技股份有限公司 | Front end authority control method, equipment and storage equipment when user browses web sites |
| CN109815656A (en) * | 2018-12-11 | 2019-05-28 | 平安科技(深圳)有限公司 | Login authentication method, device, equipment and computer readable storage medium |
| CN109740379A (en) * | 2019-01-03 | 2019-05-10 | 山东浪潮通软信息科技有限公司 | A kind of front end authority control method |
| CN110069730A (en) * | 2019-03-15 | 2019-07-30 | 平安城市建设科技(深圳)有限公司 | Front end page display control method, device, equipment and readable storage medium storing program for executing |
| CN110009314A (en) * | 2019-04-18 | 2019-07-12 | 武汉鼠标科技有限公司 | A kind of educational system and teaching platform of the behavioural analysis based on big data |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111343168A (en) * | 2020-02-19 | 2020-06-26 | 深圳壹账通智能科技有限公司 | Identity authentication method and device, computer equipment and readable storage medium |
| CN112528198A (en) * | 2020-11-26 | 2021-03-19 | 福州智象信息技术有限公司 | Front-end-based detail authority control method, system, equipment and medium |
| CN112528198B (en) * | 2020-11-26 | 2022-08-16 | 福州智象信息技术有限公司 | Front-end-based detail authority control method, system, equipment and medium |
| CN113301045A (en) * | 2021-05-25 | 2021-08-24 | 四川虹魔方网络科技有限公司 | Login service access security control method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110750765B (en) | 2022-03-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11329973B2 (en) | File format and platform for storage and verification of credentials | |
| US10114960B1 (en) | Identifying sensitive data writes to data stores | |
| WO2020181809A1 (en) | Data processing method and system based on interface checking, and computer device | |
| WO2021164459A1 (en) | Identity verification method and apparatus, computer device, and readable storage medium | |
| CN110750765B (en) | Service system, front-end page control method thereof, computer device, and storage medium | |
| CN108256303A (en) | Electronic device, auth method and storage medium | |
| CN111131221A (en) | Interface checking device, method and storage medium | |
| CN107729768B (en) | Page display method and device, intelligent panel and storage medium | |
| CN109726041B (en) | Method, apparatus and computer readable medium for restoring files in a virtual machine disk | |
| WO2019075966A1 (en) | Data operation permission isolation method, application server and computer readable storage medium | |
| CN111651749B (en) | Method, device, computer equipment and storage medium for retrieving account based on password | |
| US20060047783A1 (en) | Methods and apparatuses for automatically selecting a profile | |
| WO2019169771A1 (en) | Electronic device, access instruction information acquisition method and storage medium | |
| EP1542135B1 (en) | A method which is able to centralize the administration of the user registered information across networks | |
| CN101069154A (en) | Non-intrusive trusted user interface | |
| CN106685945B (en) | Service request processing method, service handling number verification method and terminal thereof | |
| EP2728503B1 (en) | Information processing device, control method therefor, program, and information storage medium | |
| CN106851613A (en) | Service request method, the verification method of business handling number and its terminal | |
| CN112528305B (en) | Access control method, device, electronic equipment and storage medium | |
| CN108241732B (en) | Electronic device, information processing method, and storage medium | |
| JP5341695B2 (en) | Information processing system, information processing method, and program | |
| US20020120862A1 (en) | Information system | |
| CN114266072A (en) | A rights distribution control method, device, electronic device and storage medium | |
| CN105550597A (en) | Information scanning based terminal management method and apparatus | |
| CN117155536B (en) | Transaction management method, device, equipment and readable storage medium of intelligent contract |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder | ||
| CP01 | Change in the name or title of a patent holder |
Address after: Room 332, 3 / F, Building 102, 28 xinjiekouwei street, Xicheng District, Beijing 100088 Patentee after: QAX Technology Group Inc. Patentee after: Qianxin Wangshen information technology (Beijing) Co.,Ltd. Address before: Room 332, 3 / F, Building 102, 28 xinjiekouwei street, Xicheng District, Beijing 100088 Patentee before: QAX Technology Group Inc. Patentee before: LEGENDSEC INFORMATION TECHNOLOGY (BEIJING) Inc. |