CN110780876A - Web development front-end and back-end separation authority control method and system - Google Patents
Web development front-end and back-end separation authority control method and system Download PDFInfo
- Publication number
- CN110780876A CN110780876A CN201911035231.5A CN201911035231A CN110780876A CN 110780876 A CN110780876 A CN 110780876A CN 201911035231 A CN201911035231 A CN 201911035231A CN 110780876 A CN110780876 A CN 110780876A
- Authority
- CN
- China
- Prior art keywords
- role
- menu
- interface
- functions
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000011161 development Methods 0.000 title claims abstract description 42
- 238000000034 method Methods 0.000 title claims abstract description 41
- 238000000926 separation method Methods 0.000 title claims abstract description 38
- 238000012545 processing Methods 0.000 claims description 4
- 230000004048 modification Effects 0.000 description 5
- 238000012986 modification Methods 0.000 description 5
- 235000014510 cooky Nutrition 0.000 description 4
- 230000008878 coupling Effects 0.000 description 4
- 238000010168 coupling process Methods 0.000 description 4
- 238000005859 coupling reaction Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 230000003247 decreasing effect Effects 0.000 description 3
- 238000013461 design Methods 0.000 description 3
- 238000004590 computer program Methods 0.000 description 2
- 239000012141 concentrate Substances 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000013515 script Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/30—Creation or generation of source code
- G06F8/38—Creation or generation of source code for implementing user interfaces
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/958—Organisation or management of web site content, e.g. publishing, maintaining pages or automatic linking
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
Abstract
The application discloses a method and a system for controlling front-end and back-end separation authority of web development, which relate to the technical field of web system authority control and comprise the following steps: creating roles; initializing a service package and interface data corresponding to the service package; initializing functions and functional interface data corresponding to each function; initializing menu and menu functions; initializing a role menu; initializing a role menu function; initializing an interface which can be called by a role; and (3) performing role authority control judgment: when a user calls an interface, the back end acquires the role of the user; and inquiring an interface list which can be called by the user role, and judging whether the calling can be carried out according to the interface list which can be called by the user role. According to the method and the device, the service logic and the authority control part of the interface are decoupled, the back-end interface only needs to realize the service logic, and when the interfaces need to be increased or reduced, only the corresponding relation between the functions and the interfaces needs to be modified, so that the control method for calling the authority of the interfaces can be simplified, and the complexity of authority control is reduced.
Description
Technical Field
The application relates to the technical field of web system authority control, in particular to a method and a system for controlling front-end and back-end separation authority of web development.
Background
In web development, a front end and a back end are separated into mainstream technologies, and all interfaces provided by the back end can be seen by the front end through defining the interfaces, generating js (javascript) scripts and interface documents by the back end, so that any interface of the back end can be called by the front end according to the documents, and data interaction of the front end and the back end is realized. By decoupling the front end and the back end separately, although the development efficiency can be improved, in consideration of safety, when a user calls the back end interface, whether the user has the right to call the interface is judged, that is, the right control is required to be performed on the interface call.
The authority control method in the prior art is divided into two modules, namely a menu module and an interface module, wherein the two modules are not related, the menu authority control granularity is thicker, the interface authority control granularity is too thin, when a part of functions in the menu are opened for a certain role, the menu must be opened, then the realization interfaces of the part of functions in the menu are opened, customized page development must be carried out aiming at different roles, and the opening of the part of functions in the menu cannot be realized through general configuration. Moreover, when an interface needs to be added or deleted, all related roles need to reconfigure the interface authority.
Disclosure of Invention
In view of this, the application provides a design method and system for front-end and back-end separation authority control of web development, by decoupling an interface service logic and an authority control part, a back-end interface only needs to implement the service logic, and when an interface needs to be increased or decreased, only the corresponding relation between functions and the interface needs to be modified, so that a control method for interface calling authority can be simplified, and the authority control complexity is reduced.
In order to solve the technical problem, the following technical scheme is adopted:
on one hand, the application provides a method for controlling front-end and back-end separation authority of web development, which comprises the following steps:
creating a role, wherein the role comprises a permission set, and the permission set comprises a plurality of permissions;
initializing service packages and interface data corresponding to the service packages, wherein each service package comprises a plurality of interfaces;
initializing functions and functional interface data corresponding to the functions, wherein the functions are defined according to business logic, and all interfaces required to be called for realizing the functions are defined;
initializing menu and menu functions, including setting menu names, levels, pictures and the relation between the menus and a superior menu, and setting all function lists of pages corresponding to each menu;
initializing a role menu, wherein the role menu comprises a menu which can be accessed by a set role;
initializing a role menu function, including setting the menu function that the role can access;
initializing interfaces which can be called by the roles, and generating an interface list which can be called by the roles;
and (3) performing role authority control judgment: when a user calls an interface, the back end acquires the role of the user; and inquiring the interface list which can be called by the user role, and judging whether the calling can be carried out according to the interface list which can be called by the user role.
Optionally, wherein:
further comprising: the function of the page is set up,
the page function setting specifically comprises the following steps: the front end transmits a current menu id, the back end acquires the role of the user, inquires the role menu function, and returns a function list which can be accessed by the role in the current menu to the front end; and the front end sets the interface state according to the received function list.
Optionally, wherein:
the front end sets an interface state according to the received function list, and specifically comprises the following steps: and the front end displays the functions which can be accessed by the roles in the current menu according to the received function list and hides the functions which cannot be accessed by the roles.
Optionally, wherein:
the front end sets an interface state according to the received function list, and specifically comprises the following steps: and the front end displays the functions which can be accessed by the role as operable icons and displays the functions which cannot be accessed by the role as inoperable icons according to the received function list.
Optionally, wherein:
the back end acquires the role of the user, specifically: and acquiring the user identity according to the session id, and determining the role of the user according to the user identity.
Optionally, wherein:
the initializing the interface that the role can be called specifically includes: and acquiring the menu function which can be accessed by the role, acquiring functional interface data according to the menu function which can be accessed by the role, and acquiring an interface list which can be called by the role according to the functional interface data.
On the other hand, the application also provides a front-end and back-end separation authority control system for web development, which comprises:
the role creating module is used for creating roles, wherein the roles comprise a permission set, and the permission set comprises a plurality of permissions;
the device comprises an initialization module, a data processing module and a data processing module, wherein the initialization module is used for initializing service packages and interface data corresponding to the service packages, and each service package comprises a plurality of interfaces; the system is also used for initializing functions and functional interface data corresponding to the functions, wherein the functions are defined according to business logic, and all interfaces required to be called for realizing the functions are defined; the system is also used for initializing menu and menu functions, including setting menu names, levels, pictures and the relation between the menus and a superior menu, and setting all function lists of pages corresponding to each menu;
the initialization module is also used for initializing a role menu, including a menu which can be accessed by setting roles; the method is also used for initializing role menu functions, including setting the menu functions which can be accessed by the roles; the role calling interface is also used for initializing the role calling interface and generating a role calling interface list;
the judging module is used for carrying out role authority control judgment: when a user calls an interface, the back end acquires the role of the user; and inquiring the interface list which can be called by the user role, and judging whether the calling can be carried out according to the interface list which can be called by the user role.
Optionally, wherein:
further comprising: a page function setting module for setting the function of the page,
the page function setting module is used for leading a front end to transmit a current menu id, leading a back end to obtain the role of the user, inquiring the role menu function and returning a function list which can be accessed by the role in the current menu to the front end; and the front end is also used for setting the interface state according to the received function list.
Optionally, wherein:
the system also comprises a role determination module which is used for acquiring the user identity according to the session id and determining the role of the user according to the user identity.
Compared with the prior art, the design method and the system for controlling the separation authority of the front end and the back end of the web development achieve the following effects:
(1) according to the method and the system for controlling the front-end and back-end separation authority of the web development, the role function entrance is determined through menu definition, the functions which can be used in the corresponding pages of each menu are determined through menu function definition, and the role definition authority is defined as the function set to be independent of a specific interface.
(2) According to the method and the system for controlling the front-end and back-end separation authority of web development, when the system is initialized, the list of the callable interfaces of the roles is generated according to the roles, the menus, the menu functions, the function interfaces and the corresponding relations between the role menus and the role menu functions, so that when the authority interception judgment is carried out, whether a user can access the callable interfaces can be quickly determined only by inquiring the list of the callable interfaces of the roles, whether the user is allowed to call the interfaces is judged, only business logic needs to be realized by the back-end interface through decoupling the business logic of the interfaces and the authority control part, the control method for calling the authorities of the interfaces can be simplified, and the complexity of authority control is reduced.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:
fig. 1 is a flowchart illustrating a method for controlling front-end and back-end separation rights in web development according to an embodiment of the present application;
fig. 2 is another flowchart illustrating a method for controlling front-end and back-end separation rights in web development according to an embodiment of the present application;
FIG. 3 is a flowchart illustrating page function setup provided by an embodiment of the present application;
FIG. 4 is a flow diagram of an initialize role callable interface provided by an embodiment of the present application;
fig. 5 is a schematic structural diagram of a front-end and back-end separation authority control system for web development according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of another web development front-end and back-end separation authority control system according to an embodiment of the present application.
Detailed Description
As used in the specification and in the claims, certain terms are used to refer to particular components. As one skilled in the art will appreciate, manufacturers may refer to a component by different names. This specification and claims do not intend to distinguish between components that differ in name but not function. In the following description and in the claims, the terms "include" and "comprise" are used in an open-ended fashion, and thus should be interpreted to mean "include, but not limited to. "substantially" means within an acceptable error range, and a person skilled in the art can solve the technical problem within a certain error range to substantially achieve the technical effect. Furthermore, the term "coupled" is intended to encompass any direct or indirect electrical coupling. Thus, if a first device couples to a second device, that connection may be through a direct electrical coupling or through an indirect electrical coupling via other devices and couplings. The description which follows is a preferred embodiment of the present application, but is made for the purpose of illustrating the general principles of the application and not for the purpose of limiting the scope of the application. The protection scope of the present application shall be subject to the definitions of the appended claims.
The authority control method in the prior art is divided into two modules, namely a menu module and an interface module, wherein the two modules are not related, the menu authority control granularity is coarse, the interface authority control granularity is too fine, when a part of functions in the menu are opened for a certain role, the menu must be opened, then the realization interfaces of the part of functions in the menu are opened, customized development must be carried out for different roles, and the opening of the part of functions in the menu cannot be realized through universal configuration. Moreover, when an interface needs to be added or deleted, all related roles need to reconfigure the interface authority.
In view of this, the application provides a design method and system for front-end and back-end separation authority control of web development, by decoupling an interface service logic and an authority control part, a back-end interface only needs to implement the service logic, and when an interface needs to be increased or decreased, only the corresponding relation between functions and the interface needs to be modified, so that a control method for interface calling authority can be simplified, and the authority control complexity is reduced.
The following detailed description is to be read in connection with the drawings and the detailed description.
Fig. 1 is a flowchart illustrating a method for controlling a front-end and back-end separation right of web development according to an embodiment of the present application, and referring to fig. 1, the method for controlling the front-end and back-end separation right of web development according to the embodiment of the present application includes:
step 10: creating a role, wherein the role comprises a permission set, and the permission set comprises a plurality of permissions;
step 20: initializing service packages and interface data corresponding to the service packages, wherein each service package comprises a plurality of interfaces;
step 30: initializing functions and functional interface data corresponding to the functions, wherein the functions are defined according to business logic, and all interfaces required to be called for realizing the functions are defined;
step 40: initializing menu and menu functions, including setting menu names, levels, pictures and the relation between the menus and a superior menu, and setting all function lists of pages corresponding to each menu;
step 50: initializing a role menu, wherein the role menu comprises a menu which can be accessed by a set role;
step 60: initializing a role menu function, wherein the role menu function comprises a menu function which can be accessed by a set role;
step 70: initializing interfaces which can be called by roles, and generating an interface list which can be called by the roles;
step 80: and (3) performing role authority control judgment: when a user calls an interface, the back end acquires the role of the user; and inquiring an interface list which can be called by the user role, and judging whether the calling can be carried out according to the interface list which can be called by the user role.
Specifically, referring to fig. 1, in the method for controlling front-end and back-end separation permissions in web development provided in the embodiment of the present application, role creation is performed through step 10, one role may include multiple permissions, and one user may correspond to multiple different roles, when permission modification needs to be performed on a user, only permission of the role may be modified, and after permission modification of the role, permission of the user is also modified correspondingly; after the role is created, initializing the service package and the interface data corresponding to the service package through step 20, setting the relevant interfaces in one service package, which is convenient for management and slice interception, and using the interfaces as the execution entities of the front-end calling method and the back-end for realizing the specific business logic; then, through step 30, initializing functions and functional interface data corresponding to each function, wherein the function is the minimum unit in the service authority management, the function definition is carried out according to the service logic, and the functional interfaces are a set of all interfaces which must be called to realize one function; the method comprises the steps of initializing a menu and menu functions through step 40, wherein the menu is an entrance accessed by a user, the menu is divided into multiple levels, the menu initialization comprises menu names, levels, pictures and relations among the menus at all levels, the menu functions refer to a set of all functions in a page opened by the menu, the role function entrance is determined through menu definition, the functions which can be used in the corresponding page of each menu are determined through menu function definition, and as the authority of a role is the set of the functions and is irrelevant to a specific interface, when the interface is required to be increased or decreased, the role authority can be determined only by modifying the corresponding relation between the functions and the interface, so that the role authority definition is simple.
Initializing a role menu through step 50, setting menus that can be accessed by each role in the initialization process, and defining the menus that can be accessed by each role as the role menu; initializing role menu functions, setting a set of functions in the menu that a role can access, via step 60; initializing interfaces which can be called by roles through step 70 to form a list of interfaces which can be called and correspond to each role; after all initialization steps are completed, the role authority is judged through step 80, when a user calls an interface, interception is carried out through slice programming, wherein a slice programming interception point is defined in a service package, so that interception can be triggered when the interface is called under the service package, the back end obtains the role of the user, inquires an interface list which can be called by the role and judges whether the current role of the user can call the interface. When the system is initialized, the list of the callable interfaces of the role is generated according to the role, the menu function, the function interface and the corresponding relation between the role menu and the role menu function, so that when the authority interception judgment is carried out, whether a user can access can be quickly determined only by inquiring the callable interface list of the role, whether the user is allowed to call the interface is judged, the rear-end interface only needs to concentrate on realizing the service logic through decoupling the service logic of the interface and the authority control part, the control method of the interface calling authority can be simplified, and the complexity of the authority control is reduced.
Optionally, referring to fig. 2 and fig. 3, fig. 2 is another flowchart of a method for controlling a front-end and back-end separation right of web development provided in an embodiment of the present application, and fig. 3 is a flowchart of a page function setting provided in an embodiment of the present application, where the method for controlling a front-end and back-end separation right of web development provided in an embodiment of the present application further includes step 90: the page function setting specifically comprises the following steps: the front end transmits a current menu id, the back end acquires the role of the user, inquires the role menu function, and returns a function list which can be accessed by the role in the current menu to the front end; and the front end sets the interface state according to the received function list. Specifically, the embodiment of the present application further provides setting of a general page function, after determining the authority of the user role calling interface, the front end sends the menu id of the page where the user role is currently located to the back end, the back end obtains the user role, queries the role menu function of the user role according to the user role, obtains a function list that the user role can access in the current menu and sends the function list to the front end, the front end sets a page state according to the received function that the user role can access in the current menu, so that after different roles enter the page, functions displayed on the menu are different, and accordingly, the authority of the user role can be intuitively reflected through the menu page. The operation of the user is convenient.
Optionally, in step 90, the front end sets an interface state according to the received function list, specifically: and the front end displays the functions which can be accessed by the roles in the current menu according to the received function list and hides the functions which cannot be accessed by the roles. Specifically, when the front end sets the interface state, according to the received function list which can be accessed by the user role in the current menu, the functions which can be accessed by the user role are displayed in the menu page, and the functions which cannot be accessed are hidden.
Optionally, in step 90, the front end sets an interface state according to the received function list, specifically: and the front end displays the functions which can be accessed by the role as operable icons and displays the functions which cannot be accessed by the role as inoperable icons according to the received function list. Specifically, when the front end sets the interface state, according to a received function list that a user role can access in a current menu, the function that the user role can access is set as an operable icon, and an icon that the role cannot access is set as an inoperable icon, for example, the function that can be accessed is set as highlighted display, and the function that cannot be accessed is set as gray, so that after any role enters a page, the function list displayed on the menu is the same, but for different roles, each function can be displayed as an operable state or an inoperable state according to the access authority of the role, thereby realizing the authority control of the role.
Optionally, referring to fig. 1 to fig. 3, in step 80 and step 90, the obtaining, by the back end, a role of the user specifically includes: and acquiring the user identity according to the session id, and determining the role of the user according to the user identity. Specifically, when a user accesses a web through a web browser, a session id returned by a server is written into a cookie of the browser, when the browser accesses the same site next time, the session id stored in the cookie can be automatically taken, and the server identifies the user identity according to the session id.
Optionally, referring to fig. 4, fig. 4 is a flowchart illustrating an interface that can be called by initializing a role according to an embodiment of the present application, where in step 70, the interface that can be called by initializing a role specifically includes: and acquiring a menu function which can be accessed by the role, acquiring functional interface data according to the menu function which can be accessed by the role, and acquiring an interface list which can be called by the role according to the functional interface data. Specifically, when initializing an interface that can be called by a role, first, functions that can be accessed by the role in each menu are acquired, and for a function list that can be accessed by the role, interfaces to be called for implementing all accessible functions are acquired, so that an interface list that can be called by the role is acquired, a calling sequence between the role and the interfaces is formed, and control of role authority is simplified.
Based on the same inventive concept, the present application further provides a web development front-end and back-end separation right control system, fig. 5 is a schematic structural diagram of the web development front-end and back-end separation right control system provided in the embodiment of the present application, please refer to fig. 5, where the web development front-end and back-end separation right control system 100 provided in the embodiment of the present application includes:
a role creating module 110, configured to create a role, where the role includes a permission set, and the permission set includes multiple permissions;
an initialization module 120, configured to initialize service packages and interface data corresponding to the service packages, where each service package includes a plurality of interfaces; the system is also used for initializing functions and functional interface data corresponding to the functions, wherein the functions are defined according to business logic, and all interfaces required to be called for realizing the functions are defined; the system is also used for initializing menu and menu functions, including setting menu names, levels, pictures and the relation between the menus and a superior menu, and setting all function lists of pages corresponding to each menu;
the initialization module 120 is further configured to initialize a role menu, including a menu accessible by setting a role; the role menu function is also used for initializing role menu functions, including setting the role accessible menu functions; the role calling module is also used for initializing interfaces which can be called by roles and generating an interface list which can be called by the roles;
a judging module 130, configured to perform role authority control judgment: when a user calls an interface, the back end acquires the role of the user; and inquiring an interface list which can be called by the user role, and judging whether the calling can be carried out according to the interface list which can be called by the user role.
Specifically, referring to fig. 5, the web development front-end and back-end separation permission control system provided in the embodiment of the present application includes a role creation module 110, an initialization module 120, and a determination module 130, where roles are created by the role creation module 110, one role may include multiple permissions, and one user may correspond to multiple different roles, when a permission modification needs to be performed on a user, only the permission of the role may be modified, and after the permission of the role is modified, the permission of the user is also modified correspondingly; after the role is created, the initialization module 120 initializes the service package, the interface data, the functions, the function interface data corresponding to each function, the menu and the menu function, and sets the related interfaces in one service package, so that the management and slice interception can be facilitated; the function is the minimum unit in the service authority management, the function definition is carried out according to the service logic, and the function interface is the set of all interfaces which need to be called for realizing one function; the menu is an entrance accessed by a user, the menu is divided into multiple levels, the menu initialization comprises menu names, levels, pictures and relations among the menus at all levels, the menu function refers to a set of all functions in a page opened by the menu, the role function entrance is determined through the menu definition, the functions which can be used in the corresponding page of each menu are determined through the menu function definition, and as the role authority is the set of the functions and is irrelevant to a specific interface, when the interface is required to be increased or reduced, the role authority can be determined only by modifying the corresponding relation between the functions and the interface, so that the role authority definition is simple.
Meanwhile, the initialization module 120 initializes a role menu, role menu functions and interfaces that roles can call, sets menus that each role can access during initialization, defines the menus that each role can access as the role menu, and sets a set of functions in the menus that the role can access to form a callable interface list corresponding to each role; after all initialization steps are completed, the judgment module 130 judges the role authority, when a user calls an interface, the back end acquires the role of the user, inquires an interface list that can be called by the role, and judges whether the current role of the user can call the interface. When the system is initialized, the list of the callable interfaces of the role is generated according to the role, the menu function, the function interface and the corresponding relation between the role menu and the role menu function, so that when the authority interception judgment is carried out, whether a user can access can be quickly determined only by inquiring the callable interface list of the role, whether the user is allowed to call the interface is judged, the rear-end interface only needs to concentrate on realizing the service logic through decoupling the service logic of the interface and the authority control part, the control method of the interface calling authority can be simplified, and the complexity of the authority control is reduced.
Optionally, referring to fig. 6, fig. 6 is a schematic view showing another structure of a web development front-end and back-end separation permission control system provided in an embodiment of the present application, where the web development front-end and back-end separation permission control system provided in the embodiment of the present application further includes a page function setting module 140, the page function setting module 140 is configured to enable a front end to transmit a current menu id, a back end to obtain a role of a user, query a role menu function, and return a function list that the role can access in the current menu to the front end; and the front end is also used for setting the interface state according to the received function list. Specifically, the embodiment of the present application further includes a page function setting module 140, after the authority of the user role calling interface is judged by the page function setting module 140, the front end sends the menu id of the page where the user role is currently located to the back end, the back end obtains the user role, queries the role menu function of the user role, obtains a function list that the user role can access in the current menu and sends the function list to the front end, the front end sets the page state according to the received function that the user role can access in the current menu, so that after different roles enter the page, the functions displayed on the menu are different, and thus the authority of the user role can be intuitively embodied through the menu page. The operation of the user is convenient.
Optionally, the web development front-end and back-end separation authority control system provided in the embodiment of the present application further includes a role determination module 150, configured to obtain a user identity according to the session id, and determine a role of the user according to the user identity. Specifically, when a user accesses a web through a web browser, a session id returned by a server is written into a cookie of the browser, when the browser accesses the same site next time, the session id stored in the cookie can be automatically taken, and the server identifies the user identity according to the session id.
According to the embodiments, the application has the following beneficial effects:
(1) according to the method and the system for controlling the front-end and back-end separation authority of the web development, the role function entrance is determined through menu definition, the functions which can be used in the corresponding pages of each menu are determined through the menu function definition, and the role authority is defined as the function set to be independent of a specific interface.
(2) According to the method and the system for controlling the front-end and back-end separation authority of web development, when the system is initialized, the list of the callable interfaces of the roles is generated according to the roles, the menus, the menu functions, the function interfaces and the corresponding relations between the role menus and the role menu functions, so that when the authority interception judgment is carried out, whether a user can access the callable interfaces can be quickly determined only by inquiring the list of the callable interfaces of the roles, whether the user is allowed to call the interfaces is judged, only business logic needs to be realized by the back-end interface through decoupling the business logic of the interfaces and the authority control part, the control method for calling the authorities of the interfaces can be simplified, and the complexity of authority control is reduced.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, apparatus, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The foregoing description shows and describes several preferred embodiments of the present application, but as aforementioned, it is to be understood that the application is not limited to the forms disclosed herein, but is not to be construed as excluding other embodiments and is capable of use in various other combinations, modifications, and environments and is capable of changes within the scope of the inventive concept as expressed herein, commensurate with the above teachings, or the skill or knowledge of the relevant art. And that modifications and variations may be effected by those skilled in the art without departing from the spirit and scope of the application, which is to be protected by the claims appended hereto.
Claims (9)
1. A method for controlling front-end and back-end separation authority of web development is characterized by comprising the following steps:
creating a role, wherein the role comprises a permission set, and the permission set comprises a plurality of permissions;
initializing service packages and interface data corresponding to the service packages, wherein each service package comprises a plurality of interfaces;
initializing functions and functional interface data corresponding to the functions, wherein the functions are defined according to business logic, and all interfaces required to be called for realizing the functions are defined;
initializing menu and menu functions, including setting menu names, levels, pictures and the relation between the menus and a superior menu, and setting all function lists of pages corresponding to each menu;
initializing a role menu, wherein the role menu comprises a menu which can be accessed by a set role;
initializing a role menu function, including setting the menu function that the role can access;
initializing interfaces which can be called by the roles, and generating an interface list which can be called by the roles;
and (3) performing role authority control judgment: when a user calls an interface, the back end acquires the role of the user; and inquiring the interface list which can be called by the user role, and judging whether the calling can be carried out according to the interface list which can be called by the user role.
2. The web development front-end and back-end separation authority control method according to claim 1, further comprising: the function of the page is set up,
the page function setting specifically comprises the following steps: the front end transmits a current menu id, the back end acquires the role of the user, inquires the role menu function, and returns a function list which can be accessed by the role in the current menu to the front end; and the front end sets the interface state according to the received function list.
3. The method for controlling the front-end and back-end separation authority in web development according to claim 2, wherein the front-end sets an interface state according to the received function list, specifically: and the front end displays the functions which can be accessed by the roles in the current menu according to the received function list and hides the functions which cannot be accessed by the roles.
4. The method for controlling the front-end and back-end separation authority in web development according to claim 2, wherein the front-end sets an interface state according to the received function list, specifically: and the front end displays the functions which can be accessed by the role as operable icons and displays the functions which cannot be accessed by the role as inoperable icons according to the received function list.
5. The method for controlling the front-end and back-end separation authority of web development according to claim 2, wherein the back-end obtains the role of the user, specifically: and acquiring the user identity according to the session id, and determining the role of the user according to the user identity.
6. The method for controlling the front-end and back-end separation authority of web development according to claim 1, wherein initializing the interface that the role can call specifically comprises: and acquiring the menu function which can be accessed by the role, acquiring functional interface data according to the menu function which can be accessed by the role, and acquiring an interface list which can be called by the role according to the functional interface data.
7. A web development front-end and back-end separation authority control system is characterized by comprising:
the role creating module is used for creating roles, wherein the roles comprise a permission set, and the permission set comprises a plurality of permissions;
the device comprises an initialization module, a data processing module and a data processing module, wherein the initialization module is used for initializing service packages and interface data corresponding to the service packages, and each service package comprises a plurality of interfaces; the system is also used for initializing functions and functional interface data corresponding to the functions, wherein the functions are defined according to business logic, and all interfaces required to be called for realizing the functions are defined; the system is also used for initializing menu and menu functions, including setting menu names, levels, pictures and the relation between the menus and a superior menu, and setting all function lists of pages corresponding to each menu;
the initialization module is also used for initializing a role menu, including a menu which can be accessed by setting roles; the method is also used for initializing role menu functions, including setting the menu functions which can be accessed by the roles; the role calling interface is also used for initializing the role calling interface and generating a role calling interface list;
the judging module is used for carrying out role authority control judgment: when a user calls an interface, the back end acquires the role of the user; and inquiring the interface list which can be called by the user role, and judging whether the calling can be carried out according to the interface list which can be called by the user role.
8. The web development front-end and back-end separation authority control system according to claim 7, further comprising: a page function setting module for setting the function of the page,
the page function setting module is used for leading a front end to transmit a current menu id, leading a back end to obtain the role of the user, inquiring the role menu function and returning a function list which can be accessed by the role in the current menu to the front end; and the front end is also used for setting the interface state according to the received function list.
9. The web development front-end and back-end separation authority control system according to claim 7, further comprising a role determination module for obtaining a user identity according to a session id and determining the role of the user according to the user identity.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911035231.5A CN110780876A (en) | 2019-10-29 | 2019-10-29 | Web development front-end and back-end separation authority control method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911035231.5A CN110780876A (en) | 2019-10-29 | 2019-10-29 | Web development front-end and back-end separation authority control method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110780876A true CN110780876A (en) | 2020-02-11 |
Family
ID=69387296
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911035231.5A Pending CN110780876A (en) | 2019-10-29 | 2019-10-29 | Web development front-end and back-end separation authority control method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110780876A (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112257091A (en) * | 2020-10-28 | 2021-01-22 | 南开大学 | Authority control method based on front-end and back-end separation |
| CN112968880A (en) * | 2021-02-01 | 2021-06-15 | 浪潮思科网络科技有限公司 | SDN architecture-based permission control method and system |
| CN113312049A (en) * | 2021-06-11 | 2021-08-27 | 浪潮云信息技术股份公司 | Front-end dynamic routing implementation method |
| CN113467860A (en) * | 2021-06-22 | 2021-10-01 | 上海星融汽车科技有限公司 | Method and device for executing service logic of program source code |
| CN113900841A (en) * | 2021-12-09 | 2022-01-07 | 杭州安恒信息技术股份有限公司 | API interface authority management and API interface calling method and related device |
| CN115906187A (en) * | 2023-02-22 | 2023-04-04 | 山东经伟晟睿数据技术有限公司 | User authority control method and system combining function authority and interface authority |
| WO2023087278A1 (en) * | 2021-11-19 | 2023-05-25 | 国云科技股份有限公司 | Cloud platform permission setting method and apparatus, terminal device, and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130111562A1 (en) * | 2011-10-31 | 2013-05-02 | Electronics And Telecommunications Research Institute | Method and apparatus for delivering application service using pre-configured access control corresponding to organizational hierarchy |
| CN107257337A (en) * | 2017-06-15 | 2017-10-17 | 重庆扬讯软件技术股份有限公司 | A kind of shared authority control method of multiterminal and its system |
| CN107342992A (en) * | 2017-06-27 | 2017-11-10 | 努比亚技术有限公司 | A kind of System right management method, apparatus and computer-readable recording medium |
| CN109165486A (en) * | 2018-08-27 | 2019-01-08 | 四川长虹电器股份有限公司 | A kind of configurable interface access right control method |
| CN109214151A (en) * | 2018-09-28 | 2019-01-15 | 北京赛博贝斯数据科技有限责任公司 | The control method and system of user right |
| CN110287709A (en) * | 2019-05-22 | 2019-09-27 | 深圳壹账通智能科技有限公司 | User's operation authority control method, device, equipment and medium |
-
2019
- 2019-10-29 CN CN201911035231.5A patent/CN110780876A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130111562A1 (en) * | 2011-10-31 | 2013-05-02 | Electronics And Telecommunications Research Institute | Method and apparatus for delivering application service using pre-configured access control corresponding to organizational hierarchy |
| CN107257337A (en) * | 2017-06-15 | 2017-10-17 | 重庆扬讯软件技术股份有限公司 | A kind of shared authority control method of multiterminal and its system |
| CN107342992A (en) * | 2017-06-27 | 2017-11-10 | 努比亚技术有限公司 | A kind of System right management method, apparatus and computer-readable recording medium |
| CN109165486A (en) * | 2018-08-27 | 2019-01-08 | 四川长虹电器股份有限公司 | A kind of configurable interface access right control method |
| CN109214151A (en) * | 2018-09-28 | 2019-01-15 | 北京赛博贝斯数据科技有限责任公司 | The control method and system of user right |
| CN110287709A (en) * | 2019-05-22 | 2019-09-27 | 深圳壹账通智能科技有限公司 | User's operation authority control method, device, equipment and medium |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112257091A (en) * | 2020-10-28 | 2021-01-22 | 南开大学 | Authority control method based on front-end and back-end separation |
| CN112968880A (en) * | 2021-02-01 | 2021-06-15 | 浪潮思科网络科技有限公司 | SDN architecture-based permission control method and system |
| CN112968880B (en) * | 2021-02-01 | 2022-07-12 | 浪潮思科网络科技有限公司 | SDN architecture-based permission control method and system |
| CN113312049A (en) * | 2021-06-11 | 2021-08-27 | 浪潮云信息技术股份公司 | Front-end dynamic routing implementation method |
| CN113467860A (en) * | 2021-06-22 | 2021-10-01 | 上海星融汽车科技有限公司 | Method and device for executing service logic of program source code |
| CN113467860B (en) * | 2021-06-22 | 2024-01-19 | 上海星融汽车科技有限公司 | Service logic execution method and device of program source code |
| WO2023087278A1 (en) * | 2021-11-19 | 2023-05-25 | 国云科技股份有限公司 | Cloud platform permission setting method and apparatus, terminal device, and storage medium |
| CN113900841A (en) * | 2021-12-09 | 2022-01-07 | 杭州安恒信息技术股份有限公司 | API interface authority management and API interface calling method and related device |
| CN115906187A (en) * | 2023-02-22 | 2023-04-04 | 山东经伟晟睿数据技术有限公司 | User authority control method and system combining function authority and interface authority |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110780876A (en) | Web development front-end and back-end separation authority control method and system | |
| US9448700B2 (en) | Sharing services | |
| US8261361B2 (en) | Enabling sharing of mobile communication device | |
| US20140242945A1 (en) | Method and system for monitoring application program of mobile device | |
| AU2011286026B2 (en) | Input to locked computing device | |
| US11304246B2 (en) | Proximity-based pairing and operation of user-specific companion devices | |
| US20130104050A1 (en) | Method and terminal for changing user operation interface | |
| US20180188921A1 (en) | Method and system for enabling the sharing of information between applications on a computing device | |
| US20200142715A1 (en) | Preloading of Application on a User Device Based on Content Received by the User Device | |
| EP3205066B1 (en) | Client-assisted fulfillment of a resource request | |
| US20120302210A1 (en) | System, method, and program for generating screen | |
| US10579411B2 (en) | Loading and running virtual working environments in a mobile device management system | |
| US8578283B2 (en) | Suppressing unwanted UI experiences | |
| US20180101574A1 (en) | Searching index information for application data | |
| CN113641983A (en) | Account binding method, device and system for application program | |
| US20210271491A1 (en) | Application processing method, device, electronic device and storage medium | |
| WO2021146267A1 (en) | Generating and presenting contextual user interfaces on devices with foldable displays | |
| CN114586005A (en) | System and method for hosting another browser within a browser | |
| US9577967B2 (en) | Method and system for managing an informational site using a social networking application | |
| US20210026913A1 (en) | Web browser control feature | |
| CN114861154B (en) | Collaborative login method | |
| CN106131820B (en) | The method and apparatus of country code are provided in international call business | |
| CN110012091B (en) | Information display method and device and mobile terminal | |
| US20240022617A1 (en) | System for enabling workspace sharing | |
| CN114356870A (en) | Cross-device data sharing method and related devices |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200211 |