CN111680276A - Management method and system for multidimensional control data authority - Google Patents

Management method and system for multidimensional control data authority Download PDF

Info

Publication number
CN111680276A
CN111680276A CN202010386949.5A CN202010386949A CN111680276A CN 111680276 A CN111680276 A CN 111680276A CN 202010386949 A CN202010386949 A CN 202010386949A CN 111680276 A CN111680276 A CN 111680276A
Authority
CN
China
Prior art keywords
department
management
node
user
user account
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN202010386949.5A
Other languages
Chinese (zh)
Inventor
祁力臧
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiashan Litong Information Technology Co ltd
Original Assignee
Jiashan Litong Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiashan Litong Information Technology Co ltd filed Critical Jiashan Litong Information Technology Co ltd
Priority to CN202010386949.5A priority Critical patent/CN111680276A/en
Publication of CN111680276A publication Critical patent/CN111680276A/en
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Computer Security & Cryptography (AREA)
  • Strategic Management (AREA)
  • Human Resources & Organizations (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Operations Research (AREA)
  • Quality & Reliability (AREA)
  • Tourism & Hospitality (AREA)
  • General Business, Economics & Management (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention provides a management method and a management system for multidimensional control data authority, and belongs to the technical field of data authority management. The method comprises the following steps: creating a administrative region department management tree according to the administrative region division condition; mounting each object to a node of a corresponding regional department management tree and performing department coding; creating a user account and associating each department corresponding to each node on the management tree; acquiring a door code corresponding to a user account and performing system caching; and granting the current user account to manage the corresponding object data. The system comprises: the system comprises an object management module, a user management module and an area management module. The invention realizes the management of the access authority of any dimension data of the related management object, and avoids the corresponding customization development when a new management dimension appears each time; the development cost is saved, and meanwhile the Bug problem generated by re-customized development is reduced.

Description

Management method and system for multidimensional control data authority
Technical Field
The invention belongs to the technical field of data authority management, and particularly relates to a management method and a management system for multidimensional control data authority.
Background
In the process of project development, along with the promotion of projects, different requirements are often put forward for the business data authority, the control of the original data authority cannot meet new requirements, even after redesigning according to the new requirements, if changes are changed subsequently, readjustment is carried out, development workload is increased, and meanwhile great BUG hidden danger is caused to the quality of a system.
Disclosure of Invention
In view of the above, the present invention provides a method and a system for managing data access permissions flexibly and multidimensional in management of data permissions.
The purpose of the invention can be realized by the following technical scheme: a management method for managing data authority in a multidimensional way is characterized by comprising the following steps:
firstly, creating a administrative region department management tree in a multidimensional control data authority system according to administrative region division conditions;
secondly, mounting each object to be controlled to a node of a corresponding regional department management tree according to actual conditions, and simultaneously carrying out corresponding department coding;
step three, a user account is created, and each department corresponding to each node on the administrative region department management tree created in the step one is associated;
fourthly, logging in a multidimensional control data authority system through a user account, acquiring a corresponding department code on a administrative region department management tree corresponding to the current user account, and performing system caching;
and fifthly, obtaining all objects under the current department code through the cached department code in the fourth step in combination with the administrative region department management tree in the first step, and granting the current user account number management authority to the data of each object.
The objects comprise schools, enterprises, communities, common units, banks, supermarkets, markets, institutions, places of dispatch, construction sites and shops along streets.
The user account comprises each administrative department, and each administrative department comprises each level of government departments, each level of education departments, each level of public security departments and each level of emergency management departments.
And the nodes corresponding to the objects can be simultaneously bound in parallel with any department in each administrative department according to the requirements of actual conditions.
The user account further comprises group enterprises which are classified into each district group according to regions, and each object belonging to the corresponding group enterprise on the administrative region department management tree can be bound in parallel with the district group of the district where the object is located.
In order to achieve the above object, the present invention further provides a database row authority control system, including: the system comprises an object management module, a user management module and an area management module;
the object management module is used for creating, modifying and deleting each object.
And the user management module is used for creating, modifying and deleting each user account.
The region management module is used for creating, modifying and deleting nodes of the region department management tree, mounting each object to the corresponding node of the region department management tree, and simultaneously carrying out corresponding department coding.
The object management module comprises an object unique ID, an object name, an object short name, an object address, an object contact way, an object contact person, an object longitude and latitude and an object picture.
The user management module comprises a user unique ID, a user name, a user login name, user password information, a user password encryption factor and user contact.
The area management module comprises a node unique ID, a corresponding father node, a node name for short, a node type, a node code and a node object ID.
Compared with the prior art, the management method for multidimensional control data authority has the following advantages: the authority management distribution is more flexible; the multi-dimensional expansion of the user account can be supported according to actual requirements; the management of the access authority of any dimension data of the related management object is realized, and the corresponding customization development is avoided when a new management dimension appears each time; the development cost is saved, and meanwhile the Bug problem generated by re-customized development is reduced.
Drawings
FIG. 1 is a flowchart illustrating a method for managing data rights in multiple dimensions according to an embodiment.
FIG. 2 is a diagram of a reference model of a management tree in a flowchart of a method in an embodiment.
FIG. 3 is a reference diagram illustrating object mounting to a management tree node in an embodiment.
Fig. 4 is a reference association table of a part of management tree nodes and corresponding departments in the embodiment.
FIG. 5 is a schematic diagram of a hierarchical reference of a competent department in the example.
FIG. 6 is a diagram illustrating a reference to associate bindings between objects and their associated governing bodies on nodes of a management tree in an embodiment.
FIG. 7 is a schematic flow chart illustrating a usage flow of the system for managing data authority by using multidimensional data in the embodiment.
Detailed Description
The following are specific embodiments of the present invention and are further described with reference to the drawings, but the present invention is not limited to these embodiments.
The first embodiment is as follows:
according to the method, different control objects are classified according to administrative regions, a management tree mode is designed in a classified mode, and then division management and permission setting are carried out in a mode of combining user accounts and nodes on the management tree, so that flexible and conveniently-expanded data permission management is achieved. The following specifically explains a specific implementation process of the management method for managing the data authority of the multidimensional control in a form of combining pictures and texts.
As shown in fig. 1, the management method for managing data rights in multiple dimensions includes the following steps:
s101, creating a administrative region department management tree in the multidimensional control data authority system according to administrative region division conditions.
The management tree model is divided according to administrative levels, as shown in fig. 2, into a highest level province, each city of province and subcity, each county of each city and subcity, and finally each street of each county and subcity.
And S102, mounting each object to be controlled to a node of a corresponding regional department management tree according to actual conditions, and simultaneously carrying out corresponding department coding.
As shown in fig. 3, the managed objects of each street include schools, enterprises, and general units, and the objects of the same type are distinguished by using numbers: school 1, dangerous chemical enterprises 1 and unit 1 are mounted to town streets 1; school 2, dangerous chemical enterprises 2, unit 3 are mounted to town street 2. In practice, the objects also include cells, banks, supermarkets, malls, institutions, places of departure, construction sites, shops along streets, and the like.
S103, creating a user account, and associating each department corresponding to each node on the administrative department management tree created in step S101. Specifically, as shown in fig. 4, a graph is used to perform one-to-one correspondence.
S104, logging in a multidimensional control data authority system through a user account, acquiring a corresponding department code on a administrative region department management tree corresponding to the current user account, and performing system caching;
and S105, obtaining all objects under the current department code through the department code cached in the step S104 and the administrative region department management tree in the step S101, and granting the current user account number to the management authority of each object data.
Specifically, in the present example, the user account includes each administrative department, and each administrative department includes each level of government department, each level of education department, each level of public security department, and each level of emergency management department. As shown in fig. 5, the departments at different levels are also classified in an administrative hierarchy manner, so as to implement the corresponding relationship with each node on the regional department management tree. And then, the nodes corresponding to the objects can be simultaneously connected in parallel with any department in each department in charge according to the requirements of actual conditions.
As shown in fig. 6, school 1 and school 2 in the management and control objects on the regional department management tree are correspondingly bound with county 1 in the subordinate level of the education department in the administrative department, and by analogy, other objects are also bound in parallel according to the actual situation.
In addition, the method can be further expanded, so that the user account also comprises group enterprises, the group enterprises are classified into each block group according to regions, and each object belonging to the corresponding group enterprise on the administrative region department management tree can be bound in parallel with the block group of the block in which the object is located. Referring to fig. 6, a certain regional area under group a and an enterprise or an enterprise in a regional department management tree are bound in parallel, so that the inspection data of a common enterprise or an enterprise can be viewed by the account number of the regional area and group a where the enterprise is located.
Example two:
in order to achieve the above object, the present database row authority control system includes: the system comprises an object management module, a user management module and an area management module.
Specifically, the object management module specifically includes an object unique ID, an object name, an object abbreviation, an object address, an object contact person, an object longitude and latitude, an object picture, and the like. The module is used for creating, modifying and deleting each object.
And the user management module specifically comprises a user unique ID, a user name, a user login name, user password information, a user password encryption factor, user contact and the like. The module is used for creating, modifying and deleting each user account.
And the area management module specifically comprises a node unique ID, a corresponding father node, a node name, a node abbreviation, a node type (comprising a common node and an object node), a node code, a node object ID and the like. The module is used for creating, modifying and deleting nodes of the regional department management tree, mounting each object to the corresponding node of the regional department management tree, and simultaneously carrying out corresponding department coding.
With reference to fig. 7, the usage flow of the multidimensional data control data authority system of the present invention is as follows:
after the user logs in, acquiring a code of a department where the user is located, and caching a code corresponding to the current user by the system;
when a user accesses object data, the system intercepts the user access action, acquires the current operation user information, and then acquires the cached department code according to the user information;
and the system then refers to the preset coding relationship between the object and the department node, acquires the object which is authorized to access according to the department code, and associates the object service data with the obtained object to acquire the finally accessed data. The object service data includes: the management and control system comprises all business data related to the management and control object, such as inspection data of the management and control object, evaluation data of the management and control object, personnel configuration data of the management and control object and the like.
By using the system and the method, the data access authority management of any dimensionality (such as a government department, a competent department or an enterprise group) of a related management object can be flexibly realized, corresponding customized development is not required to be carried out again every time a new management dimensionality appears, the development cost is saved, and the Bug problem generated by the customized development is reduced.
The specific embodiments described herein are merely illustrative of the spirit of the invention. Various modifications or additions may be made to the described embodiments or alternatives may be employed by those skilled in the art without departing from the spirit or ambit of the invention as defined in the appended claims.

Claims (9)

1. A management method for managing data authority in a multidimensional way is characterized by comprising the following steps:
firstly, creating a administrative region department management tree in a multidimensional control data authority system according to administrative region division conditions;
secondly, mounting each object to be controlled to a node of a corresponding regional department management tree according to actual conditions, and simultaneously carrying out corresponding department coding;
step three, a user account is created, and each department corresponding to each node on the administrative region department management tree created in the step one is associated;
fourthly, logging in a multidimensional control data authority system through a user account, acquiring a corresponding department code on a administrative region department management tree corresponding to the current user account, and performing system caching;
and fifthly, obtaining all objects under the current department code through the cached department code in the fourth step in combination with the administrative region department management tree in the first step, and granting the current user account number management authority to the data of each object.
2. The method according to claim 1, wherein the objects include schools, enterprises, districts, general units, banks, supermarkets, malls, institutions, places of departures, construction sites, and shops along streets.
3. The method according to claim 1 or 2, wherein the user account includes each administrative department, and each administrative department includes each level of government departments, each level of education departments, each level of public security departments, and each level of emergency management departments.
4. The method according to claim 3, wherein the nodes corresponding to the objects can be bound in parallel with any department in each administrative department according to the requirement of the actual situation.
5. The method according to claim 1 or 2, wherein the user account further includes corporate enterprises, the corporate enterprises are classified into regional groups, and each object belonging to a corresponding corporate enterprise on the administrative department management tree can be bound in parallel with a regional group of the regional group.
6. A database row authority control system for implementing the management method for managing data authority in multidimensional way according to any claim from 1 to 5, the system comprising: the system comprises an object management module, a user management module and an area management module;
the object management module is used for creating, modifying and deleting each object.
And the user management module is used for creating, modifying and deleting each user account.
The region management module is used for creating, modifying and deleting nodes of the management tree of each region department; mounting each object on a node of a corresponding regional department management tree, and simultaneously carrying out corresponding department coding; the system is used for associating and caching corresponding department codes on a administrative region department management tree corresponding to the user account, and granting the current user account management authority to the object data represented by the corresponding department codes.
7. The system according to claim 6, wherein the object management module includes an object unique ID, an object name, an object abbreviation, an object address, an object contact way, an object contact person, an object longitude and latitude, and an object picture.
8. The system according to claim 7, wherein said user management module comprises a user unique ID, a user name, a user login name, user password information, a user password encryption factor, and a user contact.
9. The system according to any one of claims 6 to 8, wherein the area management module includes a node unique ID, a corresponding parent node, a node name, a node abbreviation, a node type, a node code, and a node object ID.
CN202010386949.5A 2020-05-09 2020-05-09 Management method and system for multidimensional control data authority Withdrawn CN111680276A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010386949.5A CN111680276A (en) 2020-05-09 2020-05-09 Management method and system for multidimensional control data authority

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010386949.5A CN111680276A (en) 2020-05-09 2020-05-09 Management method and system for multidimensional control data authority

Publications (1)

Publication Number Publication Date
CN111680276A true CN111680276A (en) 2020-09-18

Family

ID=72433969

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010386949.5A Withdrawn CN111680276A (en) 2020-05-09 2020-05-09 Management method and system for multidimensional control data authority

Country Status (1)

Country Link
CN (1) CN111680276A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115481108A (en) * 2022-09-19 2022-12-16 北京三维天地科技股份有限公司 Management method and system for same data among different departments

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115481108A (en) * 2022-09-19 2022-12-16 北京三维天地科技股份有限公司 Management method and system for same data among different departments

Similar Documents

Publication Publication Date Title
CN105357201A (en) Access control method and system for object cloud storage
CN102354356B (en) Data authority management device and method
CN109032458B (en) Form data authorization method based on role acquisition
CN110413923A (en) Campus informatization management system and method based on B/S framework
CN111885153B (en) Block chain-based data acquisition method, device, computer equipment and storage medium
CN108564351A (en) A kind of character management system and its operating method
CN111179139B (en) Internet + supervision data processing method and device
Goodman The fiscal impacts of urban sprawl: Evidence from US county areas
CN101739603B (en) Concentrate shared digital urban management application platform system and implementation method
CN102970302A (en) Platform and method for personal information protection based on personal information universal coding
CN111680276A (en) Management method and system for multidimensional control data authority
Yin et al. A MySQL-Based Software System of Urban Land Planning Database of Shanghai in China.
Daly et al. The genesis of volcanic risk assessment for the Auckland engineering lifelines project: 1996–2000
US20010025281A1 (en) Method for access control of aggregated data
Bayram et al. Developing electronic records management software applications and managing institutional differences: a comparative study
CN114493527A (en) Public service platform of wisdom district name based on wisdom civil affairs
Aydinoglu et al. A harmonised GI model for urban governance
US20040068520A1 (en) Information management system
CN116151751A (en) Data processing method and device, electronic equipment and readable storage medium
CN109787980A (en) Based on the MIS of Student in the social practice remotely controlled
CN113641336B (en) Natural resource field investigation platform and construction method thereof, electronic equipment, storage medium and program product
CN109308294A (en) Point of interest input system and method
Arcieri et al. Access Keys Warehouse: a new approach to the development of cooperative information systems
Han et al. Construction and Research of Big Data Platform
KR100434428B1 (en) Component System for Distributing Geographic Information System and Method of it

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication

Application publication date: 20200918

WW01 Invention patent application withdrawn after publication