CN112287384A - Configuration file generation method and device and storage medium - Google Patents

Configuration file generation method and device and storage medium Download PDF

Info

Publication number
CN112287384A
CN112287384A CN202010997378.9A CN202010997378A CN112287384A CN 112287384 A CN112287384 A CN 112287384A CN 202010997378 A CN202010997378 A CN 202010997378A CN 112287384 A CN112287384 A CN 112287384A
Authority
CN
China
Prior art keywords
database
parameters
parameter values
application software
database parameters
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010997378.9A
Other languages
Chinese (zh)
Inventor
张美霞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Changsha Youheng Network Technology Co Ltd
Original Assignee
Changsha Youheng Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Changsha Youheng Network Technology Co Ltd filed Critical Changsha Youheng Network Technology Co Ltd
Priority to CN202010997378.9A priority Critical patent/CN112287384A/en
Publication of CN112287384A publication Critical patent/CN112287384A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the application provides a configuration file generation method, a configuration file generation device and a storage medium. In the embodiment of the application, after the database parameters and the parameter values thereof provided by the database manager and the user-defined parameters and the parameter values thereof provided by the application software developer are obtained, whether the application software developer has the authority to check the parameter values of the database parameters is judged; hiding the parameter values of the database parameters when judging that the application software developer does not have the authority of checking the parameter values of the database parameters; and finally, generating a configuration file according to the database parameters, the hidden parameter values thereof, the user-defined parameters and the parameter values thereof. Therefore, the condition that the parameter values of the sensitive database parameters are leaked due to human errors of application software developers is avoided as much as possible, and the safety risk of the database is reduced.

Description

Configuration file generation method and device and storage medium
Technical Field
The present application relates to the field of computer technologies, and in particular, to a method and an apparatus for generating a configuration file, and a storage medium.
Background
In the whole life cycle from development to online, the application software needs to run in different running environments, such as a development environment, a test environment and an online environment. Before the application software runs in each running environment, developers need to generate configuration files for the corresponding running environment, and each running environment is configured according to the generated configuration files. When configuring each operating environment, database connection configuration is often involved, which requires that the configuration file includes parameters required by the database connection configuration, and some of the parameters are more sensitive parameters, such as a user name and a password for logging in the database.
If the configuration file is generated in the development process of the application software, the database sensitive parameters in the configuration file are known by developers, so that the condition that the database sensitive parameters are leaked due to human errors easily occurs, and certain risks are brought to the safety of the database.
Disclosure of Invention
Aspects of the present application provide a method, an apparatus, and a storage medium for generating a configuration file, so as to reduce, as much as possible, situations in which sensitive parameters of a database are leaked when generating a configuration file of an application software operating environment, and reduce security risks of the database.
The embodiment of the application provides a configuration file generation method, which comprises the following steps:
acquiring database parameters and parameter values thereof provided by database management personnel, and acquiring custom parameters and parameter values thereof provided by application software developers;
judging whether the application software developer has the authority to check the parameter values of the database parameters or not according to the role grade of the application software developer;
if the parameter values of the database parameters are not allowed to be checked, hiding the parameter values of the database parameters, wherein the hidden parameter values cannot be checked by the application software developer;
and generating a configuration file corresponding to the running environment of the application software according to the database parameters and the parameter values after the database parameters are hidden and the user-defined parameters and the parameter values thereof, so that the application software developer configures the running environment required by running the application software according to the configuration file and runs the application software.
An embodiment of the present application further provides a device for generating a configuration file, including: a memory and a processor;
the memory for storing a computer program;
the processor, coupled with the memory, to execute the computer program to:
acquiring database parameters and parameter values thereof provided by database management personnel, and acquiring custom parameters and parameter values thereof provided by application software developers;
judging whether the application software developer has the authority to check the parameter values of the database parameters or not according to the role grade of the application software developer;
if the parameter values of the database parameters are not allowed to be checked, hiding the parameter values of the database parameters, wherein the hidden parameter values cannot be checked by the application software developer;
and generating a configuration file corresponding to the running environment of the application software according to the database parameters and the parameter values after the database parameters are hidden and the user-defined parameters and the parameter values thereof, so that the application software developer configures the running environment required by running the application software according to the configuration file and runs the application software.
Embodiments of the present application further provide a computer-readable storage medium storing a computer program, which, when executed by a processor, causes the processor to implement the steps in the above-mentioned configuration file generation method.
According to the configuration file generation method, the configuration file generation device and the storage medium, after the database parameters and the parameter values thereof provided by database management personnel and the custom parameters and the parameter values thereof provided by application software developers are obtained, whether the application software developers have the authority to check the parameter values of the database parameters or not is judged; hiding the parameter values of the database parameters when judging that the application software developer does not have the authority of checking the parameter values of the database parameters; and finally, generating a configuration file according to the database parameters, the hidden parameter values thereof, the user-defined parameters and the parameter values thereof. Therefore, the database parameters and the parameter values thereof are created by special database management personnel, application software developers can use the database parameters and the parameter values thereof, but can only check the parameter values of the database parameters based on the authority of the application software developers, the situation that the parameter values of the sensitive database parameters are leaked due to human errors of the application software developers is avoided as much as possible, and the safety risk of the database is reduced.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:
fig. 1 is a schematic flowchart of a configuration file generation method according to an exemplary embodiment of the present application;
fig. 2 is a schematic flowchart of another configuration file generation method according to an exemplary embodiment of the present application;
fig. 3 is a schematic structural diagram of a configuration file generation apparatus according to an exemplary embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the technical solutions of the present application will be described in detail and completely with reference to the following specific embodiments of the present application and the accompanying drawings. It should be apparent that the described embodiments are only some of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The technical solutions provided by the embodiments of the present application are described in detail below with reference to the accompanying drawings.
Fig. 1 is a schematic flowchart of a configuration file generation method according to an exemplary embodiment of the present application. As shown in fig. 1, the method comprises the steps of:
101. the method comprises the steps of obtaining database parameters and parameter values thereof provided by database management personnel, and obtaining custom parameters and parameter values thereof provided by application software developers.
102. And judging whether the application software developer has the authority to check the parameter values of the database parameters or not according to the role grade of the application software developer.
103. If the parameter values of the database parameters are not checked, hiding the parameter values of the database parameters, wherein the hidden parameter values cannot be checked by application software developers.
104. And generating a configuration file corresponding to the running environment of the application software according to the database parameters, the parameter values after the hiding processing of the database parameters, the user-defined parameters and the parameter values of the user-defined parameters so as to allow an application software developer to configure the running environment required by the running of the application software according to the configuration file and run the application software.
In particular, the application software runtime accesses the database, such as querying and updating data in the database. Therefore, when configuring the running environment of the application software, a database connection configuration needs to be performed so that the application software can access the database when running.
The database connection configuration requires configuration of the following database parameters including but not limited to: the name Database of the Database, the User name User of the login Database and the Password corresponding to the User name of the login Database. Which of the database parameters belong to sensitive parameters and which belong to insensitive parameters are set according to actual situations. For example, the name Database of the Database does not belong to the sensitive parameter, and the User name User of the login Database and the Password corresponding to the User name of the login Database belong to the sensitive parameter. Sensitive database parameters have parameter values that are revealed, which can bring security risks to the database. For example, database parameters such as a User name User for logging in the database and a Password corresponding to the User name for logging in the database belong to relatively sensitive parameters, and if the User name User for logging in the database and the corresponding Password are leaked, the database may be accessed by an illegal User, which affects the security of the database.
The configuration file generation method provided in this embodiment may be executed by a configuration file generation device, where the configuration file generation device may perform unified management on Database parameters created by a Database Administrator (DBA), and may also perform unified management on configuration files created by different application software developers for an operating environment of application software.
In this embodiment, to ensure the security of the database, the database parameters and their parameter values are created by the database manager on the configuration file generation device, and the database manager has the right to view and modify the database parameters and their parameter values. For example, the databases accessible by the application software include MySQL, redis, Oracle, etc., and the user name and password for logging in the databases are created by the database manager and stored in the configuration file generation device.
In this embodiment, different application software developers have different tasks, and each application software developer can create a custom parameter and a parameter value thereof corresponding to a task for the operating environment of the application software on the configuration file generation device based on the assigned task.
It should be noted that, for convenience of understanding and distinction, configuration parameters related to a database in a configuration file are referred to as database parameters, the database parameters are set by a database manager, configuration parameters unrelated to the database in the configuration file are referred to as custom parameters, and the custom parameters are set by a developer of application software. The custom parameters include which parameters are related to the application software and the operating environment in which the application software is to be operated, depending on the actual situation.
In practical situations, the role levels of the application software developers are different, some application software developers belong to high-level developers, some application software developers belong to middle-level developers, some application software developers belong to low-level developers, and the higher the role level is, the stronger the awareness of the developers on data confidentiality is. In addition, some database parameters belong to sensitive parameters and some database parameters do not belong to sensitive parameters. Certainly, it is necessary to hide the parameter values of the database parameters in a targeted manner, so that the parameter values of the sensitive database parameters are hidden and cannot be viewed by the application software developer, and the parameter values of the insensitive database parameters are also transparent and can be viewed by the application software developer.
Therefore, in this embodiment, whether the application software developer has the authority to view the parameter values of the database parameters is determined based on the role level of the application software developer, and whether to hide the parameter values of the database parameters is determined according to the determination result.
According to the configuration file generation method provided by the embodiment of the application, after the database parameters and the parameter values thereof provided by the database manager and the custom parameters and the parameter values thereof provided by the application software developer are obtained, whether the application software developer has the permission to check the parameter values of the database parameters or not is judged; hiding the parameter values of the database parameters when judging that the application software developer does not have the authority of checking the parameter values of the database parameters; and finally, generating a configuration file according to the database parameters, the hidden parameter values thereof, the user-defined parameters and the parameter values thereof. Therefore, the database parameters and the parameter values thereof are created by special database management personnel, application software developers can use the database parameters and the parameter values thereof, but can only check the parameter values of the database parameters based on the authority of the application software developers, the situation that the parameter values of the sensitive database parameters are leaked due to human errors of the application software developers is avoided as much as possible, and the safety risk of the database is reduced.
Fig. 2 is a schematic flowchart of another configuration file generation method according to an exemplary embodiment of the present application. As shown in fig. 2, the method comprises the steps of:
201. the method comprises the steps of obtaining database parameters and parameter values thereof provided by database management personnel, and obtaining custom parameters and parameter values thereof provided by application software developers.
The implementation manner of step 201 in this embodiment is the same as that of step 101 in the above embodiment, and is not described herein again.
202. And judging whether the application software developer has the authority to check the parameter values of the database parameters or not according to the role grade of the application software developer.
The implementation manner of step 202 in this embodiment is the same as that of step 102 in the above embodiment, and is not described herein again.
203. If the parameter values of the database parameters are not checked, hiding the parameter values of the database parameters, wherein the hidden parameter values cannot be checked by application software developers.
The implementation manner of step 203 in this embodiment is the same as that of step 103 in the above embodiment, and is not described herein again.
204. And generating a configuration file corresponding to the running environment of the application software according to the database parameters, the parameter values after the hiding processing of the database parameters, the user-defined parameters and the parameter values of the user-defined parameters so as to allow an application software developer to configure the running environment required by the running of the application software according to the configuration file and run the application software.
The implementation manner of step 204 in this embodiment is the same as that of step 104 in the above embodiment, and is not described herein again.
205. And acquiring historical use times and/or use time of the database parameters.
206. And if the historical use times of the database parameters are larger than a preset time threshold and/or the use time is larger than a preset time threshold, outputting update prompt information to prompt a database manager to update the parameter values of the database parameters.
In practical applications, as more and more configuration files are generated, the times and times of using sensitive database parameters such as user names and passwords for logging in the database are increased, the use time is prolonged, and more application software developers are exposed to the sensitive database parameters. Although the parameter values of the sensitive database parameters are hidden, if the hidden parameter values of the database parameters are cracked, certain risks are brought to the security of the database.
Therefore, in order to further reduce the probability of bringing security risk to the database when the configuration file is created, historical use times and/or use time of sensitive database parameters can be counted, and whether a database manager is prompted to update parameter values of the database parameters is determined according to a statistical result.
Specifically, a time threshold or a time threshold may be set according to a large amount of test data, and when the historical usage times of the database parameters are greater than the time threshold and/or the usage time is greater than the time threshold, it may be considered that the database parameters are used more frequently or the usage time is longer, and at this time, a database manager needs to be reminded to update the parameter values of the database parameters. Conversely, when the historical usage times of the database parameters are not greater than the time threshold and/or the usage time is not greater than the time threshold, the database parameters may not be used much or the usage time is not long, and the database manager does not need to be reminded to update the parameter values of the database parameters.
In this embodiment, if a sensitive database parameter and its parameter value are used when creating a configuration file, the historical usage times of the database parameter is increased once. It should be noted that, when the database manager updates the parameter value of the database parameter, the historical usage times of the database parameter are cleared, and the calculation of the historical usage times of the database parameter is restarted.
In this embodiment, the timing start point of the usage time of the database parameter is a time point at which the database manager creates a parameter value of the database parameter, and the timing end point is the current time.
According to the configuration file generation method provided by the embodiment of the application, after the configuration file uses the parameter values of the sensitive database parameters, when the use times of the database parameters are more and/or the use time is longer, the database manager is prompted to update the parameter values of the database parameters, and therefore the probability of safety risks brought to the database when the configuration file is created is further reduced.
It should be noted that, in the above embodiment, if there are both sensitive parameters and insensitive parameters in the acquired database parameters, the parameter values of the sensitive database parameters are hidden, and the parameter values of the insensitive database parameters do not need to be hidden.
Thus, when the configuration file is generated, the configuration file is generated according to the sensitive database parameters and the parameter values after the hiding processing, the insensitive database parameters and the parameter values thereof, and the self-defined parameters and the parameter values thereof. It can be understood that the parameter values of the sensitive database parameters can be only viewed by the application software developer based on the own viewing authority; and the parameter values of the database parameters are insensitive, and application software developers have authority to check.
On the basis of the above embodiment, optionally, when hiding the parameter values of the database parameters, all or part of the parameter values of the database parameters may be replaced with special symbols. Specific symbols include, but are not limited to, the following: @, #,%, &.
Furthermore, in order to further prevent the parameter value of the sensitive database parameter from being leaked, the parameter value of the database parameter may be encrypted, and watermark text indicating that the database parameter is strictly prohibited from being leaked is added to the encrypted parameter value of the database parameter. The encryption processing of the data is described in detail in the prior art.
It can be understood that the security of the parameter values of the database parameters after encryption processing is higher, and the application software developer can be more intuitively reminded to pay attention to the security of the parameter values of the database parameters by adding the watermark characters.
It should be noted that, when the configuration file is used to configure the application software operating environment, the hidden parameter value may be analyzed through reverse engineering to obtain the parameter value before hiding.
On the basis of the above embodiment, optionally, the manner of obtaining the database parameters and the parameter values thereof provided by the database management staff is as follows: displaying a first configuration page, wherein the first configuration page comprises information items of configuration database parameters; responding to the input operation of the data management personnel on the information items of the configuration database parameters, and acquiring the identity information of the data management personnel; verifying whether the data manager has the authority to configure the database parameters or not according to the identity information of the data manager; and if the identity information of the data management personnel passes the verification, acquiring the database parameters and the parameter values thereof input by the database management personnel in the first configuration page.
In the present embodiment, the input operation includes, but is not limited to: voice input operation, keyboard input operation, touch input operation.
In this embodiment, in order to further reduce the security risk of the database, before the database manager inputs the database parameter and the parameter value thereof to the configuration file generating device, the identity information of the database manager needs to be verified, and only the database manager whose identity information is verified can configure the database parameter and the parameter value thereof in the configuration file generating device.
In practical application, the database management personnel can register the identity information of the database management personnel in the configuration file generation device in advance, so that when the identity of the database management personnel is verified, whether the obtained identity information of the database management personnel is the registered identity information can be judged, if yes, the identity information of the database management personnel is verified to be passed, and if not, the identity information of the database management personnel is not verified to be passed.
On the basis of the above embodiment, optionally, the implementation manner of obtaining the custom parameters and the parameter values thereof provided by the application software developer is as follows: displaying a second configuration page, wherein the second configuration page comprises information items for configuring the custom parameters; responding to the input operation of the application software developer on the information item configured with the custom parameters, and acquiring the identity information of the application software developer; verifying whether the application software developer has the authority to configure the custom parameters or not according to the identity information of the application software developer; and if the identity information of the data manager passes the verification, acquiring the custom parameters and the parameter values thereof input by the application software developer in the second configuration page.
In the present embodiment, the input operation includes, but is not limited to: voice input operation, keyboard input operation, touch input operation.
In this embodiment, in order to avoid the parameters of the database from being used by illegal personnel as much as possible and further reduce the security risk of the database, before the application software developer inputs the customized parameters and the parameter values thereof into the configuration file generation device, the identity information of the application software developer needs to be verified, and only the database manager who passes the identity information verification configures the customized parameters and the parameter values thereof in the configuration file generation device.
In practical application, an application software developer can register own identity information in the configuration file generation device in advance, so that when the identity of the application software developer is verified, whether the obtained identity information of the application software developer is the registered identity information can be judged, if yes, the identity information of the application software developer passes verification, and if not, the identity information of the application software developer does not pass verification.
On the basis of the above embodiment, optionally, the implementation manner of judging whether the application software developer has the right to view the parameter values of the database parameters according to the role grade of the application software developer is as follows: and judging whether the application software developer has the authority to check the parameter values of the database parameters or not according to the role grade of the application software developer and the corresponding relation of the pre-established database parameters, the role grade and the checking authority, wherein the checking authority comprises the parameter values of the database parameters checked with the authority and the parameter values of the database parameters checked without the authority.
In this embodiment, the role level of the application software developer may be high level, medium level, and low level from top to bottom, respectively. When the corresponding relation among the database parameters, the role grades and the viewing permission is established, the parameter values of the database parameters can be determined to be viewable by application software developers of which role grades and not viewable by the application software developers of which role grades according to actual conditions. For example, the user name and password of the database can be disclosed to the high-level application software developer, but hidden to the middle-level and low-level application software developers.
On the basis of the above embodiment, optionally, before generating the configuration file, a canonical configuration file template may be obtained, and the database parameter and the parameter value after the hiding process thereof, the custom parameter and the parameter value thereof are written into the configuration file template to generate the configuration file. The configuration file generated based on the standard configuration file template can facilitate the configuration end of the application software operating environment to analyze the configuration file and obtain corresponding configuration information.
As an example, the configuration end of the Application operating environment may obtain a required configuration file from the configuration file generating device by calling an API (Application Programming Interface), and configure the Application operating environment after the configuration file is parsed to obtain the configuration information.
On the basis of the above embodiment, optionally, after the configuration file is generated, a version number may be added to the configuration file, and the configuration file with the version number added thereto is issued.
In an actual situation, after the application software running environment is configured based on the configuration file of the current version, the application software runs in the configured running environment and is abnormal, but because the configuration of which environment cannot be located immediately is problematic, the configuration file is often required to be rolled back to the configuration file of the previous version, and the application software running environment is configured by using the configuration file of the previous version again. Therefore, it is necessary to add a version number to the generated configuration file.
When the version number of the configuration file is generated, the identifier of the application software and/or the identifier of the operating environment can be added in the version number, so that an application software developer can quickly know which application software and which operating environment the configuration file corresponds to, and a configuration end of the operating environment of the application software can conveniently and accurately search the required configuration file from the configuration file generation device.
It should be noted that the execution subjects of the steps of the methods provided in the above embodiments may be the same device, or different devices may be used as the execution subjects of the methods. For example, the execution subjects of steps 101 to 104 may be device a; for another example, the execution subject of steps 101 and 102 may be device a, and the execution subject of steps 103 and 104 may be device B; and so on.
In addition, in some of the flows described in the above embodiments and the drawings, a plurality of operations are included in a specific order, but it should be clearly understood that the operations may be executed out of the order presented herein or in parallel, and the sequence numbers of the operations, such as 101, 102, etc., are merely used for distinguishing different operations, and the sequence numbers do not represent any execution order per se. Additionally, the flows may include more or fewer operations, and the operations may be performed sequentially or in parallel. It should be noted that, the descriptions of "first", "second", etc. in this document are used for distinguishing different messages, devices, modules, etc., and do not represent a sequential order, nor limit the types of "first" and "second" to be different.
Fig. 3 is a schematic structural diagram of a configuration file generation apparatus according to an exemplary embodiment of the present application. As shown in fig. 3, the apparatus includes: the method comprises the following steps: a memory 11 and a processor 12.
The memory 11 is used for storing a computer program and may be configured to store other various data to support operations on the processor. Examples of such data include instructions for any application or method operating on the processor, contact data, phonebook data, messages, pictures, videos, and so forth.
The memory 11 may be implemented by any type or combination of volatile or non-volatile memory devices, such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disks.
A processor 12, coupled to the memory 11, for executing the computer program in the memory 11 for:
acquiring database parameters and parameter values thereof provided by database management personnel, and acquiring custom parameters and parameter values thereof provided by application software developers;
judging whether the application software developer has the authority to check the parameter values of the database parameters or not according to the role grade of the application software developer;
if the parameter values of the database parameters are not checked, hiding the parameter values of the database parameters, wherein the hidden parameter values cannot be checked by application software developers;
and generating a configuration file corresponding to the running environment of the application software according to the database parameters, the parameter values after the hiding processing of the database parameters, the user-defined parameters and the parameter values of the user-defined parameters so as to allow an application software developer to configure the running environment required by the running of the application software according to the configuration file and run the application software.
Further, after generating the configuration file corresponding to the application software running environment, the processor 12 is further configured to:
acquiring historical use times and/or use time of database parameters;
and if the historical use times of the database parameters are larger than a preset time threshold and/or the use time is larger than a preset time threshold, outputting update prompt information to prompt a database manager to update the parameter values of the database parameters.
Further, when hiding the parameter values of the database parameters, the processor 12 is specifically configured to:
replacing all parameter values or part of parameter values of the database parameters by special symbols;
or, the parameter values of the database parameters are encrypted, and watermark characters indicating that the database parameters are strictly forbidden to be leaked are added to the parameter values of the database parameters after encryption.
Further, when the processor 12 obtains the database parameters and the parameter values thereof provided by the database manager, the processor is specifically configured to:
displaying a first configuration page, wherein the first configuration page comprises information items of configuration database parameters;
responding to the input operation of the data management personnel on the information items of the configuration database parameters, and acquiring the identity information of the data management personnel;
verifying whether the data manager has the authority to configure the database parameters or not according to the identity information of the data manager;
and if the identity information of the data management personnel passes the verification, acquiring the database parameters and the parameter values thereof input by the database management personnel in the first configuration page.
Further, when obtaining the custom parameters and their parameter values provided by the application software developer, the processor 12 is specifically configured to:
displaying a second configuration page, wherein the second configuration page comprises information items for configuring the custom parameters;
responding to the input operation of the application software developer on the information item configured with the custom parameters, and acquiring the identity information of the application software developer;
verifying whether the application software developer has the authority to configure the custom parameters or not according to the identity information of the application software developer;
and if the identity information of the data manager passes the verification, acquiring the custom parameters and the parameter values thereof input by the application software developer in the second configuration page.
Further, when determining whether the application software developer has the right to view the parameter values of the database parameters according to the role grade of the application software developer, the processor 12 is specifically configured to:
and judging whether the application software developer has the authority to check the parameter values of the database parameters or not according to the role grade of the application software developer and the corresponding relation of the pre-established database parameters, the role grade and the checking authority, wherein the checking authority comprises the parameter values of the database parameters checked with the authority and the parameter values of the database parameters checked without the authority.
The apparatus shown in fig. 3 can perform the method of the above embodiment, and reference may be made to the related description of the above embodiment for a part of the embodiment that is not described in detail. The implementation process and technical effect of the technical solution refer to the description in the above embodiments, and are not described herein again.
Further, as shown in fig. 3, the apparatus further includes: communication components 13, display 14, power components 15, audio components 16, and the like. Only some of the components are schematically shown in fig. 3, and it is not meant that the processor includes only the components shown in fig. 3. In addition, the components shown by the dashed boxes in fig. 3 are optional components, but not necessary components, and the details may depend on the details of the implementation of the configuration file generation apparatus. If the configuration file generation apparatus is implemented as a terminal device such as a notebook computer, a tablet, a mobile phone, etc., the configuration file generation apparatus may include components shown by dotted boxes in fig. 3; if the configuration file generation device is implemented as a server device such as a conventional server, a cloud server or a server array, the components shown by the dashed boxes in fig. 3 are not included.
Accordingly, the present application further provides a computer readable storage medium storing a computer program, where the computer program is capable of implementing the steps that can be executed by a processor in the foregoing method embodiments when executed.
The communication component of fig. 3 described above is configured to facilitate communication between the device in which the communication component is located and other devices in a wired or wireless manner. The device where the communication component is located can access a wireless network based on a communication standard, such as a WiFi, a 2G, 3G, 4G/LTE, 5G and other mobile communication networks, or a combination thereof. In an exemplary embodiment, the communication component receives a broadcast signal or broadcast related information from an external broadcast management system via a broadcast channel. In one exemplary embodiment, the communication component further includes a Near Field Communication (NFC) module to facilitate short-range communications. For example, the NFC module may be implemented based on Radio Frequency Identification (RFID) technology, infrared data association (IrDA) technology, Ultra Wideband (UWB) technology, Bluetooth (BT) technology, and other technologies.
The display in fig. 3 described above includes a screen, which may include a Liquid Crystal Display (LCD) and a Touch Panel (TP). If the screen includes a touch panel, the screen may be implemented as a touch screen to receive an input signal from a user. The touch panel includes one or more touch sensors to sense touch, slide, and gestures on the touch panel. The touch sensor may not only sense the boundary of a touch or slide action, but also detect the duration and pressure associated with the touch or slide operation.
The power supply assembly of fig. 3 described above provides power to the various components of the device in which the power supply assembly is located. The power components may include a power management system, one or more power supplies, and other components associated with generating, managing, and distributing power for the device in which the power component is located.
The audio component of fig. 3 described above may be configured to output and/or input an audio signal. For example, the audio component includes a Microphone (MIC) configured to receive an external audio signal when the device in which the audio component is located is in an operational mode, such as a call mode, a recording mode, and a voice recognition mode. The received audio signal may further be stored in a memory or transmitted via a communication component. In some embodiments, the audio assembly further comprises a speaker for outputting audio signals.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The above description is only an example of the present application and is not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.

Claims (10)

1. A method for generating a configuration file, comprising:
acquiring database parameters and parameter values thereof provided by database management personnel, and acquiring custom parameters and parameter values thereof provided by application software developers;
judging whether the application software developer has the authority to check the parameter values of the database parameters or not according to the role grade of the application software developer;
if the parameter values of the database parameters are not allowed to be checked, hiding the parameter values of the database parameters, wherein the hidden parameter values cannot be checked by the application software developer;
and generating a configuration file corresponding to the running environment of the application software according to the database parameters and the parameter values after the database parameters are hidden and the user-defined parameters and the parameter values thereof, so that the application software developer configures the running environment required by running the application software according to the configuration file and runs the application software.
2. The method of claim 1, after generating the configuration file corresponding to the application software operating environment, further comprising:
acquiring historical use times and/or use time of the database parameters;
and if the historical use times of the database parameters are larger than a preset time threshold and/or the use time is larger than a preset time threshold, outputting update prompt information to prompt a database manager to update the parameter values of the database parameters.
3. The method according to claim 1 or 2, wherein hiding the parameter values of the database parameters comprises:
replacing all or part of parameter values of the database parameters by special symbols;
or encrypting the parameter value of the database parameter, and adding watermark characters indicating that the database parameter is strictly forbidden to be leaked to the parameter value of the database parameter after encryption.
4. The method of claim 1 or 2, wherein the obtaining of the database parameters and the parameter values thereof provided by the database management personnel comprises:
displaying a first configuration page, wherein the first configuration page comprises information items for configuring database parameters;
responding to the input operation of the data management personnel on the information items of the configuration database parameters, and acquiring the identity information of the data management personnel;
verifying whether the data management personnel has the authority to configure the database parameters or not according to the identity information of the data management personnel;
and if the identity information of the data management personnel passes the verification, acquiring the database parameters and the parameter values thereof input by the database management personnel in the first configuration page.
5. The method according to claim 1 or 2, wherein the obtaining of the custom parameters and the parameter values thereof provided by the application software developer comprises:
displaying a second configuration page, wherein the second configuration page comprises information items for configuring the custom parameters;
responding to the input operation of the application software developer on the information item configured with the custom parameters, and acquiring the identity information of the application software developer;
verifying whether the application software developer has the authority to configure the custom parameters or not according to the identity information of the application software developer;
and if the identity information of the data management personnel passes the verification, acquiring the custom parameters and the parameter values thereof input by the application software developer in the second configuration page.
6. The method according to claim 1 or 2, wherein the determining whether the application software developer has the right to view the parameter values of the database parameters according to the role grade of the application software developer comprises:
and judging whether the application software developer has the authority to check the parameter values of the database parameters or not according to the role grade of the application software developer and the corresponding relation of the pre-established database parameters, the role grade and the checking authority, wherein the checking authority comprises the parameter values of the database parameters checked with the authority and the parameter values of the database parameters checked without the authority.
7. A profile generation apparatus, comprising: a memory and a processor;
the memory for storing a computer program;
the processor, coupled with the memory, to execute the computer program to:
acquiring database parameters and parameter values thereof provided by database management personnel, and acquiring custom parameters and parameter values thereof provided by application software developers;
judging whether the application software developer has the authority to check the parameter values of the database parameters or not according to the role grade of the application software developer;
if the parameter values of the database parameters are not allowed to be checked, hiding the parameter values of the database parameters, wherein the hidden parameter values cannot be checked by the application software developer;
and generating a configuration file corresponding to the running environment of the application software according to the database parameters and the parameter values after the database parameters are hidden and the user-defined parameters and the parameter values thereof, so that the application software developer configures the running environment required by running the application software according to the configuration file and runs the application software.
8. The apparatus of claim 7, wherein the processor, after generating the configuration file corresponding to the application software runtime environment, is further configured to:
acquiring historical use times and/or use time of the database parameters;
and if the historical use times of the database parameters are larger than a preset time threshold and/or the use time of the database parameters is larger than a preset time threshold, outputting update prompt information to prompt a database manager to update the parameter values of the database parameters.
9. The apparatus according to claim 7 or 8, wherein the processor, when performing the hiding process on the parameter values of the database parameters, is specifically configured to:
replacing all or part of parameter values of the database parameters by special symbols;
or encrypting the parameter value of the database parameter, and adding watermark characters indicating that the database parameter is strictly forbidden to be leaked to the parameter value of the database parameter after encryption.
10. A computer-readable storage medium having a computer program stored thereon, which, when being executed by a processor, causes the processor to carry out the steps of the profile generation method according to any one of claims 1 to 6.
CN202010997378.9A 2020-09-21 2020-09-21 Configuration file generation method and device and storage medium Pending CN112287384A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010997378.9A CN112287384A (en) 2020-09-21 2020-09-21 Configuration file generation method and device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010997378.9A CN112287384A (en) 2020-09-21 2020-09-21 Configuration file generation method and device and storage medium

Publications (1)

Publication Number Publication Date
CN112287384A true CN112287384A (en) 2021-01-29

Family

ID=74421130

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010997378.9A Pending CN112287384A (en) 2020-09-21 2020-09-21 Configuration file generation method and device and storage medium

Country Status (1)

Country Link
CN (1) CN112287384A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114461614A (en) * 2022-04-12 2022-05-10 北京安华金和科技有限公司 Sensitive data identification processing method and system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105117660A (en) * 2015-08-04 2015-12-02 杭州朗和科技有限公司 Database system starting method and apparatus
CN110704863A (en) * 2019-08-23 2020-01-17 深圳市随手科技有限公司 Configuration information processing method and device, computer equipment and storage medium
CN111460516A (en) * 2020-06-22 2020-07-28 腾讯科技(深圳)有限公司 Non-invasive data protection method, device, terminal and storage medium

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105117660A (en) * 2015-08-04 2015-12-02 杭州朗和科技有限公司 Database system starting method and apparatus
CN110704863A (en) * 2019-08-23 2020-01-17 深圳市随手科技有限公司 Configuration information processing method and device, computer equipment and storage medium
CN111460516A (en) * 2020-06-22 2020-07-28 腾讯科技(深圳)有限公司 Non-invasive data protection method, device, terminal and storage medium

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114461614A (en) * 2022-04-12 2022-05-10 北京安华金和科技有限公司 Sensitive data identification processing method and system

Similar Documents

Publication Publication Date Title
US11756404B2 (en) Adaptive severity functions for alerts
US20160094538A1 (en) Managed clone applications
US10614208B1 (en) Management of login information affected by a data breach
US20160350525A1 (en) Application Program Management Method, Device, Terminal, and Computer Storage Medium
US9235840B2 (en) Electronic transaction notification system and method
US11475071B2 (en) Configuring dynamic content previews
KR20180001878A (en) Method for detecting the tampering of application code and electronic device supporting the same
US11848935B2 (en) Dynamically generating restriction profiles for managed devices
US11616860B2 (en) Information display method, terminal, and server
CN110889691A (en) Information display method, device and equipment
CN114556867A (en) Authentication mechanism using location validation
US20220038279A1 (en) Blockchain data processing method, apparatus, and device
CN112287384A (en) Configuration file generation method and device and storage medium
US10073720B2 (en) Restricted application visibility
Bakar et al. Empirical analysis of android apps permissions
EP3125183A1 (en) Methods and systems for financial account access management
CN113792306A (en) Seal management method and device and electronic equipment
CN110046493B (en) Data processing method, device, equipment and machine-readable medium
CN116997891A (en) Behavior monitoring method, behavior monitoring device, terminal equipment and computer readable storage medium
Hong et al. The Design of the User Interfaces for Privacy Enhancements for Android
CN113010365A (en) System running state monitoring method, system running state detection device, electronic equipment and storage medium
US20230413054A1 (en) Systems and methods for providing a secure notification service for mobile applications
US20230409719A1 (en) Systems and methods for data risk assessment
US11693651B1 (en) Static and dynamic correlation of software development pipeline events
EP4160454A1 (en) Computer-implemented systems and methods for application identification and authentication

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination