CN112364338A - Management method and device of micro-service framework, electronic device and storage medium - Google Patents
Management method and device of micro-service framework, electronic device and storage medium Download PDFInfo
- Publication number
- CN112364338A CN112364338A CN202011379139.3A CN202011379139A CN112364338A CN 112364338 A CN112364338 A CN 112364338A CN 202011379139 A CN202011379139 A CN 202011379139A CN 112364338 A CN112364338 A CN 112364338A
- Authority
- CN
- China
- Prior art keywords
- authority
- service
- micro
- database table
- management module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000003860 storage Methods 0.000 title claims abstract description 15
- 238000007726 management method Methods 0.000 title description 136
- 238000000034 method Methods 0.000 claims abstract description 54
- 238000004590 computer program Methods 0.000 claims description 18
- 230000008569 process Effects 0.000 claims description 14
- 230000008859 change Effects 0.000 claims description 7
- 238000012423 maintenance Methods 0.000 claims description 7
- 238000004140 cleaning Methods 0.000 claims description 6
- 238000010276 construction Methods 0.000 claims description 2
- 238000011144 upstream manufacturing Methods 0.000 description 11
- 230000005540 biological transmission Effects 0.000 description 7
- 238000010586 diagram Methods 0.000 description 7
- 238000012986 modification Methods 0.000 description 7
- 230000004048 modification Effects 0.000 description 7
- 238000004891 communication Methods 0.000 description 6
- 230000008901 benefit Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 238000004519 manufacturing process Methods 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 230000006399 behavior Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The application relates to a method, a device, an electronic device and a storage medium for managing the authority of a micro-service framework, wherein the method adds an authority field and a unique identifier in a database table which needs to be managed by the authority in downstream service, and provides an internal interface for modifying the authority field; when the user triggers the authority management operation, the corresponding internal interface is called by using the unique identifier to manage the corresponding authority in the downstream service. The method and the device solve the problems that the occupied internal resources are large and the internal resources are inconvenient to modify aiming at the authority management frame, and improve the efficiency of modifying the internal resources.
Description
Technical Field
The present application relates to the field of computer networks, and in particular, to a management method and apparatus for a microservice framework, an electronic apparatus, and a storage medium.
Background
The authority management framework refers to a framework which is deployed on a system and can be accessed by a user and only can access self authorized resources according to a security rule or a security policy set by the system.
In the related technology, the authority management frame needs to be matched with the base tables of a plurality of databases for use, and when too many users exist in the system, the operation of using the authority management frame causes great operation pressure on the operation of the system; meanwhile, in the related technology, the security performance of the rights management framework is low, and the resources in the system can be easily accessed by intrusion; in addition, when the memory resources occupy too large amount of data in the system, a large amount of associated data can be generated, which is not beneficial to inquiring and maintaining internal resources and simultaneously influences the use experience.
At present, no effective solution is provided for the problems that the right management framework occupies large internal resources and is inconvenient to modify the internal resources in the related technology.
Disclosure of Invention
Adding an authority field in a base table of a database in a downstream module, wherein the authority field plays a role of identification, and then providing an interface, so that the interface is conveniently called to modify the downstream database during modification; and then building a micro-service permission management module, uniformly putting the base tables of the database in the downstream module into the micro-service permission management module, triggering permission modification operation on the micro-service permission management module to obtain the permission fields in the micro-service permission management module, and modifying the attribute values of the fields in the base tables of the database in the downstream module through the internal interface of the permission fields.
The embodiment of the application provides a method, a device, a system, an electronic device and a storage medium for managing the authority of a micro-service frame, so as to at least solve the problems that the authority management frame occupies larger internal resources and is inconvenient to modify the internal resources in the related art.
In a first aspect, an embodiment of the present application provides a method for managing permissions of a microservice framework, including:
adding a permission field and a unique identifier into a database table needing to be subjected to permission management in a downstream service, and providing an internal interface for modifying the permission field;
and when a user triggers the authority management operation, calling the corresponding internal interface by using the unique identifier to manage the corresponding authority in the downstream service.
In some embodiments, the rights management operation includes granting rights, de-authorizing, or uploading rights-related files.
In some embodiments, when a user triggers a rights management operation, the unique identifier is used to call the corresponding internal interface to modify the corresponding rights in the downstream service, and the method includes the following steps:
building a micro-service permission management module, extracting a database table which needs to be managed by authority in the downstream service, and maintaining the database table in the micro-service permission management module;
when a user triggers the authority management operation, the unique identification of the data needing to be modified is obtained from the micro-service permission management module, and the corresponding internal interface is called by utilizing the unique identification to modify the attribute value of the corresponding authority field in the downstream service.
In some embodiments, a micro-service permission management module is built, a database table that needs to be managed by authority in the downstream service is extracted, and the maintenance of the database table in the micro-service permission management module includes:
and extracting the database table which needs to be managed by the authority in the downstream service, and uniformly arranging the database table into a new database table in the micro-service permission management module for maintaining the database table.
In some embodiments, after the invoking the corresponding internal interface with the unique identifier to manage the corresponding rights field in the downstream service when the user triggers a rights management operation, the method further includes:
and transmitting the change record for modifying the corresponding authority field in the downstream service to an authority database for recording.
In some embodiments, after the modifying the attribute value of the corresponding permission field in the downstream service by calling the corresponding internal interface with the unique identifier, the method further comprises
And regularly cleaning the running process of the micro service license management module. In a second aspect, an embodiment of the present application provides a rights management apparatus for a microservice framework, including: an identification module and a management module;
the identification module is used for adding an authority field and a unique identification into a database table needing to be subjected to authority management in downstream service and providing an internal interface for modifying the authority field;
and the management module is used for calling the corresponding internal interface by using the unique identifier to manage the corresponding authority in the downstream service when a user triggers authority management operation.
In some embodiments, the management module comprises a construction unit and a calling unit;
the building unit is used for building a micro-service permission management module, extracting a database table which needs to be managed by authority in the downstream service, and maintaining the database table in the micro-service permission management module;
the calling unit is used for acquiring the unique identifier of the data to be modified from the micro-service permission management module when a user triggers the authority management operation, and calling the corresponding internal interface by using the unique identifier to modify the attribute value of the corresponding authority field in the downstream service. In a third aspect, an embodiment of the present application provides an electronic device, which includes a memory, a processor, and a computer program stored on the memory and executable on the processor, where the processor, when executing the computer program, implements the method for managing rights of a microservice framework as described in the first aspect.
In a fourth aspect, the present application provides a storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements a method for managing rights of a micro service framework as described in the first aspect above.
Compared with the related art, the method, the device, the electronic device and the storage medium for managing the authority of the micro-service framework are characterized in that the authority field and the unique identifier are added into a database table needing to be subjected to authority management in downstream service, and an internal interface for modifying the authority field is provided; when the user triggers the authority management operation, the corresponding internal interface is called by using the unique identifier to manage the corresponding authority in the downstream service. The problem that the right management frame occupies large internal resources and is inconvenient to modify the internal resources is solved, and the efficiency of modifying the internal resources is improved.
The details of one or more embodiments of the application are set forth in the accompanying drawings and the description below to provide a more thorough understanding of the application.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:
fig. 1 is a block diagram of a hardware structure of a managed terminal of a micro service framework according to an embodiment of the present application;
FIG. 2 is a flow chart of a method for managing a microservice framework in accordance with an embodiment of the present application;
FIG. 3 is a flow chart of another method of managing a microservice framework in accordance with an embodiment of the present application;
FIG. 4 is a block diagram of a rights management device of a microservice framework according to an embodiment of the present application;
fig. 5 is a block diagram of a computer-readable storage medium according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be described and illustrated below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments provided in the present application without any inventive step are within the scope of protection of the present application. Moreover, it should be appreciated that in the development of any such actual implementation, as in any engineering or design project, numerous implementation-specific decisions must be made to achieve the developers' specific goals, such as compliance with system-related and business-related constraints, which may vary from one implementation to another.
Reference in the specification to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the specification. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. Those of ordinary skill in the art will explicitly and implicitly appreciate that the embodiments described herein may be combined with other embodiments without conflict.
Unless defined otherwise, technical or scientific terms referred to herein shall have the ordinary meaning as understood by those of ordinary skill in the art to which this application belongs. Reference to "a," "an," "the," and similar words throughout this application are not to be construed as limiting in number, and may refer to the singular or the plural. The present application is directed to the use of the terms "including," "comprising," "having," and any variations thereof, which are intended to cover non-exclusive inclusions; for example, a process, method, system, article, or apparatus that comprises a list of steps or modules (elements) is not limited to the listed steps or elements, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus. Reference to "connected," "coupled," and the like in this application is not intended to be limited to physical or mechanical connections, but may include electrical connections, whether direct or indirect. Reference herein to "a plurality" means greater than or equal to two. "and/or" describes an association relationship of associated objects, meaning that three relationships may exist, for example, "A and/or B" may mean: a exists alone, A and B exist simultaneously, and B exists alone. Reference herein to the terms "first," "second," "third," and the like, are merely to distinguish similar objects and do not denote a particular ordering for the objects.
The method provided by the embodiment can be executed in a terminal, a computer or a similar operation device. Taking the example of the terminal running on the terminal, fig. 1 is a hardware structure block diagram of the terminal for management of the micro service framework according to the embodiment of the present application. As shown in fig. 1, the terminal 10 may include one or more (only one shown in fig. 1) processors 102 (the processor 102 may include, but is not limited to, a processing device such as a microprocessor MCU or a programmable logic device FPGA) and a memory 104 for storing data, and optionally may also include a transmission device 106 for communication functions and an input-output device 108. It will be understood by those skilled in the art that the structure shown in fig. 1 is only an illustration and is not intended to limit the structure of the terminal. For example, the terminal 10 may also include more or fewer components than shown in FIG. 1, or have a different configuration than shown in FIG. 1.
The memory 104 may be used to store computer programs, for example, software programs and modules of application software, such as a computer program corresponding to a management method of a micro service framework in an embodiment of the present invention, and the processor 102 executes various functional applications and data processing by running the computer programs stored in the memory 104, so as to implement the above-mentioned method. The memory 104 may include high speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some examples, the memory 104 may further include memory located remotely from the processor 102, which may be connected to the terminal 10 via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The transmission device 106 is used to receive or transmit data via a network. Specific examples of the network described above may include a wireless network provided by a communication provider of the terminal 10. In one example, the transmission device 106 includes a Network adapter (NIC) that can be connected to other Network devices through a base station to communicate with the internet. In one example, the transmission device 106 may be a Radio Frequency (RF) module, which is used to communicate with the internet in a wireless manner.
The present embodiment provides a management method of a micro service framework, and fig. 2 is a flowchart of a management method of a micro service framework according to an embodiment of the present application, and as shown in fig. 2, the flowchart includes the following steps:
step S201, adding a permission field and a unique identifier in a database table needing to be managed by the permission in the downstream service, and providing an internal interface for modifying the permission field.
The downstream service is a service for providing resources. Due to the large number of downstream services and the number of resources involved, it is inconvenient to manage. Therefore, it is necessary to provide an upstream service, and it is a responsibility of the upstream service to aggregate and centrally manage resources that need to be managed in a unified manner in all downstream services.
For example, there are many types of goods in an e-commerce system, each type can be considered as a downstream service, and the specific goods contained in each type can be considered as resources in the downstream service. At this point, a management platform may be provided, where resources in each type may be managed manually or automatically, and this management platform may be considered an upstream service.
At this time, since there are many resources in the downstream service, there may be problems in managing by name or some other way, for example, there may be a resource with a duplicate name, so a unique identifier is needed, and the upstream service can locate the resource in the downstream service through the unique identifier for management.
The management mode is that the authority field is modified, for example, i has a commodity table, a field is _ show is arranged in the authority field, the function of a field code is that whether the authority field is displayed on a page or can be seen by a user is judged, the authority field can be displayed if the authority field is set to be true, and the authority field is not displayed if the authority field is false.
And code is a non-repeating character string, and the code of each piece of data is non-repeating. For example, the upstream service triggers the authority management through some operations, at this time, the upstream service only needs to take out a code from a database in the upstream service according to a management rule, and transmits the code to the downstream service through network communication, and after the downstream service takes the code, the downstream service modifies the return value of is _ show into true or false according to the code, and at this time, even if one operation of the authority management is completed.
To explain further, the advantage of setting the code is that if there are two categories, one is a book category and one is a tv series category, if there is a book named "three kingdoms" in the book and the tv series category also has a tv series named "three kingdoms" in the book, then if only the resources of the book category are to be modified, errors may occur or both resources may be modified if the transmission is performed by name. The advantage of setting the permission field Is that if some resources are not wanted to be shown to the user or wanted to be shown to the user within a certain condition, for example, the resource Is not purchased by the user, or the resource Is not put on shelf, etc., at this time, when the database in the upstream and downstream services actually contains the data, the upstream service may select to trigger the permission management operation to set the Is _ show of the resource to false not to be shown to the user, rather than deleting the data, or waiting until the user purchases and then adds the data to the database, which increases a lot of cost.
Step S202, when the user triggers the authority management operation, the corresponding internal interface is called by the unique identifier to manage the corresponding authority in the downstream service.
When the user triggers the authority management operation, the authority management operation is called according to the internal interface corresponding to the unique identifier to achieve the authority in the downstream service management, and the authority management operation in the step S202 includes authority granting, authority canceling, or authority related file uploading.
In particular, a user may trigger a rights management operation by uploading some rights files. For example, the rights management module provides an interface for modifying rights, and the parameter of the interface is an encrypted file with a specified rule, and a user uploads the file to trigger the rights management operation.
After the user uploads the file, the permission management module analyzes the file and decrypts the file. There may be some content, such as packets, contained in the file. The package is a resource package, for example, i has a package name ex01, and only needs to write it into a file for uploading, and after obtaining ex01, the rights management module queries its own database according to ex01 to obtain unique identifiers of all resources under ex 01. At this time, all resources needing to be managed by the authority management module are acquired, then I acquire the internal interface corresponding to the downstream service according to the types of the resources, and then call the internal interface to modify the authority field in the downstream service. For example, the added field is _ show described above. By the method, the internal interface capable of modifying the resource permission field can be acquired more easily through the type in the resource, so that the internal interface can be called quickly.
In the related art, data directions in the modules are relatively independent, the modules are independent of each other and take their own roles, and the modules are mutually called in an http (flight) or rpc (dubbo) mode through communication among the modules.
Through the steps S201 to S202, the field and the unique identifier of the rights management are added to the downstream service, so that the upstream calls the base table that needs to be managed by the rights in the downstream service, and the field of the rights management can be extracted into an individual module by using the characteristics of the service, such as service registration and discovery and network communication.
This embodiment provides another management method for a microservice framework, and fig. 3 is a flowchart of another management method for a microservice framework according to an embodiment of the present application, and as shown in fig. 3, the flowchart includes the following steps:
step S301, adding an authority field and a unique identifier into a database table needing to be subjected to authority management in downstream service, and providing an internal interface for modifying the authority field;
because the behavior of calling the downstream service in the upstream service is complex, the authority field and the unique identifier need to be added into the database table subjected to authority management, so that the database table subjected to authority management in the downstream service and needing to be subjected to authority management can be conveniently called through the unique identifier in the following process.
Step S302, a micro-service permission management module is built, a database table which needs to be managed by authority in the downstream service is extracted, and the database table is maintained in the micro-service permission management module;
the micro-service license management module is used for dividing a single application program into a group of small modules, the small modules are coordinated and matched with each other, the modules are communicated with each other by adopting a lightweight communication mechanism, each module is constructed around a specific service and can be independently deployed in a production environment and a similar production environment, so that a database table needing to be managed by authority in downstream services is extracted by building the micro-service license management module, and then the database table is maintained for the micro-service license management module.
Step S303, when the user triggers the rights management operation, obtaining the unique identifier of the data to be modified from the micro-service license management module, and using the unique identifier to call the corresponding internal interface to modify the attribute value of the rights field corresponding to the downstream service.
The database table needing to be subjected to authority management in the downstream service is extracted by building the micro-service permission management module and is placed into the service permission management module to maintain the database table, and when a user needs to modify the attribute value of the authority field in the downstream service, the unique identifier can be directly obtained in the micro-service permission management module, so that the processing time is saved, and the database table can be subjected to centralized management in the micro-service permission management module.
In some embodiments, a micro-service license management module is built, a database table that needs to be managed by the authority in the downstream service is extracted, and the maintenance of the database table in the micro-service license management module includes:
and extracting the database table which needs to be managed by the authority in the downstream service, and uniformly arranging the database table into a new database table in the micro-service permission management module for maintaining the database table.
The downstream services need to be managed, and users can independently select to often need to perform authority management, so that the microservice license management module can be unified and arranged into a new database table for maintenance, management is facilitated, and the efficiency of maintaining the database table is improved.
In some embodiments, after the user triggers a rights management operation and invokes the corresponding internal interface with the unique identifier to manage the corresponding rights field in the downstream service, the method further includes:
and transmitting the change record for modifying the corresponding authority field in the downstream service to an authority database for recording.
The user can generate a plurality of records during modification, sometimes a problem occurs in system authority management, but the user forgets the modification process, so the modification process of the corresponding authority field in the downstream service is recorded and then transmitted to the authority database. The efficiency of managing the authority fields in the downstream database table is improved by storing the change process of the authority management fields.
In some embodiments, after the modifying the attribute value of the corresponding permission field in the downstream service by calling the corresponding internal interface with the unique identifier, the method further comprises
And regularly cleaning the running process of the micro service license management module.
The long-time modification of the attribute value of the corresponding permission field in the downstream service results in a large amount of cache during operation, and occupies a system memory, so that the operation of the microservice license management module needs to be cleaned regularly, the stability of the system is ensured, and the operation speed of the system is accelerated.
The present embodiment further provides a rights management apparatus of a micro service framework, where the apparatus is used to implement the embodiments and preferred embodiments of the web project configuration management method, and details of which have been already described are omitted. As used hereinafter, the terms "module," "unit," "subunit," and the like may implement a combination of software and/or hardware for a predetermined function. Although the means described in the embodiments below are preferably implemented in software, an implementation in hardware, or a combination of software and hardware is also possible and contemplated.
Fig. 4 is a block diagram of a rights management device of a microservice framework according to an embodiment of the present application, and as shown in fig. 4, the device includes: an identification module 41 and a management module 42;
the identification module 41 adds the authority field and the unique identification in the database table which needs to be managed by the authority in the downstream service, and provides an internal interface for modifying the authority field;
the management module 42 is configured to, when a user triggers a rights management operation, invoke the corresponding internal interface with the unique identifier to manage the corresponding rights in the downstream service.
In some of these embodiments, the rights management operation includes granting rights, de-authorizing, or uploading rights-related files.
In some of these embodiments, the apparatus further comprises: the device comprises a building unit and a calling unit;
the building unit is used for building a micro-service permission management module, extracting a database table needing to be managed by authority in the downstream service, and maintaining the database table in the micro-service permission management module;
the calling unit is used for acquiring the unique identifier of the data to be modified from the micro-service permission management module when a user triggers the authority management operation, and calling the corresponding internal interface by using the unique identifier to modify the attribute value of the corresponding authority field in the downstream service.
In some embodiments, a micro-service license management module is built, a database table that needs to be managed by the authority in the downstream service is extracted, and the maintenance of the database table in the micro-service license management module includes:
and extracting the database table which needs to be managed by the authority in the downstream service, and uniformly arranging the database table into a new database table in the micro-service permission management module for maintaining the database table.
In some embodiments, after the user triggers a rights management operation and invokes the corresponding internal interface with the unique identifier to manage the corresponding rights field in the downstream service, the method further includes:
and transmitting the change record for modifying the corresponding authority field in the downstream service to an authority database for recording.
In some embodiments, after the modifying the attribute value of the corresponding permission field in the downstream service by calling the corresponding internal interface with the unique identifier, the method further comprises
And regularly cleaning the running process of the micro service license management module.
The above modules may be functional modules or program modules, and may be implemented by software or hardware. For a module implemented by hardware, the modules may be located in the same processor; or the modules can be respectively positioned in different processors in any combination.
The present embodiment also provides an electronic device comprising a memory having a computer program stored therein and a processor configured to execute the computer program to perform the steps of any of the above method embodiments.
Optionally, the electronic apparatus may further include a transmission device and an input/output device, wherein the transmission device is connected to the processor, and the input/output device is connected to the processor.
Optionally, in this embodiment, the processor may be configured to execute the following steps by a computer program:
and step S1, adding the authority field and the unique identifier in a database table needing to be managed by the authority in the downstream service, and providing an internal interface for modifying the authority field.
Step S2, when the user triggers the authority management operation, the unique identification is used to call the corresponding internal interface to manage the corresponding authority in the downstream service;
in some of these embodiments, the rights management operation includes granting rights, de-authorizing, or uploading rights-related files.
In some embodiments, when the user triggers a rights management operation, the unique identifier is used to call the corresponding internal interface to modify the corresponding rights in the downstream service, including the following steps:
building a micro-service permission management module, extracting a database table which needs to be managed by authority in the downstream service, and maintaining the database table in the micro-service permission management module;
when a user triggers the authority management operation, the unique identification of the data needing to be modified is obtained from the micro-service permission management module, and the corresponding internal interface is called by utilizing the unique identification to modify the attribute value of the corresponding authority field in the downstream service.
In some embodiments, a micro-service license management module is built, a database table that needs to be managed by the authority in the downstream service is extracted, and the maintenance of the database table in the micro-service license management module includes:
and extracting the database table which needs to be managed by the authority in the downstream service, and uniformly arranging the database table into a new database table in the micro-service permission management module for maintaining the database table.
In some embodiments, after the user triggers a rights management operation and invokes the corresponding internal interface with the unique identifier to manage the corresponding rights field in the downstream service, the method further includes:
and transmitting the change record for modifying the corresponding authority field in the downstream service to an authority database for recording.
In some embodiments, after the modifying the attribute value of the corresponding permission field in the downstream service by calling the corresponding internal interface with the unique identifier, the method further comprises
And regularly cleaning the running process of the micro service license management module.
It should be noted that, for specific examples in this embodiment, reference may be made to examples described in the foregoing embodiments and optional implementations, and details of this embodiment are not described herein again.
In an embodiment, a computer-readable storage medium is provided, and fig. 5 is a block diagram of a computer-readable storage medium according to an embodiment of the present application, and fig. 5 shows a computer program stored thereon, and when executed by a processor, the computer program implements the steps in the rights management of a micro service framework provided in the foregoing embodiments, and the steps are as follows:
step S1, adding the authority field and the unique identification in the database table needing to be managed by the authority in the downstream service, and providing an internal interface for modifying the authority field;
step S2, when the user triggers the rights management operation, the unique identifier is used to call the corresponding internal interface to manage the corresponding rights in the downstream service.
In some of these embodiments, the rights management operation includes granting rights, de-authorizing, or uploading rights-related files.
In some embodiments, when the user triggers a rights management operation, the unique identifier is used to call the corresponding internal interface to modify the corresponding rights in the downstream service, including the following steps:
building a micro-service permission management module, extracting a database table which needs to be managed by authority in the downstream service, and maintaining the database table in the micro-service permission management module;
when a user triggers the authority management operation, the unique identification of the data needing to be modified is obtained from the micro-service permission management module, and the corresponding internal interface is called by utilizing the unique identification to modify the attribute value of the corresponding authority field in the downstream service.
In some embodiments, a micro-service license management module is built, a database table that needs to be managed by the authority in the downstream service is extracted, and the maintenance of the database table in the micro-service license management module includes:
and extracting the database table which needs to be managed by the authority in the downstream service, and uniformly arranging the database table into a new database table in the micro-service permission management module for maintaining the database table.
In some embodiments, after the user triggers a rights management operation and invokes the corresponding internal interface with the unique identifier to manage the corresponding rights field in the downstream service, the method further includes:
and transmitting the change record for modifying the corresponding authority field in the downstream service to an authority database for recording.
In some embodiments, after the modifying the attribute value of the corresponding permission field in the downstream service by calling the corresponding internal interface with the unique identifier, the method further comprises
And regularly cleaning the running process of the micro service license management module.
Those skilled in the art will appreciate that the architecture shown in fig. 5 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to serve as a limitation on the computer-readable storage media on which the disclosed aspects may be implemented, as a particular computing device may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory, among others. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above examples only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.
Claims (10)
1. A method for managing the authority of a micro-service framework is characterized by comprising the following steps:
adding a permission field and a unique identifier into a database table needing to be subjected to permission management in a downstream service, and providing an internal interface for modifying the permission field;
and when a user triggers the authority management operation, calling the corresponding internal interface by using the unique identifier to manage the corresponding authority in the downstream service.
2. The method of claim 1, wherein the rights management operation comprises granting rights, de-authorizing, or uploading a rights-related file.
3. The method according to claim 1 or 2, wherein when a user triggers a rights management operation, the unique identifier is used to call the corresponding internal interface to modify the corresponding rights in the downstream service, and the method comprises the following steps:
building a micro-service permission management module, extracting a database table which needs to be managed by authority in the downstream service, and maintaining the database table in the micro-service permission management module;
when a user triggers the authority management operation, the unique identification of the data needing to be modified is obtained from the micro-service permission management module, and the corresponding internal interface is called by utilizing the unique identification to modify the attribute value of the corresponding authority field in the downstream service.
4. The method of claim 3, wherein a micro-service license management module is built, a database table required to be managed by authority in the downstream service is extracted, and the maintenance of the database table in the micro-service license management module comprises:
and extracting the database table which needs to be managed by the authority in the downstream service, and uniformly arranging the database table into a new database table in the micro-service permission management module for maintaining the database table.
5. The method according to claim 1, wherein after the corresponding internal interface is called by the unique identifier to manage the corresponding permission field in the downstream service when the user triggers a permission management operation, the method further comprises:
and transmitting the change record for modifying the corresponding authority field in the downstream service to an authority database for recording.
6. The method as claimed in claim 3, wherein after said modifying the attribute value of the corresponding permission field in the downstream service by using the unique identifier to call the corresponding internal interface, the method further comprises
And regularly cleaning the running process of the micro service license management module.
7. A rights management apparatus of a microservice framework, comprising: an identification module and a management module;
the identification module is used for adding an authority field and a unique identification into a database table needing to be subjected to authority management in downstream service and providing an internal interface for modifying the authority field;
and the management module is used for calling the corresponding internal interface by using the unique identifier to manage the corresponding authority in the downstream service when a user triggers authority management operation.
8. The apparatus of claim 7, wherein the management module comprises a construction unit and a calling unit;
the building unit is used for building a micro-service permission management module, extracting a database table which needs to be managed by authority in the downstream service, and maintaining the database table in the micro-service permission management module;
the calling unit is used for acquiring the unique identifier of the data to be modified from the micro-service permission management module when a user triggers the authority management operation, and calling the corresponding internal interface by using the unique identifier to modify the attribute value of the corresponding authority field in the downstream service.
9. An electronic device comprising a memory and a processor, wherein the memory has stored therein a computer program, and the processor is configured to execute the computer program to perform a method of rights management for a microservice framework as claimed in any of claims 1 to 6.
10. A storage medium having a computer program stored thereon, wherein the computer program is configured to execute a method for rights management of a microservice framework in accordance with any of claims 1 to 6 when the computer program is run.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011379139.3A CN112364338B (en) | 2020-11-30 | 2020-11-30 | Management method and device of micro-service framework, electronic device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011379139.3A CN112364338B (en) | 2020-11-30 | 2020-11-30 | Management method and device of micro-service framework, electronic device and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112364338A true CN112364338A (en) | 2021-02-12 |
| CN112364338B CN112364338B (en) | 2024-04-09 |
Family
ID=74535708
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011379139.3A Active CN112364338B (en) | 2020-11-30 | 2020-11-30 | Management method and device of micro-service framework, electronic device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112364338B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108416199A (en) * | 2018-03-07 | 2018-08-17 | 北京恒华伟业科技股份有限公司 | A kind of user authority control method of application, device and server |
| CN111291360A (en) * | 2020-01-21 | 2020-06-16 | 中电福富信息科技有限公司 | Big data authority management method and system based on service governance |
| WO2020134838A1 (en) * | 2018-12-29 | 2020-07-02 | 深圳云天励飞技术有限公司 | Authority verification method and related device |
| CN111767095A (en) * | 2020-06-30 | 2020-10-13 | 平安国际智慧城市科技股份有限公司 | Micro-service generation method and device, terminal equipment and storage medium |
-
2020
- 2020-11-30 CN CN202011379139.3A patent/CN112364338B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108416199A (en) * | 2018-03-07 | 2018-08-17 | 北京恒华伟业科技股份有限公司 | A kind of user authority control method of application, device and server |
| WO2020134838A1 (en) * | 2018-12-29 | 2020-07-02 | 深圳云天励飞技术有限公司 | Authority verification method and related device |
| CN111291360A (en) * | 2020-01-21 | 2020-06-16 | 中电福富信息科技有限公司 | Big data authority management method and system based on service governance |
| CN111767095A (en) * | 2020-06-30 | 2020-10-13 | 平安国际智慧城市科技股份有限公司 | Micro-service generation method and device, terminal equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112364338B (en) | 2024-04-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10251053B1 (en) | Embedded subscriber identity module (eSIM) implementation on a wireless communication device using distributed ledger technology (DLT) | |
| EP3726411B1 (en) | Data desensitising method, server, terminal, and computer-readable storage medium | |
| US8255908B2 (en) | Managing tasks in a distributed system | |
| US20060143179A1 (en) | Apparatus and method for managing security policy information using a device management tree | |
| US10565372B1 (en) | Subscription-based multi-tenant threat intelligence service | |
| CN114401098B (en) | Application system and method for quickly constructing microservice | |
| CN110334126B (en) | Timing task processing method and device based on Spring MVC and computer equipment | |
| JP6329267B2 (en) | Intelligent firewall access rules | |
| CN106339267B (en) | A kind of Object Query method and server-side | |
| CN108173839B (en) | Authority management method and system | |
| CN112751847A (en) | Interface call request processing method and device, electronic equipment and storage medium | |
| CN111708586A (en) | Application starting configuration item loading method and device, computer equipment and storage medium | |
| CN113010378A (en) | Log processing method and device of microservice module, storage medium and electronic device | |
| Jukić et al. | Cloud-based services for the Internet of Things | |
| CN114125812A (en) | Data synchronization method, device, server and storage medium | |
| CN113127929A (en) | Data desensitization method, desensitization rule processing method, device, equipment and storage medium | |
| CN113420007A (en) | Audit processing method and device for database access and electronic equipment | |
| CN112364338A (en) | Management method and device of micro-service framework, electronic device and storage medium | |
| CN109815202B (en) | Log editing method and related device | |
| CN106936643B (en) | Equipment linkage method and terminal equipment | |
| CN110311935B (en) | Sharing method, sharing deployment system and client | |
| CN111045928A (en) | Interface data testing method, device, terminal and storage medium | |
| CN114880657A (en) | API topology hiding method, device and system | |
| CN115037789A (en) | Current limiting method, device, apparatus, storage medium and program product | |
| CN114710350A (en) | Allocation method and device for callable resources |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |