CN112580079A - Authority configuration method and device, electronic equipment and readable storage medium - Google Patents
Authority configuration method and device, electronic equipment and readable storage medium Download PDFInfo
- Publication number
- CN112580079A CN112580079A CN202011563003.8A CN202011563003A CN112580079A CN 112580079 A CN112580079 A CN 112580079A CN 202011563003 A CN202011563003 A CN 202011563003A CN 112580079 A CN112580079 A CN 112580079A
- Authority
- CN
- China
- Prior art keywords
- interface
- role
- authority
- configuration
- standard
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 34
- 238000000605 extraction Methods 0.000 claims abstract description 11
- 239000003999 initiator Substances 0.000 claims abstract description 11
- 238000004590 computer program Methods 0.000 claims description 11
- 238000012545 processing Methods 0.000 claims description 7
- 230000004931 aggregating effect Effects 0.000 claims description 2
- 238000012216 screening Methods 0.000 claims description 2
- 238000005516 engineering process Methods 0.000 abstract description 5
- 238000005457 optimization Methods 0.000 abstract description 2
- 230000006870 function Effects 0.000 description 7
- 238000007726 management method Methods 0.000 description 6
- 230000008859 change Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 238000004891 communication Methods 0.000 description 2
- 239000000284 extract Substances 0.000 description 2
- 239000004973 liquid crystal related substance Substances 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Automation & Control Theory (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to a process optimization technology, and discloses a permission configuration method, which comprises the following steps: acquiring a target code file according to the permission configuration request, and performing interface extraction on the target code file to obtain an interface set to be configured; carrying out interface combination and interface calling data combination on the interface set to be configured to obtain a standard interface set to be configured; extracting user role information in the permission configuration request, and performing role permission configuration on the user role information and all interfaces in a standard interface set to be configured according to a preset role permission table to obtain an interface permission configuration total set; and constructing an interface access page according to the access request and the interface authority configuration aggregate, and pushing the interface access page to the terminal equipment corresponding to the access request initiator. The invention also relates to a block chain technology, and the interface authority configuration aggregate can be stored in the block chain. The invention also provides an authority configuration device, an electronic device and a computer readable storage medium. The invention can improve the efficiency of authority configuration.
Description
Technical Field
The present invention relates to the field of process optimization technologies, and in particular, to a method and an apparatus for configuring permissions, an electronic device, and a readable storage medium.
Background
With the rapid development of internet technology, various company service lines are more and more, so that more and more service data are generated, the calling of the service data is more and more frequent, and for the data security of the newly added service data, different data interfaces of the service data need to be limited to different users for access, so that the data interfaces of the service data need to be configured with authority.
However, when configuring the authority of the data interface, it is necessary to configure each data interface separately, and the service data corresponding to each interface with the same authority can only be accessed and called separately through the corresponding interface, and cannot be called and managed in a centralized manner, so that the efficiency of configuring the authority of the interface is low.
Disclosure of Invention
The invention provides a permission configuration method, a permission configuration device, electronic equipment and a computer readable storage medium, and mainly aims to improve permission configuration efficiency.
In order to achieve the above object, the present invention provides a method for configuring permissions, comprising:
responding to a permission configuration request, acquiring a target code file according to the permission configuration request, and performing interface extraction on the target code file to obtain an interface set to be configured;
performing interface calling data combination and interface combination on all interfaces in the interface set to be configured according to the interface authority of each interface in the interface set to be configured to obtain a standard interface set to be configured;
extracting user role information in the permission configuration request, and performing role permission configuration on each interface in the standard interface set to be configured according to a preset role permission table and the user role information to obtain an interface permission configuration total set;
receiving an access request, constructing an interface access page according to the access request and the interface authority configuration aggregate, and pushing the interface access page to terminal equipment corresponding to an access request initiator.
Optionally, the obtaining an object code file according to the permission configuration request, and performing interface extraction on the object code file to obtain an interface set to be configured includes:
extracting a code path in the permission configuration request, and acquiring a corresponding code file in a preset code library according to the code path to obtain the target code file;
and reading all interfaces in the target code file to obtain the interface set to be configured.
Optionally, the performing interface call data merging and interface merging on all interfaces in the interface set to be configured according to the interface authority of each interface included in the interface set to be configured to obtain a standard interface set to be configured includes:
extracting the interfaces with the same interface authority in the interface set to be configured to obtain a corresponding interface subset;
merging all interfaces in the interface subset to obtain a standard interface;
and summarizing all the standard interfaces to obtain the standard interface set to be configured.
Optionally, the merging all interfaces in the interface subset to obtain a standard interface includes:
acquiring corresponding interface calling data according to an interface path contained in each interface in the interface subset;
merging all the interface calling data to obtain target data, storing the target data in a preset database and generating a storage path;
and randomly selecting one interface from the interface subset to determine as an initial interface, and replacing an interface path contained in the initial interface with the storage path to obtain the standard interface.
Optionally, the performing role authority configuration on each interface in the standard interface set to be configured according to a preset role authority table and the user role information to obtain an interface authority configuration aggregate, including:
extracting all roles in the user role information and performing duplicate removal processing to obtain a role set;
marking the interface authority corresponding to each role in the role set according to the preset role authority table to obtain a standard role set;
acquiring a corresponding interface in the standard interface set to be configured according to the interface authority of each role in the standard role set to obtain a corresponding role interface set;
associating each user in the user role information with the role interface set of the corresponding role to obtain a user role interface set;
and summarizing all the user role interface sets to obtain the interface authority configuration total set.
Optionally, constructing an interface access page according to the access request and the interface authority configuration aggregate, including:
constructing a user role keyword according to the user login information in the access request;
screening a user role interface set corresponding to the interface authority configuration total set by using the user role keywords;
and constructing the interface access page by using all the screened interfaces in the user role interface set.
Optionally, the aggregating all the standard interfaces to obtain the standard interface set to be configured includes:
converting all data contained in each standard interface into json format to obtain a corresponding target interface;
and summarizing all the target interfaces to obtain the standard interface set to be configured.
In order to solve the above problem, the present invention also provides an authority configuration apparatus, including:
the interface configuration module is used for responding to the authority configuration request, acquiring a target code file according to the authority configuration request, and performing interface extraction on the target code file to obtain an interface set to be configured; performing interface calling data combination and interface combination on all interfaces in the interface set to be configured according to the interface authority of each interface in the interface set to be configured to obtain a standard interface set to be configured;
the authority configuration module is used for extracting user role information in the authority configuration request, and performing role authority configuration on each interface in the standard interface set to be configured according to a preset role authority table and the user role information to obtain an interface authority configuration total set;
and the authority interface pushing module is used for constructing an interface access page according to the access request and the interface authority configuration aggregate and pushing the interface access page to the terminal equipment corresponding to the access request initiator.
In order to solve the above problem, the present invention also provides an electronic device, including:
a memory storing at least one computer program; and
and the processor executes the computer program stored in the memory to realize the authority configuration method.
In order to solve the above problem, the present invention also provides a computer-readable storage medium, in which at least one computer program is stored, and the at least one computer program is executed by a processor in an electronic device to implement the rights configuration method described above.
According to the embodiment of the invention, a target code file is obtained according to the permission configuration request, and interface extraction is carried out on the target code file to obtain an interface set to be configured; interface calling data combination and interface combination are carried out on all interfaces in the interface set to be configured according to the interface authority of each interface in the interface set to be configured, so that a standard interface set to be configured is obtained, and the authority configuration of a plurality of interfaces can be converted into the authority configuration of one interface by combining a plurality of interfaces into one interface, so that the authority configuration efficiency is improved; extracting user role information in the permission configuration request, performing role permission configuration on each interface in the standard interface set to be configured according to a preset role permission table and the user role information to obtain an interface permission configuration total set, wherein different roles of the same user respectively correspond to different user role interface sets, so that the influence of permission configuration caused by user role change can be reduced, and when the roles of the user change, only the corresponding user role interface sets need to be added or deleted, so that the permission configuration efficiency is improved; and constructing an interface access page according to the access request and the interface authority configuration aggregate, and pushing the interface access page to the terminal equipment corresponding to the access request initiator. Therefore, the permission configuration method, the permission configuration device, the electronic equipment and the computer-readable storage medium provided by the embodiment of the invention improve the permission configuration efficiency.
Drawings
Fig. 1 is a schematic flowchart of a permission configuration method according to an embodiment of the present invention;
fig. 2 is a block diagram of a privilege configuration apparatus according to an embodiment of the present invention;
fig. 3 is a schematic internal structural diagram of an electronic device implementing a permission configuration method according to an embodiment of the present invention;
the implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The embodiment of the invention provides a permission configuration method. The execution subject of the authority configuration method includes, but is not limited to, at least one of electronic devices such as a server and a terminal, which can be configured to execute the method provided by the embodiments of the present application. In other words, the authority configuration method may be performed by software or hardware installed in the terminal device or the server device, and the software may be a block chain platform. The server includes but is not limited to: a single server, a server cluster, a cloud server or a cloud server cluster, and the like.
Referring to fig. 1, a flowchart of a permission configuration method according to an embodiment of the present invention is shown, where in the embodiment of the present invention, the permission configuration method includes:
s1, responding to the authority configuration request, acquiring a target code file according to the authority configuration request, and performing interface extraction on the target code file to obtain an interface set to be configured;
in the embodiment of the present invention, the permission configuration request is permission configuration request information of a newly added service of a certain company, and includes: the method comprises the steps of code path and user role information, wherein the code path is a hosting path of an object code file of a newly added service in a preset code library, the object code file is an access calling code of service data of the newly added service, the user role information is role information of each user in the newly added service, and the same user can have different roles, such as that a user A is a project principal or a general manager.
Further, in order to configure information that different user roles in the user role information can access, in the embodiment of the present invention, an object code file is obtained according to the permission configuration request, and all interfaces of the object code file are extracted to obtain an interface set to be configured.
In detail, in the embodiment of the present invention, the obtaining an object code file according to the permission configuration request, and extracting all interfaces of the object code file to obtain an interface set to be configured includes: extracting a code path in the permission configuration request, and acquiring a corresponding code file in a preset code library according to the code path to obtain the target code file; and reading all interfaces in the target code file to obtain an interface set to be configured. The interface comprises an interface type, an interface path and an interface authority, and further the interface authority is the interface authority as follows: and the interface path is a storage path of data which can be called by the interface.
S2, performing interface calling data merging and interface merging on all interfaces in the interface set to be configured according to the interface authority of each interface contained in the interface set to be configured to obtain a standard interface set to be configured;
in the embodiment of the invention, in order to improve the calling efficiency of the interfaces, interface calling data merging and interface merging are carried out on all the interfaces in the interface set to be configured according to the interface authority of each interface in the interface set to be configured, so that a standard interface set to be configured is obtained.
In detail, in the embodiment of the present invention, the performing interface call data merging and interface merging on all interfaces in the interface set to be configured according to the interface permission of each interface included in the interface set to be configured to obtain the standard interface set to be configured includes: extracting the interfaces with the same interface authority in the interface set to be configured to obtain a corresponding interface subset, such as: the interface to be configured is a class A interface and a class B interface, all class A interfaces in the interface set to be configured are extracted to obtain a class A interface subset, and all class B interfaces in the interface set to be configured are extracted to obtain a class B interface subset; merging all interfaces in the interface subset to obtain a standard interface; and summarizing all the standard interfaces to obtain the standard interface set to be configured.
Further, in this embodiment of the present invention, the merging all interfaces in the interface subset to obtain a standard interface includes: acquiring corresponding interface calling data according to an interface path contained in each interface in the interface subset, wherein the interface calling data are data which can be acquired by calling each interface through the interface path; merging all the interface calling data to obtain target data, realizing centralized calling management of data corresponding to interfaces with the same interface authority, storing the target data in a preset database and generating a storage path; and randomly selecting one interface from the interface subset to determine as an initial interface, and replacing an interface path contained in the initial interface with the storage path to obtain the standard interface. Further, in order to facilitate the call of the interfaces, all data included in each standard interface is converted into a json format to obtain a corresponding target interface, and all the target interfaces are summarized to obtain the standard interface set to be configured.
The plurality of interfaces are combined into one interface, so that the authority configuration of the plurality of interfaces can be converted into the authority configuration of one interface, and the efficiency of the authority configuration is improved.
S3, extracting user role information in the permission configuration request, and performing role permission configuration on each interface in the standard interface set to be configured according to a preset role permission table and the user role information to obtain an interface permission configuration total set;
in this embodiment of the present invention, the performing role authority configuration on each interface in the standard interface set to be configured according to a preset role authority table and the user role information to obtain an authority configuration interface set includes: extracting all roles in the user role information and performing duplicate removal processing to obtain a role set; marking the interface authority corresponding to each role in the role set according to the preset role authority table to obtain a standard role set, avoiding repeated matching of the same roles of different users, and improving matching efficiency, wherein the preset role authority table contains the interface authorities corresponding to different roles, such as: the role is an engineer, the interface authorities corresponding to the engineer are A level and B level, and then the engineer can access the A level interface and the B level interface; acquiring a corresponding interface in the standard interface set to be configured according to the interface authority of each role in the standard role set to obtain a corresponding role interface set, such as: if the interface authority of the engineer role is A level and B level, acquiring an A level interface and a B level interface in the standard interface set to be configured to obtain a role interface set corresponding to the engineer role; associating each user in the user role information with the role interface set of the corresponding role to obtain a user role interface set, if the role of the user A is an engineer and a project group leader, associating the user A with the engineer role interface set to obtain a user A engineer role interface set, and associating the user A with the project group leader role interface set to obtain a user A project group leader role interface set; and summarizing all user role interface sets to obtain an interface authority configuration total set. The embodiment of the invention can reduce the influence of the permission configuration caused by the change of the user role by respectively corresponding different user role interface sets to different roles of the same user, and only needs to add or delete the corresponding user role interface sets when the role of the user is changed, thereby improving the efficiency of the permission configuration.
In another embodiment of the present invention, in order to ensure the privacy of data, the interface authority configuration aggregate may be stored in a block link point.
S4, receiving an access request, constructing an interface access page according to the access request and the interface authority configuration aggregate, and pushing the interface access page to the terminal equipment corresponding to the access request initiator.
In the embodiment of the present invention, the access request is user login information subjected to login authentication, where the user login information includes user information and role information, for example: the login information of the user is the user information A, the role information is the engineer, further, in the embodiment of the invention, the user role key words are constructed according to the user login information in the access request, and the user role key words are utilized to screen the user role interface set corresponding to the interface authority configuration aggregate, such as: the login information of a user is user information A, the role information is an engineer, the constructed user role key word is a user A engineer, a user A engineer role interface set in the interface authority configuration total set is screened, an interface access page is constructed by utilizing all interfaces in the screened user role interface set, and in detail, a blank interface component page is created by all the interfaces in the screened user role interface set; binding each interface in the screened user role interface set with a corresponding component in the interface component page to obtain the interface access page, wherein the interface access page comprises the following steps: and then creating an interface component page comprising a blank A interface component and a blank B interface component, then binding the blank A interface component with the A interface, and binding the blank B interface component with the B interface to obtain the interface access page, and further pushing the interface access page to the terminal equipment of the access request initiator, wherein the interface access page is a front-end page capable of accessing all the interfaces in the user role interface set.
Fig. 2 is a functional block diagram of the right configuration apparatus according to the present invention.
The authority configuration apparatus 100 of the present invention may be installed in an electronic device. According to the implemented functions, the authority configuration device may include an interface configuration module 101, an authority configuration module 102, and an authority interface pushing module 103, which may also be referred to as a unit, and refers to a series of computer program segments that can be executed by a processor of an electronic device and can perform fixed functions, and are stored in a memory of the electronic device.
In the present embodiment, the functions regarding the respective modules/units are as follows:
the interface configuration module 101 is configured to respond to a permission configuration request, obtain an object code file according to the permission configuration request, and perform interface extraction on the object code file to obtain an interface set to be configured; and carrying out interface calling data combination and interface combination on all the interfaces in the interface set to be configured according to the interface authority of each interface in the interface set to be configured to obtain a standard interface set to be configured.
In the embodiment of the present invention, the permission configuration request is permission configuration request information of a newly added service of a certain company, and includes: the method comprises the steps of code path and user role information, wherein the code path is a hosting path of an object code file of a newly added service in a preset code library, the object code file is an access calling code of service data of the newly added service, the user role information is role information of each user in the newly added service, and the same user can have different roles, such as that a user A is a project principal or a general manager.
Further, in order to configure information that different user roles in the user role information can access, in the embodiment of the present invention, the interface configuration module 101 obtains an object code file according to the permission configuration request, extracts all interfaces of the object code file, and obtains an interface set to be configured.
In detail, in the embodiment of the present invention, the interface configuration module 101 extracts all interfaces of the object code file by using the following means to obtain an interface set to be configured, including: extracting a code path in the permission configuration request, and acquiring a corresponding code file in a preset code library according to the code path to obtain the target code file; and reading all interfaces in the target code file to obtain an interface set to be configured. The interface comprises an interface type, an interface path and an interface authority, and further the interface authority is the interface authority as follows: and the interface path is a storage path of data which can be called by the interface.
In the embodiment of the invention, in order to improve the calling efficiency of the interfaces, interface calling data merging and interface merging are carried out on all the interfaces in the interface set to be configured according to the interface authority of each interface in the interface set to be configured, so that a standard interface set to be configured is obtained.
In detail, in this embodiment of the present invention, the interface configuration module 101 performs interface call data merging and interface merging on all interfaces in the interface set to be configured according to the interface right of each interface included in the interface set to be configured by using the following means, so as to obtain the standard interface set to be configured, including: extracting the interfaces with the same interface authority in the interface set to be configured to obtain a corresponding interface subset, such as: the interface to be configured is a class A interface and a class B interface, all class A interfaces in the interface set to be configured are extracted to obtain a class A interface subset, and all class B interfaces in the interface set to be configured are extracted to obtain a class B interface subset; merging all interfaces in the interface subset to obtain a standard interface; and summarizing all the standard interfaces to obtain the standard interface set to be configured.
Further, in this embodiment of the present invention, the merging, by the interface configuration module 101, all interfaces in the interface subset by using the following means to obtain a standard interface includes: acquiring corresponding interface calling data according to an interface path contained in each interface in the interface subset, wherein the interface calling data are data which can be acquired by each interface through interface path access; merging all the interface calling data to obtain target data, storing the target data in a preset database and generating a storage path; and randomly selecting one interface from the interface subset to determine as an initial interface, and replacing an interface path contained in the initial interface with the storage path to obtain the standard interface. Further, in order to facilitate the invocation of the interfaces, all data included in each standard interface is converted into a json format to obtain a corresponding target interface, all the target interfaces are summarized to obtain the standard interface set to be configured, and preferably, the preset interface format in the embodiment of the present invention is the json format.
The plurality of interfaces are combined into one interface, so that the authority configuration of the plurality of interfaces can be converted into the authority configuration of one interface, and the efficiency of the authority configuration is improved.
The permission configuration module 102 is configured to extract user role information in the permission configuration request, and perform role permission configuration on each interface in the standard interface set to be configured according to a preset role permission table and the user role information to obtain an interface permission configuration total set.
In this embodiment of the present invention, the authority configuration module 102 performs role authority association between the user role information and all interfaces in the standard interface set to be configured by using the following means to obtain an authority configuration interface set, including: extracting all roles in the user role information and performing duplicate removal processing to obtain a role set; marking the interface authority corresponding to each role in the role set according to the preset role authority table to obtain a standard role set, avoiding repeated matching of the same roles of different users, and improving matching efficiency, wherein the preset role authority table contains the interface authorities corresponding to different roles, such as: the role is an engineer, the interface authorities corresponding to the engineer are A level and B level, and then the engineer can access the A level interface and the B level interface; acquiring a corresponding interface in the standard interface set to be configured according to the interface authority of each role in the standard role set to obtain a corresponding role interface set, such as: if the interface authority of the engineer role is A level and B level, acquiring an A level interface and a B level interface in the standard interface set to be configured to obtain a role interface set corresponding to the engineer role; associating each user in the user role information with the role interface set of the corresponding role to obtain a user role interface set, if the role of the user A is an engineer and a project group leader, associating the user A with the engineer role interface set to obtain a user A engineer role interface set, and associating the user A with the project group leader role interface set to obtain a user A project group leader role interface set; and summarizing all user role interface sets to obtain an interface authority configuration total set. The embodiment of the invention can reduce the influence of the permission configuration caused by the change of the user role by respectively corresponding different user role interface sets to different roles of the same user, and only needs to add or delete the corresponding user role interface sets when the role of the user is changed, thereby improving the efficiency of the permission configuration.
In another embodiment of the present invention, in order to ensure the privacy of data, the interface authority configuration aggregate may be stored in a block link point.
The authority interface pushing module 103 is configured to construct an interface access page according to the access request and the interface authority configuration aggregate, and push the interface access page to the terminal device corresponding to the access request initiator.
In the embodiment of the present invention, the access request is user login information subjected to login authentication, where the user login information includes user information and role information, for example: further, in the embodiment of the present invention, the authority interface pushing module 103 constructs a user role keyword according to the user login information in the access request, and screens a user role interface set corresponding to the interface authority configuration total set by using the user role keyword, where the login information of the user is a user a, and the role information is an engineer, and if: the login information of the user is user information A, the role information is an engineer, the constructed user role key word is a user A engineer, and a user A engineer role interface set in the interface authority configuration total set is screened; the permission interface pushing module 103 constructs an interface access page by using all the interfaces in the user role interface set which are screened, and in detail, the permission interface pushing module 103 creates a blank interface component page for all the interfaces in the user role interface set which are screened according to the embodiment of the present invention; binding each interface in the screened user role interface set with a corresponding component in the interface component page to obtain the interface access page, wherein the interface access page comprises the following steps: and then creating an interface component page comprising a blank A interface component and a blank B interface component, then binding the blank A interface component with the A interface, and binding the blank B interface component with the B interface to obtain the interface access page, and further pushing the interface access page to the terminal equipment of the access request initiator, wherein the interface access page is a front-end page capable of accessing all the interfaces in the user role interface set.
Fig. 3 is a schematic structural diagram of an electronic device implementing the permission configuration method according to the present invention.
The electronic device 1 may comprise a processor 10, a memory 11 and a bus, and may further comprise a computer program, such as a rights configuration program 12, stored in the memory 11 and executable on the processor 10.
The memory 11 includes at least one type of readable storage medium, which includes flash memory, removable hard disk, multimedia card, card-type memory (e.g., SD or DX memory, etc.), magnetic memory, magnetic disk, optical disk, etc. The memory 11 may in some embodiments be an internal storage unit of the electronic device 1, such as a removable hard disk of the electronic device 1. The memory 11 may also be an external storage device of the electronic device 1 in other embodiments, such as a plug-in mobile hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like, which are provided on the electronic device 1. Further, the memory 11 may also include both an internal storage unit and an external storage device of the electronic device 1. The memory 11 may be used not only to store application software installed in the electronic device 1 and various types of data, such as codes of a rights configuration program, but also to temporarily store data that has been output or is to be output.
The processor 10 may be composed of an integrated circuit in some embodiments, for example, a single packaged integrated circuit, or may be composed of a plurality of integrated circuits packaged with the same or different functions, including one or more Central Processing Units (CPUs), microprocessors, digital Processing chips, graphics processors, and combinations of various control chips. The processor 10 is a Control Unit (Control Unit) of the electronic device, connects various components of the electronic device by using various interfaces and lines, and executes various functions and processes data of the electronic device 1 by running or executing programs or modules (such as a permission configuration program) stored in the memory 11 and calling data stored in the memory 11.
The bus may be a Peripheral Component Interconnect (PCI) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. The bus is arranged to enable connection communication between the memory 11 and at least one processor 10 or the like.
Fig. 3 shows only an electronic device with components, and it will be understood by those skilled in the art that the structure shown in fig. 3 does not constitute a limitation of the electronic device 1, and may comprise fewer or more components than those shown, or some components may be combined, or a different arrangement of components.
For example, although not shown, the electronic device 1 may further include a power supply (such as a battery) for supplying power to each component, and preferably, the power supply may be logically connected to the at least one processor 10 through a power management device, so as to implement functions of charge management, discharge management, power consumption management, and the like through the power management device. The power supply may also include any component of one or more dc or ac power sources, recharging devices, power failure detection circuitry, power converters or inverters, power status indicators, and the like. The electronic device 1 may further include various sensors, a bluetooth module, a Wi-Fi module, and the like, which are not described herein again.
Further, the electronic device 1 may further include a network interface, and optionally, the network interface may include a wired interface and/or a wireless interface (such as a WI-FI interface, a bluetooth interface, etc.), which are generally used for establishing a communication connection between the electronic device 1 and other electronic devices.
Optionally, the electronic device 1 may further comprise a user interface, which may be a Display (Display), an input unit (such as a Keyboard), and optionally a standard wired interface, a wireless interface. Alternatively, in some embodiments, the display may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, an OLED (Organic Light-Emitting Diode) touch device, or the like. The display, which may also be referred to as a display screen or display unit, is suitable for displaying information processed in the electronic device 1 and for displaying a visualized user interface, among other things.
It is to be understood that the described embodiments are for purposes of illustration only and that the scope of the appended claims is not limited to such structures.
The rights configuration program 12 stored in the memory 11 of the electronic device 1 is a combination of a plurality of computer programs which, when run in the processor 10, enable:
responding to a permission configuration request, acquiring a target code file according to the permission configuration request, and performing interface extraction on the target code file to obtain an interface set to be configured;
performing interface calling data combination and interface combination on all interfaces in the interface set to be configured according to the interface authority of each interface in the interface set to be configured to obtain a standard interface set to be configured;
extracting user role information in the permission configuration request, and performing role permission configuration on each interface in the standard interface set to be configured according to a preset role permission table and the user role information to obtain an interface permission configuration total set;
receiving an access request, constructing an interface access page according to the access request and the interface authority configuration aggregate, and pushing the interface access page to terminal equipment corresponding to an access request initiator.
Specifically, the processor 10 may refer to the description of the relevant steps in the embodiment corresponding to fig. 1 for a specific implementation method of the computer program, which is not described herein again.
Further, the integrated modules/units of the electronic device 1, if implemented in the form of software functional units and sold or used as separate products, may be stored in a computer readable storage medium. The computer readable medium may be non-volatile or volatile. The computer-readable medium may include: any entity or device capable of carrying said computer program code, recording medium, U-disk, removable hard disk, magnetic disk, optical disk, computer Memory, Read-Only Memory (ROM).
Further, the computer usable storage medium may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function, and the like; the storage data area may store data created according to the use of the blockchain node, and the like.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus, device and method can be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the modules is only one logical functional division, and other divisions may be realized in practice.
The modules described as separate parts may or may not be physically separate, and parts displayed as modules may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment.
In addition, functional modules in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional module.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof.
The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference signs in the claims shall not be construed as limiting the claim concerned.
The block chain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism, an encryption algorithm and the like. A block chain (Blockchain), which is essentially a decentralized database, is a series of data blocks associated by using a cryptographic method, and each data block contains information of a batch of network transactions, so as to verify the validity (anti-counterfeiting) of the information and generate a next block. The blockchain may include a blockchain underlying platform, a platform product service layer, an application service layer, and the like.
Furthermore, it is obvious that the word "comprising" does not exclude other elements or steps, and the singular does not exclude the plural. A plurality of units or means recited in the system claims may also be implemented by one unit or means in software or hardware. The terms second, etc. are used to denote names, but not any particular order.
Finally, it should be noted that the above embodiments are only for illustrating the technical solutions of the present invention and not for limiting, and although the present invention is described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications or equivalent substitutions may be made on the technical solutions of the present invention without departing from the spirit and scope of the technical solutions of the present invention.
Claims (10)
1. A method for configuring rights, the method comprising:
responding to a permission configuration request, acquiring a target code file according to the permission configuration request, and performing interface extraction on the target code file to obtain an interface set to be configured;
performing interface calling data combination and interface combination on all interfaces in the interface set to be configured according to the interface authority of each interface in the interface set to be configured to obtain a standard interface set to be configured;
extracting user role information in the permission configuration request, and performing role permission configuration on each interface in the standard interface set to be configured according to a preset role permission table and the user role information to obtain an interface permission configuration total set;
receiving an access request, constructing an interface access page according to the access request and the interface authority configuration aggregate, and pushing the interface access page to terminal equipment corresponding to an access request initiator.
2. The permission configuration method of claim 1, wherein the obtaining of the object code file according to the permission configuration request and the interface extraction of the object code file to obtain an interface set to be configured comprise:
extracting a code path in the permission configuration request, and acquiring a corresponding code file in a preset code library according to the code path to obtain the target code file;
and reading all interfaces in the target code file to obtain the interface set to be configured.
3. The permission configuration method of claim 2, wherein the performing interface call data merging and interface merging on all interfaces in the interface set to be configured according to the interface permission of each interface included in the interface set to be configured to obtain a standard interface set to be configured comprises:
extracting the interfaces with the same interface authority in the interface set to be configured to obtain a corresponding interface subset;
merging all interfaces in the interface subset to obtain a standard interface;
and summarizing all the standard interfaces to obtain the standard interface set to be configured.
4. The privilege configuration method according to claim 3, wherein the merging all interfaces in the subset of interfaces to obtain a standard interface comprises:
acquiring corresponding interface calling data according to an interface path contained in each interface in the interface subset;
merging all the interface calling data to obtain target data, storing the target data in a preset database and generating a storage path;
and randomly selecting one interface from the interface subset to determine as an initial interface, and replacing an interface path contained in the initial interface with the storage path to obtain the standard interface.
5. The permission configuration method of claim 4, wherein the performing role permission configuration on each interface in the standard to-be-configured interface set according to a preset role permission table and the user role information to obtain an interface permission configuration aggregate comprises:
extracting all roles in the user role information and performing duplicate removal processing to obtain a role set;
marking the interface authority corresponding to each role in the role set according to the preset role authority table to obtain a standard role set;
acquiring a corresponding interface in the standard interface set to be configured according to the interface authority of each role in the standard role set to obtain a corresponding role interface set;
associating each user in the user role information with the role interface set of the corresponding role to obtain a user role interface set;
and summarizing all the user role interface sets to obtain the interface authority configuration total set.
6. The privilege configuration method according to claim 5, wherein the constructing an interface access page according to the access request and the interface privilege configuration aggregate comprises:
constructing a user role keyword according to the user login information in the access request;
screening a user role interface set corresponding to the interface authority configuration total set by using the user role keywords;
and constructing the interface access page by using all the screened interfaces in the user role interface set.
7. The permission configuration method of claim 3, wherein the aggregating all the standard interfaces to obtain the standard interface set to be configured comprises:
converting all data contained in each standard interface into json format to obtain a corresponding target interface;
and summarizing all the target interfaces to obtain the standard interface set to be configured.
8. An authority configuration apparatus, comprising:
the interface configuration module is used for responding to the authority configuration request, acquiring a target code file according to the authority configuration request, and performing interface extraction on the target code file to obtain an interface set to be configured; performing interface calling data combination and interface combination on all interfaces in the interface set to be configured according to the interface authority of each interface in the interface set to be configured to obtain a standard interface set to be configured;
the authority configuration module is used for extracting user role information in the authority configuration request, and performing role authority configuration on each interface in the standard interface set to be configured according to a preset role authority table and the user role information to obtain an interface authority configuration total set;
and the authority interface pushing module is used for constructing an interface access page according to the access request and the interface authority configuration aggregate and pushing the interface access page to the terminal equipment corresponding to the access request initiator.
9. An electronic device, characterized in that the electronic device comprises:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein,
the memory stores computer program instructions executable by the at least one processor to enable the at least one processor to perform the privilege configuration method as claimed in any one of claims 1 to 7.
10. A computer-readable storage medium, in which a computer program is stored, which, when being executed by a processor, implements the rights configuration method according to any one of claims 1 to 7.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011563003.8A CN112580079A (en) | 2020-12-25 | 2020-12-25 | Authority configuration method and device, electronic equipment and readable storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011563003.8A CN112580079A (en) | 2020-12-25 | 2020-12-25 | Authority configuration method and device, electronic equipment and readable storage medium |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112580079A true CN112580079A (en) | 2021-03-30 |
Family
ID=75140530
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011563003.8A Pending CN112580079A (en) | 2020-12-25 | 2020-12-25 | Authority configuration method and device, electronic equipment and readable storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112580079A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113900841A (en) * | 2021-12-09 | 2022-01-07 | 杭州安恒信息技术股份有限公司 | API interface authority management and API interface calling method and related device |
CN114065183A (en) * | 2021-10-18 | 2022-02-18 | 深信服科技股份有限公司 | Authority control method and device, electronic equipment and storage medium |
WO2023087278A1 (en) * | 2021-11-19 | 2023-05-25 | 国云科技股份有限公司 | Cloud platform permission setting method and apparatus, terminal device, and storage medium |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20180210869A1 (en) * | 2017-01-26 | 2018-07-26 | Sap Se | Adaptable application variants |
CN109992988A (en) * | 2018-01-02 | 2019-07-09 | 中国移动通信有限公司研究院 | A data rights management method and device |
CN111191221A (en) * | 2019-12-30 | 2020-05-22 | 腾讯科技(深圳)有限公司 | Method and device for configuring authority resources and computer readable storage medium |
CN112052030A (en) * | 2020-08-24 | 2020-12-08 | 东风汽车有限公司 | Interface authority configuration method, storage medium and system of vehicle-mounted application program |
CN112115103A (en) * | 2020-09-02 | 2020-12-22 | 北京奇艺世纪科技有限公司 | File address display method and device, electronic equipment and readable storage medium |
-
2020
- 2020-12-25 CN CN202011563003.8A patent/CN112580079A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20180210869A1 (en) * | 2017-01-26 | 2018-07-26 | Sap Se | Adaptable application variants |
CN109992988A (en) * | 2018-01-02 | 2019-07-09 | 中国移动通信有限公司研究院 | A data rights management method and device |
CN111191221A (en) * | 2019-12-30 | 2020-05-22 | 腾讯科技(深圳)有限公司 | Method and device for configuring authority resources and computer readable storage medium |
CN112052030A (en) * | 2020-08-24 | 2020-12-08 | 东风汽车有限公司 | Interface authority configuration method, storage medium and system of vehicle-mounted application program |
CN112115103A (en) * | 2020-09-02 | 2020-12-22 | 北京奇艺世纪科技有限公司 | File address display method and device, electronic equipment and readable storage medium |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114065183A (en) * | 2021-10-18 | 2022-02-18 | 深信服科技股份有限公司 | Authority control method and device, electronic equipment and storage medium |
WO2023087278A1 (en) * | 2021-11-19 | 2023-05-25 | 国云科技股份有限公司 | Cloud platform permission setting method and apparatus, terminal device, and storage medium |
CN113900841A (en) * | 2021-12-09 | 2022-01-07 | 杭州安恒信息技术股份有限公司 | API interface authority management and API interface calling method and related device |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN112417503A (en) | Method and device for authorizing post authority, electronic equipment and storage medium | |
CN111651453A (en) | User historical behavior query method and device, electronic equipment and storage medium | |
CN112580079A (en) | Authority configuration method and device, electronic equipment and readable storage medium | |
CN112115145A (en) | Data acquisition method and device, electronic equipment and storage medium | |
CN114881616A (en) | Business process execution method and device, electronic equipment and storage medium | |
CN112446022A (en) | Data authority control method and device, electronic equipment and storage medium | |
CN112464619B (en) | Big data processing method, device and equipment and computer readable storage medium | |
CN114185895A (en) | Data import and export method and device, electronic equipment and storage medium | |
CN112579098A (en) | Software release method and device, electronic equipment and readable storage medium | |
CN112328656A (en) | Service query method, device, equipment and storage medium based on middle platform architecture | |
CN114547696A (en) | File desensitization method and device, electronic equipment and storage medium | |
CN112217639B (en) | Data encryption sharing method and device, electronic equipment and computer storage medium | |
CN113468175A (en) | Data compression method and device, electronic equipment and storage medium | |
CN113434542A (en) | Data relation identification method and device, electronic equipment and storage medium | |
CN112948380A (en) | Data storage method and device based on big data, electronic equipment and storage medium | |
CN112104662A (en) | Far-end data read-write method, device, equipment and computer readable storage medium | |
CN112085611A (en) | Asynchronous data verification method and device, electronic equipment and storage medium | |
CN112257078B (en) | Block chain encryption and decryption service security trusted system based on TEE technology | |
CN114897624A (en) | Policy data merging method, device, equipment and storage medium | |
CN115102770A (en) | Resource access method, device and equipment based on user permission and storage medium | |
CN114547011A (en) | Data extraction method and device, electronic equipment and storage medium | |
CN114626103A (en) | Data consistency comparison method, device, equipment and medium | |
CN114491196A (en) | Information granularity-based information export method, device, equipment and medium | |
CN112686759A (en) | Account checking monitoring method, device, equipment and medium | |
CN112667570A (en) | File access method, device, equipment and readable storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |