CN112600744A - Authority control method and device, storage medium and electronic device - Google Patents
Authority control method and device, storage medium and electronic device Download PDFInfo
- Publication number
- CN112600744A CN112600744A CN202011568878.7A CN202011568878A CN112600744A CN 112600744 A CN112600744 A CN 112600744A CN 202011568878 A CN202011568878 A CN 202011568878A CN 112600744 A CN112600744 A CN 112600744A
- Authority
- CN
- China
- Prior art keywords
- group
- user
- authority
- role
- equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 60
- 238000004590 computer program Methods 0.000 claims description 11
- 230000004044 response Effects 0.000 claims description 11
- 238000013475 authorization Methods 0.000 claims description 5
- 238000012545 processing Methods 0.000 claims description 3
- 238000005516 engineering process Methods 0.000 abstract description 4
- 238000010586 diagram Methods 0.000 description 11
- 230000008569 process Effects 0.000 description 7
- 230000005540 biological transmission Effects 0.000 description 5
- 238000012795 verification Methods 0.000 description 5
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000007717 exclusion Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/2803—Home automation networks
- H04L12/2807—Exchanging configuration information on appliance services in a home automation network
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/2803—Home automation networks
- H04L12/2816—Controlling appliance services of a home automation network by calling their functionalities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/104—Grouping of entities
Abstract
The invention provides a permission control method and device, a storage medium and an electronic device, wherein the method comprises the following steps: responding to an instruction received from a terminal, and determining a group to which a user corresponding to the terminal belongs in a home management system and a role of the user in the group, wherein the instruction is used for indicating an operation executed on equipment; and executing the operation under the condition that the user is determined to have the authority to execute the operation according to the group to which the user belongs and the role of the user in the group. The invention solves the technical problem of lower safety in the authority control in the related technology, improves the safety of the authority control and avoids the error control and the error operation of equipment.
Description
Technical Field
The invention relates to the technical field of smart home, in particular to a permission control method and device, a storage medium and an electronic device.
Background
At present, in a home scene, a user can control various devices in a home system and perform corresponding operations on the devices. However, in the related art, because fine-grained right division for different family members is lacked, when the family members control the devices in the home system, misoperation of the devices is often caused, so that a safety risk is brought to the devices, and the safety of operating the devices is reduced.
Aiming at the technical problem of low safety in equipment control in the related art, an effective technical scheme is not provided yet.
Disclosure of Invention
The embodiment of the invention provides an authority control method and device, a storage medium and an electronic device, which are used for at least solving the technical problem of low safety in equipment control in the related art.
According to an embodiment of the present invention, there is provided an authority control method including: responding to an instruction received from a terminal, and determining a group to which a user corresponding to the terminal belongs in a home management system and a role of the user in the group, wherein the instruction is used for indicating an operation executed on equipment; and executing the operation under the condition that the user is determined to have the authority to execute the operation according to the group to which the user belongs and the role of the user in the group.
Optionally, after the determining, in response to the instruction received from the terminal, a group to which the user corresponding to the terminal belongs in the home management system and a role of the user in the group, the method further includes: determining whether the user has the authority to execute the operation according to the group to which the user belongs and the role of the user under the condition that the device set corresponding to the group comprises the device; and determining that the user does not have the authority to execute the operation under the condition that the device set corresponding to the group does not comprise the device.
Optionally, the determining whether the user has the right to execute the operation according to the group to which the user belongs and the role of the user in the group includes: determining that the user has the authority to execute the operation when the role of the user in the group is an owner role; under the condition that the role of the user in the group is not the owner role, obtaining the total authority of the user according to the group authority corresponding to the group and the role authority corresponding to the role of the user in the group; determining that the user has the authority to perform the operation if the overall authority includes the authority to perform the operation.
Optionally, before the determining, in response to the instruction received from the terminal, a group to which the user corresponding to the terminal belongs in the home system and a role of the user in the group, the method further includes: dividing family members corresponding to the home management system into at least one group, wherein each group in the at least one group has a corresponding group authority; and configuring the roles in the group for each member in each group, wherein all the roles in the same group have the same group authority, and the roles of different roles in the same group have different role authorities in the group.
Optionally, before performing the operation, the method further comprises: locking the device, wherein the device in the locked state is operable only by the user; releasing the lock on the device after the operation execution is completed.
Optionally, the performing the operation includes at least one of: under the condition that the instruction indicates that the checking operation is performed on the equipment, sending the state parameters of the equipment to the terminal; under the condition that the instruction indicates that the configuration operation is performed on the equipment, configuring equipment parameters of the equipment according to the instruction; and under the condition that the instruction indicates that the control operation is executed on the equipment, controlling the equipment according to the instruction.
According to another embodiment of the present invention, there is provided an authority control device including: the system comprises a determining module, a judging module and a processing module, wherein the determining module is used for responding to an instruction received from a terminal, determining a group to which a user corresponding to the terminal belongs in a home management system and a role of the user in the group, and the instruction is used for indicating an operation executed on equipment; and the execution module is used for executing the operation under the condition that the user is determined to have the authority of executing the operation according to the group to which the user belongs and the role of the user in the group.
Optionally, the determining module is further configured to: determining whether the user has the authority to execute the operation according to the group to which the user belongs and the role of the user under the condition that the device set corresponding to the group comprises the device; and determining that the user does not have the authority to execute the operation under the condition that the device set corresponding to the group does not comprise the device.
Optionally, the determining module is further configured to: determining that the user has the authority to execute the operation when the role of the user in the group is an owner role; under the condition that the role of the user in the group is not the owner role, obtaining the total authority of the user according to the group authority corresponding to the group and the role authority corresponding to the role of the user in the group; determining that the user has the authority to perform the operation if the overall authority includes the authority to perform the operation.
Optionally, the apparatus further includes a configuration module, configured to, before the instruction received from the terminal is used to determine a group to which a user corresponding to the terminal belongs in the home system and a role of the user in the group, divide family members corresponding to the home management system into at least one group, where each group in the at least one group has a corresponding group right; and configuring the roles in the group for each member in each group, wherein all the roles in the same group have the same group authority, and the roles of different roles in the same group have different role authorities in the group.
Optionally, the apparatus further comprises a locking module, wherein the locking module is configured to lock the device before the executing module performs the operation, and the device in the locked state can only be operated by the user; and the unlocking module is used for unlocking the equipment after the operation execution is finished.
Optionally, the execution module is further configured to at least one of: under the condition that the instruction indicates that the checking operation is performed on the equipment, sending the state parameters of the equipment to the terminal; under the condition that the instruction indicates that the configuration operation is performed on the equipment, configuring equipment parameters of the equipment according to the instruction; and under the condition that the instruction indicates that the control operation is executed on the equipment, controlling the equipment according to the instruction.
Alternatively, according to another embodiment of the present invention, a storage medium is provided, in which a computer program is stored, wherein the computer program is arranged to perform the above-mentioned method when executed.
Alternatively, according to another embodiment of the present invention, there is provided an electronic apparatus, including a memory in which a computer program is stored and a processor configured to execute the computer program to perform the above method.
According to the invention, a group to which a user corresponding to a terminal belongs in a home management system and a role of the user in the group are determined in response to an instruction received from the terminal, wherein the instruction is used for indicating an operation executed on equipment; and executing the operation under the condition that the user is determined to have the authority to execute the operation according to the group to which the user belongs and the role of the user in the group. Because the user has the corresponding group and the role in the group, the user authority can be divided in a fine granularity manner, and the control of the equipment is kept on the basis of the division of the authority in the fine granularity, so that the technical problem of lower safety in the control of the equipment in the related technology is solved, the safety in the control of the equipment is improved, and the error control and the error operation of the equipment are avoided.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the invention without limiting the invention. In the drawings:
FIG. 1 is a flow chart of a method of entitlement control in accordance with an embodiment of the present invention;
fig. 2 is a schematic view of an application scenario of the authority control method according to the embodiment of the present invention;
FIG. 3 is a group diagram illustrating a method for controlling permissions according to an embodiment of the present invention;
fig. 4 is a schematic role diagram in a method for controlling authority according to an embodiment of the present invention;
FIG. 5 is a flowchart of a method for controlling permissions according to another embodiment of the present invention;
FIG. 6 is a diagram illustrating a privilege in a privilege control method according to an embodiment of the present invention;
FIG. 7 is a flowchart of an authorization process in a method for controlling authority according to an embodiment of the present invention;
FIG. 8 is a flowchart of a verification process in the method for controlling authority according to an embodiment of the present invention;
fig. 9 is a block diagram of a configuration of a rights control apparatus according to an embodiment of the present invention;
fig. 10 is a schematic structural diagram of an alternative electronic device according to an embodiment of the invention.
Detailed Description
The invention will be described in detail hereinafter with reference to the accompanying drawings in conjunction with embodiments. It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict.
It should be noted that the terms "first," "second," and the like in the description and claims of the present invention and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order.
An embodiment of the present invention provides an authority control method, and fig. 1 is a flowchart of an authority control method according to an embodiment of the present invention, as shown in fig. 1, including:
step S102, responding to an instruction received from a terminal, and determining a group to which a user corresponding to the terminal belongs in a home management system and a role of the user in the group, wherein the instruction is used for indicating an operation executed on equipment;
and step S104, executing the operation under the condition that the user is determined to have the authority to execute the operation according to the group to which the user belongs and the role of the user in the group.
According to the invention, a group to which a user corresponding to a terminal belongs in a home management system and a role of the user in the group are determined in response to an instruction received from the terminal, wherein the instruction is used for indicating an operation executed on equipment; and executing the operation under the condition that the user is determined to have the authority to execute the operation according to the group to which the user belongs and the role of the user in the group. Because the user has the corresponding group and the role in the group, the user authority can be divided in a fine granularity manner, and the control of the equipment is kept on the basis of the division of the authority in the fine granularity, so that the technical problem of lower safety in the control of the equipment in the related technology is solved, the safety in the control of the equipment is improved, and the error control and the error operation of the equipment are avoided.
It should be noted that, in the above embodiment, the user corresponding to the terminal may be a user registered in an application of the terminal, or a user bound to the terminal.
Fig. 2 is a schematic view of an application scenario of the permission control method according to the embodiment of the present invention. As shown in fig. 2, the terminal may initiate access control to various devices located in the home system by connecting to the cloud.
After the group to which the user corresponding to the terminal belongs in the home management system and the role of the user in the group are determined in response to the instruction received from the terminal, the embodiment is further configured to execute the following technical solutions: determining whether the user has the authority to execute the operation according to the group to which the user belongs and the role of the user under the condition that the device set corresponding to the group comprises the device; and determining that the user does not have the authority to execute the operation under the condition that the device set corresponding to the group does not comprise the device.
In the above embodiment, the group corresponds to a device set, which includes, but is not limited to, a set formed by all devices that the group can operate. And determining that the user does not have the authority to operate the device and the authority to execute the operation when the device set does not comprise the device.
Fig. 3 is a group diagram of an authority control method according to an embodiment of the present invention. As shown in fig. 3, a plurality of devices are included in a home system (as an example, settings 1 to 4 are shown in fig. 3), an administrator in the home system may establish a corresponding home management system for the home system, each group in the home system has a corresponding device set, for example, the device set corresponding to the group 1 includes a device 1 and a device 2, and since the device 3 is not included in the device set corresponding to the group 1, a member in the group 1 does not have a right to operate the device 3.
Based on the above embodiment, the determining whether the user has the right to perform the operation according to the group to which the user belongs and the role of the user in the group includes: determining that the user has the authority to execute the operation when the role of the user in the group is an owner role; under the condition that the role of the user in the group is not the owner role, obtaining the total authority of the user according to the group authority corresponding to the group and the role authority corresponding to the role of the user in the group; determining that the user has the authority to perform the operation if the overall authority includes the authority to perform the operation.
The user with the owner role has the authority to execute all operations on the equipment, and when the role of the user in the group is determined to be the owner role, the user can be directly determined to have the authority to execute the operations on the equipment. When the role of the user in the group is not the owner role, that is, the role of the user in the group is a normal role, it needs to further determine whether the user has the authority to execute the above operations according to the group in which the user is located and the role of the user in the group.
In the above embodiment, before the determining, in response to the instruction received from the terminal, the group to which the user corresponding to the terminal belongs in the home system and the role of the user in the group, the following technical solutions may be further performed: dividing family members corresponding to the home management system into at least one group, wherein each group in the at least one group has a corresponding group authority; and configuring the roles in the group for each member in each group, wherein all the roles in the same group have the same group authority, and the roles of different roles in the same group have different role authorities in the group.
Fig. 4 is a schematic role diagram in the method for controlling authority according to the embodiment of the present invention. As shown in fig. 4, all members in the group correspond to a plurality of roles, including an owner role and at least one normal role (all roles other than the owner role are normal roles). In a group, the user with the owner role has the optimal highest authority, and can perform operation on all devices in the device set corresponding to the group; a user with a common role can perform an operation on a device only if the user has the ability to perform the operation on the device.
It should be noted that, before performing the operation, the method further includes: locking the device, wherein the device in the locked state is operable only by the user; releasing the lock on the device after the operation execution is completed.
Based on the embodiment, the equipment is locked under the condition that the user is determined to have the operation on the equipment, so that other users are rejected to execute the operation on the equipment in the process that the user operates the equipment, the control conflict of the equipment is avoided, and the safety of equipment control is further improved.
Wherein the performing the operation comprises at least one of: under the condition that the instruction indicates that the checking operation is performed on the equipment, sending the state parameters of the equipment to the terminal; under the condition that the instruction indicates that the configuration operation is performed on the equipment, configuring equipment parameters of the equipment according to the instruction; and under the condition that the instruction indicates that the control operation is executed on the equipment, controlling the equipment according to the instruction.
In the above embodiments, the status parameters of the device include, but are not limited to, the operating status of the device; device parameters include, but are not limited to, nickname, location of the device.
The following explains the authority control method in the above embodiment with reference to an example, but is not intended to limit the technical solution of the embodiment of the present invention.
In an optional embodiment, an authority control method applied in the internet of things is provided, and the method can provide secure access control for internet of things equipment in a home environment of the internet of things. Fig. 5 is a flowchart of a method for controlling authority according to another embodiment of the present invention, as shown in fig. 5, the method includes the following steps:
step S502, group management;
the family members are divided according to groups, and new members in the home management system are added to the existing groups or a group is newly established for the new members; and maintains the group.
Step S504, managing group roles;
the method comprises the steps of configuring roles for each member in each group, maintaining the roles of all family members, and enabling different roles in the same group to have different role authorities.
Step S506, configuring and managing the authority of the household appliances of the Internet of things;
and configuring each device in the home system to a corresponding group, and maintaining the household appliances in the group.
And step S508, the Internet of things household appliance authority control safety verification management.
When a user requests to access a device (including but not limited to controlling, viewing, configuring and the like of the household appliance device), the authority of the user is checked, and when the user has the authority to access the device, corresponding operation is executed.
As an alternative embodiment, the device is uniquely identified by a device Identifier (ID), for example using the MAC address of the device.
Fig. 6 is a schematic diagram of a right in the right control method according to the embodiment of the present invention. Alternatively, as shown in FIG. 6, the permissions a user has for a device may be represented using a 16-bit integer data structure, where different permission definitions are identified by different bits, starting with the lowest bit. The group permission is shared permission of all roles belonging to the group; the owner authority is the authority that the actual owner of the household electrical appliance has, and the actual owner can be an equipment administrator in the group; the common authority is the device authority configured by other roles except the owner role in the group.
When a user has the corresponding authority of a certain bit, the bit uses the mark of '1', otherwise, the mark of '0' is used.
For example: for user A, who owns one device D, even though user A does not group with other users, since user A is the owner of device D, the user has owner rights to device D, such as rights to control, configure, and view device D, and thus the rights of user A to device D are represented in 16 notation as 00000000000111000 (i.e., 0X 38).
For user B, belonging to group 1, group 1 has group rights including viewing rights for device D, and user B's role rights in group 1 are control rights, then user B's overall rights for device D are 0000000001000100 (i.e., 0x 44). It should be noted that the lowest three bits in the 16-bit system data structure correspond to the common permissions, that is, the role permissions corresponding to the user when the role in the group is the common role.
When a user operates the device, no matter the source of the user right is the group right, the owner right or the common right, as long as the user has the right of executing control/configuration/viewing for the device, the user can execute control/configuration/viewing operation for the device.
Fig. 7 is a flowchart of an authorization process in the method for controlling authority according to the embodiment of the present invention. As shown in fig. 7, the authorization process includes the following steps:
step S702, adding the user into the group, wherein the user becomes a group member;
step S704, configuring roles for the group members;
step S706, configuring corresponding device permissions for different roles in the group;
after configuration is completed, the user acquires the access device authority.
Fig. 8 is a flowchart of a verification process in the authority control method according to the embodiment of the present invention. As shown in fig. 8, the verification process includes the following steps:
step S801, a user requests for controlling Internet of things equipment from an Internet of things household appliance control service through a terminal;
step S802, the Internet of things household appliance control service determines the equipment which is requested to be controlled by the user, and sends the user and the equipment identification of the equipment to the Internet of things household appliance access security check management service;
optionally, the internet of things home appliance control service and the internet of things home appliance access security check management service are deployed at the cloud, and the internet of things home appliance control service and the internet of things home appliance access security check management service may be located in the same server or different servers.
Step S803, the Internet of things household appliance accesses the security check management service to determine the authority of the user, and checks whether the user has the authority to execute control operation on the Internet of things household appliance;
optionally, the access control security verification service of the internet of things household appliance obtains a group where the user is located and the role of the user in the group from the local, and if the user is the owner of the internet of things household appliance, it is directly determined that the user can control the internet of things household appliance; otherwise, whether the user has the authority to control the internet of things household appliance needs to be judged according to the group authority of the group where the user is located to the internet of things household appliance and the role authority of the role of the user to the internet of things household appliance.
Step S804, under the condition that the user is determined to have the right to execute the control operation on the household appliance of the Internet of things, the household appliance of the Internet of things is locked;
step S805, the Internet of things household appliance access security check management service returns a check result to the Internet of things household appliance control service;
step S806, the Internet of things household appliance control service executes control operation on the equipment requested to be controlled by the user;
step S807, the Internet of things household appliance control service returns an execution result to the user and unlocks the Internet of things household appliance.
In the embodiment, by creating the user group of the home appliance equipment in the internet of things, adding the user to the group, configuring the role, adding the home appliance equipment to the group and performing access control on the equipment according to the authority possessed by the user, the safety, controllability and operation exclusivity of the home appliance equipment in the internet of things are guaranteed, and the convenience of operating a plurality of pieces of equipment in a family is improved; authorization and authentication are put into cloud control, and an authority model based on roles, authorities, users, groups and equipment is created; the authorities of the devices owned by different roles are different, so that the safety risk caused by misoperation is avoided; an operation mutual exclusion mechanism is introduced, so that the safety risk of equipment caused by overlapping operation of different users is avoided; the cloud stores/verifies the authority of the user to ensure the intrusion risk; the method can be applied to the scene of the intelligent household appliances of the Internet of things, and meets the requirement of fine-grained safety protection on the premise of convenient implementation; the embodiment can avoid external intrusion and the safety problem caused by the fact that different operation devices are recognized for the device safety at different ages in a family.
As described above, the present invention is only a specific embodiment of the present invention, but the scope of the present invention is not limited thereto, and when the drag editing operation is performed, the selection and drag of the content in the circle are not limited to operations such as right double click, etc., because the corresponding editing tool is opened and recognized for various contents in various content formats when editing the content, among circles of various content formats. The protection scope of the present invention shall be subject to the protection scope of the claims.
Through the above description of the embodiments, those skilled in the art can clearly understand that the method according to the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but the former is a better implementation mode in many cases. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which is stored in a storage medium (e.g., ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal device (e.g., a mobile phone, a computer, a server, or a network device) to execute the method according to the embodiments of the present invention.
According to another embodiment of the present invention, there is provided an authority control device, which is used for implementing the above embodiments and preferred embodiments, and the description of the authority control device is omitted. As used below, the term "module" may be a combination of software and/or hardware that implements a predetermined function. Although the means described in the embodiments below are preferably implemented in software, an implementation in hardware, or a combination of software and hardware is also possible and contemplated.
Fig. 9 is a block diagram of a structure of a rights control apparatus according to an embodiment of the present invention, the apparatus including:
a determining module 92, configured to determine, in response to an instruction received from a terminal, a group to which a user corresponding to the terminal belongs in a home management system and a role of the user in the group, where the instruction is used to instruct an operation performed on a device;
an executing module 94, configured to execute the operation when it is determined that the user has the authority to execute the operation according to the group to which the user belongs and the role of the user in the group.
According to the invention, a group to which a user corresponding to a terminal belongs in a home management system and a role of the user in the group are determined in response to an instruction received from the terminal, wherein the instruction is used for indicating an operation executed on equipment; and executing the operation under the condition that the user is determined to have the authority to execute the operation according to the group to which the user belongs and the role of the user in the group. Because the user has the corresponding group and the role in the group, the user authority can be divided in a fine granularity manner, and the control of the equipment is kept on the basis of the division of the authority in the fine granularity, so that the technical problem of lower safety in the control of the equipment in the related technology is solved, the safety in the control of the equipment is improved, and the error control and the error operation of the equipment are avoided.
Wherein the determining module is further configured to: determining whether the user has the authority to execute the operation according to the group to which the user belongs and the role of the user under the condition that the device set corresponding to the group comprises the device; and determining that the user does not have the authority to execute the operation under the condition that the device set corresponding to the group does not comprise the device.
In the above embodiment, the determining module is further configured to: determining that the user has the authority to execute the operation when the role of the user in the group is an owner role; under the condition that the role of the user in the group is not the owner role, obtaining the total authority of the user according to the group authority corresponding to the group and the role authority corresponding to the role of the user in the group; determining that the user has the authority to perform the operation if the overall authority includes the authority to perform the operation.
As an optional implementation manner, the apparatus further includes a configuration module, configured to, before the determining, in response to the instruction received from the terminal, a group to which a user corresponding to the terminal belongs in the home system and a role of the user in the group, divide family members corresponding to the home management system into at least one group, where each group in the at least one group has a corresponding group permission; and configuring the roles in the group for each member in each group, wherein all the roles in the same group have the same group authority, and the roles of different roles in the same group have different role authorities in the group.
The device further comprises a locking module, wherein the locking module is used for locking the equipment before the execution module executes the operation, and the equipment in a locked state can only be operated by the user; and the unlocking module is used for unlocking the equipment after the operation execution is finished.
It should be noted that the execution module is further configured to at least one of: under the condition that the instruction indicates that the checking operation is performed on the equipment, sending the state parameters of the equipment to the terminal; under the condition that the instruction indicates that the configuration operation is performed on the equipment, configuring equipment parameters of the equipment according to the instruction; and under the condition that the instruction indicates that the control operation is executed on the equipment, controlling the equipment according to the instruction.
An embodiment of the present invention further provides a storage medium including a stored program, wherein the program executes any one of the methods described above.
Alternatively, in the present embodiment, the storage medium may be configured to store program codes for performing the following steps:
s1, responding to an instruction received from a terminal, and determining a group to which a user corresponding to the terminal belongs in a home management system and a role of the user in the group, wherein the instruction is used for indicating an operation executed on equipment;
s2, executing the operation under the condition that the user is determined to have the authority to execute the operation according to the group to which the user belongs and the role of the user in the group.
Optionally, in this embodiment, the storage medium may include, but is not limited to: various media capable of storing program codes, such as a usb disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic disk, or an optical disk.
Optionally, the specific examples in this embodiment may refer to the examples described in the above embodiments and optional implementation manners, and this embodiment is not described herein again.
Embodiments of the present invention also provide an electronic device comprising a memory having a computer program stored therein and a processor arranged to run the computer program to perform the steps of any of the above method embodiments.
Optionally, the electronic apparatus may further include a transmission device and an input/output device, wherein the transmission device is connected to the processor, and the input/output device is connected to the processor.
Optionally, in this embodiment, the processor may be configured to execute the following steps by a computer program:
s1, responding to an instruction received from a terminal, and determining a group to which a user corresponding to the terminal belongs in a home management system and a role of the user in the group, wherein the instruction is used for indicating an operation executed on equipment;
s2, executing the operation under the condition that the user is determined to have the authority to execute the operation according to the group to which the user belongs and the role of the user in the group.
Fig. 10 is a schematic structural diagram of an alternative electronic device according to an embodiment of the invention. Alternatively, it can be understood by those skilled in the art that the structure shown in fig. 10 is only an illustration, and the electronic device may also be a terminal device such as a smart phone (e.g., an Android phone, an iOS phone, etc.), a tablet computer, a palm computer, a Mobile Internet Device (MID), a PAD, and the like. Fig. 10 is a diagram illustrating a structure of the electronic device. For example, the electronic device may also include more or fewer components (e.g., network interfaces, etc.) than shown in FIG. 10, or have a different configuration than shown in FIG. 10.
The memory 1002 may be used to store software programs and modules, such as program instructions/modules corresponding to the authority control method and the authority control device in the embodiment of the present invention, and the processor 1004 executes various functional applications and data processing by running the software programs and modules stored in the memory 1002, that is, implementing the data synchronization method. The memory 1002 may include high-speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some examples, the memory 1002 may further include memory located remotely from the processor 1004, which may be connected to the terminal over a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof. As an example, the memory 1002 may include, but is not limited to, the determination module 92 and the execution module 94 of the right control device. In addition, other module units in the above-mentioned right control device may also be included, but are not limited to this, and are not described in detail in this example.
Optionally, the above-mentioned transmission device 1006 is used for receiving or sending data via a network. Examples of the network may include a wired network and a wireless network. In one example, the transmission device 1006 includes a Network adapter (NIC) that can be connected to a router via a Network cable and other Network devices so as to communicate with the internet or a local area Network. In one example, the transmission device 1006 is a Radio Frequency (RF) module, which is used for communicating with the internet in a wireless manner.
In addition, the electronic device further includes: a display 1008 for displaying a screen; and a connection bus 1010 for connecting the respective module parts in the above-described electronic apparatus.
Optionally, the specific examples in this embodiment may refer to the examples described in the above embodiments and optional implementation manners, and this embodiment is not described herein again.
It will be apparent to those skilled in the art that the modules or steps of the present invention described above may be implemented by a general purpose computing device, they may be centralized on a single computing device or distributed across a network of multiple computing devices, and alternatively, they may be implemented by program code executable by a computing device, such that they may be stored in a storage device and executed by a computing device, and in some cases, the steps shown or described may be performed in an order different than that described herein, or they may be separately fabricated into individual integrated circuit modules, or multiple ones of them may be fabricated into a single integrated circuit module. Thus, the present invention is not limited to any specific combination of hardware and software.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the principle of the present invention should be included in the protection scope of the present invention.
Claims (10)
1. An authority control method, comprising:
responding to an instruction received from a terminal, and determining a group to which a user corresponding to the terminal belongs in a home management system and a role of the user in the group, wherein the instruction is used for indicating an operation executed on equipment;
and executing the operation under the condition that the user is determined to have the authority to execute the operation according to the group to which the user belongs and the role of the user in the group.
2. The method according to claim 1, wherein after the determining, in response to the instruction received from the terminal, a group to which a user corresponding to the terminal belongs in the home management system and a role of the user in the group, the method further comprises:
determining whether the user has the authority to execute the operation according to the group to which the user belongs and the role of the user under the condition that the device set corresponding to the group comprises the device;
and determining that the user does not have the authority to execute the operation under the condition that the device set corresponding to the group does not comprise the device.
3. The method of claim 2, wherein the determining whether the user has the right to perform the operation according to the group to which the user belongs and the role of the user in the group comprises:
determining that the user has the authority to execute the operation when the role of the user in the group is an owner role;
under the condition that the role of the user in the group is not the owner role, obtaining the total authority of the user according to the group authority corresponding to the group and the role authority corresponding to the role of the user in the group;
determining that the user has the authority to perform the operation if the overall authority includes the authority to perform the operation.
4. The method according to claim 1, wherein before the determining, in response to the instruction received from the terminal, a group to which a user corresponding to the terminal belongs in the home system and a role of the user in the group, the method further comprises:
dividing family members corresponding to the home management system into at least one group, wherein each group in the at least one group has a corresponding group authority;
and configuring the roles in the group for each member in each group, wherein all the roles in the same group have the same group authority, and the roles of different roles in the same group have different role authorities in the group.
5. The method of claim 1, wherein prior to performing the operation, the method further comprises:
locking the device, wherein the device in the locked state is operable only by the user;
releasing the lock on the device after the operation execution is completed.
6. The method of claim 1, wherein the performing the operation comprises at least one of:
under the condition that the instruction indicates that the checking operation is performed on the equipment, sending the state parameters of the equipment to the terminal;
under the condition that the instruction indicates that the configuration operation is performed on the equipment, configuring equipment parameters of the equipment according to the instruction;
and under the condition that the instruction indicates that the control operation is executed on the equipment, controlling the equipment according to the instruction.
7. An authorization control device, comprising:
the system comprises a determining module, a judging module and a processing module, wherein the determining module is used for responding to an instruction received from a terminal, determining a group to which a user corresponding to the terminal belongs in a home management system and a role of the user in the group, and the instruction is used for indicating an operation executed on equipment;
and the execution module is used for executing the operation under the condition that the user is determined to have the authority of executing the operation according to the group to which the user belongs and the role of the user in the group.
8. The apparatus of claim 7, wherein the determining module is further configured to:
determining whether the user has the authority to execute the operation according to the group to which the user belongs and the role of the user under the condition that the device set corresponding to the group comprises the device;
and determining that the user does not have the authority to execute the operation under the condition that the device set corresponding to the group does not comprise the device.
9. A storage medium, in which a computer program is stored, wherein the computer program is arranged to perform the method of any of claims 1 to 6 when executed.
10. An electronic device comprising a memory and a processor, characterized in that the memory has stored therein a computer program, the processor being arranged to execute the method of any of claims 1 to 6 by means of the computer program.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011568878.7A CN112600744A (en) | 2020-12-25 | 2020-12-25 | Authority control method and device, storage medium and electronic device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011568878.7A CN112600744A (en) | 2020-12-25 | 2020-12-25 | Authority control method and device, storage medium and electronic device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112600744A true CN112600744A (en) | 2021-04-02 |
Family
ID=75202568
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011568878.7A Pending CN112600744A (en) | 2020-12-25 | 2020-12-25 | Authority control method and device, storage medium and electronic device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112600744A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113779523A (en) * | 2021-09-13 | 2021-12-10 | 福州汇思博信息技术有限公司 | Authority management and control method, device, equipment and medium for terminal equipment |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101034990A (en) * | 2007-02-14 | 2007-09-12 | 华为技术有限公司 | Right management method and device |
| CN101102483A (en) * | 2007-08-24 | 2008-01-09 | 北京市朝阳区信息网络中心 | User classification management system of image information management system |
| CN104615004A (en) * | 2014-12-31 | 2015-05-13 | 北京海尔广科数字技术有限公司 | Intelligent household electrical appliance operating authorization control method and device |
| CN107087009A (en) * | 2017-06-15 | 2017-08-22 | 深圳市海曼科技有限公司 | A kind of realization method and system of collaborative share |
| CN108958057A (en) * | 2018-08-01 | 2018-12-07 | 珠海格力电器股份有限公司 | The control method and device of household appliance, storage medium, electronic device |
| CN109283893A (en) * | 2017-07-21 | 2019-01-29 | 阿里巴巴集团控股有限公司 | Authority control method, device, system and the electronic equipment of smart home device |
| CN109361638A (en) * | 2017-12-27 | 2019-02-19 | 广州Tcl智能家居科技有限公司 | Smart machine control authority shared method, system and storage medium |
| CN109445300A (en) * | 2018-12-28 | 2019-03-08 | 江苏惠通集团有限责任公司 | The control method and smart home system of smart home |
| CN110703621A (en) * | 2019-10-31 | 2020-01-17 | 宁波奥克斯电气股份有限公司 | Household appliance control method, household appliance control device, server and computer readable storage medium |
| CN111158252A (en) * | 2019-12-26 | 2020-05-15 | 宁波奥克斯电气股份有限公司 | Control method and system for household equipment and air conditioning equipment |
-
2020
- 2020-12-25 CN CN202011568878.7A patent/CN112600744A/en active Pending
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101034990A (en) * | 2007-02-14 | 2007-09-12 | 华为技术有限公司 | Right management method and device |
| CN101102483A (en) * | 2007-08-24 | 2008-01-09 | 北京市朝阳区信息网络中心 | User classification management system of image information management system |
| CN104615004A (en) * | 2014-12-31 | 2015-05-13 | 北京海尔广科数字技术有限公司 | Intelligent household electrical appliance operating authorization control method and device |
| CN107087009A (en) * | 2017-06-15 | 2017-08-22 | 深圳市海曼科技有限公司 | A kind of realization method and system of collaborative share |
| CN109283893A (en) * | 2017-07-21 | 2019-01-29 | 阿里巴巴集团控股有限公司 | Authority control method, device, system and the electronic equipment of smart home device |
| CN109361638A (en) * | 2017-12-27 | 2019-02-19 | 广州Tcl智能家居科技有限公司 | Smart machine control authority shared method, system and storage medium |
| CN108958057A (en) * | 2018-08-01 | 2018-12-07 | 珠海格力电器股份有限公司 | The control method and device of household appliance, storage medium, electronic device |
| CN109445300A (en) * | 2018-12-28 | 2019-03-08 | 江苏惠通集团有限责任公司 | The control method and smart home system of smart home |
| CN110703621A (en) * | 2019-10-31 | 2020-01-17 | 宁波奥克斯电气股份有限公司 | Household appliance control method, household appliance control device, server and computer readable storage medium |
| CN111158252A (en) * | 2019-12-26 | 2020-05-15 | 宁波奥克斯电气股份有限公司 | Control method and system for household equipment and air conditioning equipment |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113779523A (en) * | 2021-09-13 | 2021-12-10 | 福州汇思博信息技术有限公司 | Authority management and control method, device, equipment and medium for terminal equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107995215B (en) | Control method and device of intelligent household equipment and cloud platform server | |
| CN110730153B (en) | Account configuration method, device and system of cloud equipment and data processing method | |
| US9906956B1 (en) | Using power-line networks to facilitate network access | |
| CN108881228B (en) | Cloud registration activation method, device, equipment and storage medium | |
| CN108540433B (en) | User identity verification method and device | |
| CN103152402A (en) | Method and system for logging in through mobile terminal and cloud server | |
| WO2014088340A1 (en) | Method and apparatus for authenticating access authorization in wireless communication system | |
| CN112202747A (en) | Target device binding method and device, storage medium and electronic device | |
| CN110602216A (en) | Method and device for using single account by multiple terminals, cloud server and storage medium | |
| CN111885594A (en) | Equipment binding method and device | |
| CN111654399B (en) | Networking method, device, equipment and storage medium based on SD-WAN | |
| CN107306247B (en) | Resource access control method and device | |
| US8989380B1 (en) | Controlling communication of a wireless communication device | |
| US11005709B2 (en) | Method and a system for the deterministic autoconfiguration of a device | |
| CN114374524A (en) | Access control method and device for object storage, storage medium and electronic device | |
| CN112035807A (en) | Object authentication method and apparatus, storage medium, and electronic apparatus | |
| CN102685115B (en) | Resource access method, resource management device and system | |
| CN112600744A (en) | Authority control method and device, storage medium and electronic device | |
| CN111935195B (en) | Distributed system management method, device, storage medium and distributed management system | |
| CN112817248B (en) | Shared equipment management method and device, storage medium and electronic device | |
| CN112689006A (en) | Internet of things equipment control method and device, storage medium and electronic device | |
| KR20140121571A (en) | System for intergrated authentication, method and apparatus for intergraged authentication thereof | |
| CN105763532A (en) | Method and device for logging in to virtual desktop | |
| CN112000968A (en) | Access control method and device, storage medium and electronic device | |
| CN114546927B (en) | Data transmission method, core, computer readable medium, and electronic device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210402 |