CN112835599A - Permission updating method and device, computer equipment and storage medium - Google Patents
Permission updating method and device, computer equipment and storage medium Download PDFInfo
- Publication number
- CN112835599A CN112835599A CN201911164697.5A CN201911164697A CN112835599A CN 112835599 A CN112835599 A CN 112835599A CN 201911164697 A CN201911164697 A CN 201911164697A CN 112835599 A CN112835599 A CN 112835599A
- Authority
- CN
- China
- Prior art keywords
- authority
- interface
- target
- updating
- target interface
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 131
- 238000012216 screening Methods 0.000 claims abstract description 12
- 238000012163 sequencing technique Methods 0.000 claims abstract description 8
- 238000004590 computer program Methods 0.000 claims description 9
- 238000012545 processing Methods 0.000 claims description 4
- 238000004891 communication Methods 0.000 claims description 3
- 238000012423 maintenance Methods 0.000 abstract description 7
- 238000006243 chemical reaction Methods 0.000 abstract description 4
- 230000006870 function Effects 0.000 description 8
- 238000010586 diagram Methods 0.000 description 5
- 238000007726 management method Methods 0.000 description 5
- 238000011161 development Methods 0.000 description 3
- 230000018109 developmental process Effects 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 238000004422 calculation algorithm Methods 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 238000013500 data storage Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 230000033772 system development Effects 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The method comprises the steps of scanning an interface method in a Spring container through an authority register, screening a target interface with an authority descriptor, sequencing authority configuration of the target interface, performing serialized character string conversion and one-way encryption operation on a sequenced ordered set to obtain a ciphertext operation result obtained by encrypting the authority configuration of the target interface, comparing the ciphertext operation result with a ciphertext of historical authority configuration stored in a database, and updating the historical authority configuration according to the operation result when the ciphertext operation result is inconsistent with the ciphertext of the historical authority configuration stored in the database, so that automatic acquisition and updating of the authority configuration are realized, the cost of manual acquisition and authority configuration maintenance is saved, and meanwhile, the error probability in the manual acquisition process is avoided.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a method and an apparatus for updating a right, a computer device, and a storage medium.
Background
With the development of computer technology, various software systems have emerged. Generally, software systems have a function of managing system permissions, and currently, permission management is generally implemented based on roles and function modules, and a specific implementation method defines a plurality of roles in a service system, and assigns a plurality of function modules under each role, so as to define which function modules a user is allowed to use through the roles.
At present, since a business system relates to a target data storage structure, business application characteristics, a system development architecture and other factors, an authority control method generally adopted in the industry is realized in a program in a hard coding mode in a code development process. Therefore, when performing the authority management, the authority configuration in the program code needs to be manually collected, which results in higher management and maintenance cost of the authority and complex operation.
Disclosure of Invention
Based on this, it is necessary to provide an updating method, apparatus, computer device and storage medium capable of automatically acquiring and updating the authority of the authority configuration, in order to solve the problem that the authority configuration in the above manual acquisition program code causes high maintenance cost.
In order to achieve the above object, in one aspect, an embodiment of the present application provides a method for updating a right, where the method includes:
scanning an interface method in a Spring container through an authority register;
screening a target interface according to an interface method, wherein the target interface is provided with a permission descriptor which is used for expressing the role type allowing the target interface to be accessed;
sorting the screened target interfaces according to the attribute information of the target interfaces and the role types allowing the target interfaces to be accessed to obtain a sorted ordered set;
converting the ordered set into a serialized character string, and performing unidirectional encryption operation on the serialized character string to obtain an operation result;
and when the operation result is inconsistent with the stored authority configuration, updating the authority configuration according to the operation result.
In one embodiment, before the method of scanning the interface in the Spring container, the method further includes: when an interface is created, the initial configuration of the rights is performed through the rights descriptor in the corresponding interface method.
In one embodiment, a method for scanning an interface in a Spring container includes: when the Spring container is started, the authority register is started to scan the interface method in the Spring container.
In one embodiment, a method for scanning an interface in a Spring container includes: and configuring an authority register in the starting file of the Spring container so that the authority register automatically scans the interface method in the Spring container when the Spring container is started.
In one embodiment, the attribute information of the target interface comprises a URL path of the target interface and a corresponding method type; sorting the screened target interfaces according to the attribute information of the target interfaces and the role types allowing the target interfaces to be accessed, wherein the sorting comprises the following steps: storing each screened target interface as an element in a set, wherein the URL path and the method type corresponding to the target interface and the role type allowing access to the target interface are fields corresponding to the elements; and sequencing all elements in the set according to the full fields to obtain a sequenced ordered set.
In one embodiment, the serialized string comprises a JSON string; the one-way encryption operation includes an MD5 operation.
On the other hand, an embodiment of the present application further provides an apparatus for updating an authority, including:
the scanning module is used for scanning the interface method in the Spring container;
the target interface screening module is used for screening a target interface according to an interface method, wherein the target interface is provided with an authority descriptor which is used for expressing the role type allowing the target interface to be accessed;
the sorting module is used for sorting the screened target interfaces according to the attribute information of the target interfaces and the role types allowing the target interfaces to be accessed to obtain a sorted ordered set;
the processing module is used for converting the ordered set into a serialized character string and carrying out unidirectional encryption operation on the serialized character string to obtain an operation result;
and the authority configuration updating module is used for updating the authority configuration according to the operation result when the operation result is inconsistent with the stored authority configuration.
In one embodiment, the apparatus further includes a permission configuration module, where the permission configuration module is configured to perform initial configuration of a permission through a permission descriptor in a corresponding interface method when creating an interface.
In yet another aspect, an embodiment of the present application further provides a computer device, where the device includes at least one processor, and at least one memory and a bus connected to the processor; the processor and the memory complete mutual communication through a bus; the processor is used to call program instructions in the memory to implement the steps of the method as described above.
In yet another aspect, the present application further provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the steps of the method described above.
According to the method, the device, the computer equipment and the storage medium for updating the authority, the authority register scans an interface method in the Spring container, so that a target interface with an authority descriptor is screened out, the authority configuration of the target interface is sequenced, the sequenced ordered set is subjected to serialization character string conversion and one-way encryption operation, a ciphertext operation result obtained by encrypting the authority configuration of the target interface is obtained, the ciphertext operation result is compared with a ciphertext of historical authority configuration stored in a database, and if the result is not consistent with the result, the historical authority configuration is updated according to the operation result, so that the automatic acquisition and updating of the authority configuration are realized, the cost of manual acquisition and maintenance of the authority configuration is saved, and meanwhile, the error probability in the manual acquisition process is avoided.
Drawings
FIG. 1 is a flowchart illustrating a method for updating permissions in one embodiment;
FIG. 2 is a flowchart illustrating a method for updating permissions in another embodiment;
FIG. 3 is a flow diagram that illustrates the steps of ordering target interfaces in one embodiment;
FIG. 4 is a flowchart illustrating a method for updating rights in another embodiment;
FIG. 5 is a block diagram showing an embodiment of a device for updating rights;
FIG. 6 is a diagram illustrating an internal structure of a computer device according to an embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
The method for updating the authority, as shown in fig. 1, includes the following steps:
and step 102, scanning an interface method in the Spring container through the authority register.
Among them, the Spring container is a core of the Spring framework, is a container for managing objects, and is created as a solution to the complexity of enterprise application development. In particular, Spring containers will create objects, connect them together, configure them, and manage their entire lifecycle. In terms of code, a Spring container is an instance of a class that implements the ApplicationContext interface. That is, from the code level, the Spring container is actually an ApplicationContext (instantiation object). The interface is a class for completing certain specific functions and is a set of functions; an interface method refers to an operation for implementing a specific function of a class, and is generally represented by a function. In this embodiment, in order to solve the problem of high maintenance cost caused by manually acquiring the authority configuration in the program code at present, the authority configuration in the program code is automatically acquired, specifically, the authority register automatically scans the interface method in the Spring container, so as to find the interface subjected to the authority configuration.
And 104, screening out a target interface according to the interface method.
The target interface is an interface subjected to authority configuration. In this embodiment, the target interface has a permission descriptor, and the permission descriptor refers to related information describing permissions corresponding to the interface in a code by way of annotation, such as annotation of what role type is allowed to access the interface. Specifically, the role type refers to a plurality of defined different permission levels for the interface, such as: a hypervisor, an administrator, a general user, etc. In this embodiment, the target interface with the authority descriptor is screened out by scanning the interface method in the Spring container.
And 106, sorting the screened target interfaces according to the attribute information of the target interfaces and the role types allowing the target interfaces to be accessed to obtain a sorted ordered set.
The attribute information of the target interface may include a URL (uniform resource locator) path of the target interface and a corresponding method type (methodType). In this embodiment, in order to facilitate effective management of the acquired authority configuration of the target interface, the attribute information corresponding to each screened target interface and the role type allowing access to the target interface are sorted according to a certain rule, so as to sort each target interface, and thus obtain a sorted set of the ordered authority configuration. Wherein, a certain rule may refer to the order and the sorting mode of the set sorting keywords.
And 108, converting the ordered set into a serialized character string, and performing unidirectional encryption operation on the serialized character string to obtain an operation result.
Where a serialized string is a data exchange format that stores and represents data in a text format that is independent of the programming language. One-way encryption refers to encrypting a plaintext into a ciphertext without decrypting the ciphertext. Since the authority configuration usually has a certain confidentiality, and it is convenient to maintain the authority configuration of the target interface subsequently, in this embodiment, the ordered set of the ordered authority configuration obtained through the above steps is subjected to format conversion, that is, converted into a serialized character string, and the converted serialized character string is subjected to one-way encryption operation, so that a ciphertext operation result obtained by encrypting the authority configuration of the target interface is obtained.
And step 110, when the operation result is inconsistent with the stored authority configuration, updating the authority configuration according to the operation result.
In this embodiment, the ciphertext operation result of the authority configuration of the target interface obtained in the above step is compared with the ciphertext of the historical authority configuration stored in the database, and if the result is consistent with the ciphertext of the historical authority configuration stored in the database, it indicates that the authority configuration of the target interface has not been updated, and the historical authority configuration stored in the database does not need to be updated. If the two are not consistent, the authority configuration of the target interface is updated, so that the historical authority configuration stored in the database needs to be updated correspondingly, that is, the ciphertext of the historical authority configuration stored in the database is updated to the ciphertext operation result of the currently calculated authority configuration of the target interface.
According to the method for updating the authority, the authority register scans the interface method in the Spring container, so that a target interface with an authority descriptor is screened out, authority configuration of the target interface is sequenced, the sequenced ordered set is subjected to serialized character string conversion and unidirectional encryption operation, a ciphertext operation result obtained by encrypting the authority configuration of the target interface is obtained, the ciphertext operation result is compared with a ciphertext of historical authority configuration stored in a database, and when the authority configuration result is inconsistent with the ciphertext of the historical authority configuration stored in the database, the historical authority configuration is updated according to the operation result, so that automatic acquisition and updating of the authority configuration are achieved, the cost of manual acquisition and maintenance of the authority configuration is saved, and meanwhile, the error probability in the manual acquisition process is avoided.
In one embodiment, as shown in fig. 2, before the method for scanning the interface in the Spring container, the following steps may be further included:
In this embodiment, in order to automatically acquire the authority configuration in the code, when an interface is created, an initial configuration of the authority may be performed in a corresponding interface method through an authority descriptor, that is, the authority descriptor is added in the interface method to describe relevant information of the authority corresponding to the interface, such as what role type is allowed to access the interface. For example, in Java, @ permissioncodescriber may be employed as the rights descriptor. Therefore, when the interface method in the Spring container is scanned, the interface with the @ permission descriptor in the interface method can be screened out, so that the target interface is obtained.
In one embodiment, as shown in fig. 3, the attribute information of the target interface may include a URL path of the target interface and a corresponding method type; sorting the screened target interfaces according to the attribute information of the target interfaces and the role types allowing access to the target interfaces, which specifically includes the following steps:
In this embodiment, in order to facilitate effective management of the acquired authority configuration of the target interface, the screened URL path and method type corresponding to each target interface and the role type allowed to access the target interface are collected into one set. Each target interface is taken as an element in the set, and the URL path, the method type and the role type which allows the target interface to be accessed are fields of the corresponding element in the set.
And 304, sequencing the elements in the set according to the full fields to obtain a sequenced ordered set.
In this embodiment, the elements in the set are sorted in full fields by a certain rule to realize the sorting of the authority configuration of the target interface, so as to obtain a sorted set of the ordered authority configuration. The certain rule refers to the order and the sorting mode of the set sorting keywords, and the full field sorting refers to each field of the elements which need to be considered in the sorting process, not to a part of the fields.
For example, the fields sorted in this embodiment include a URL path corresponding to the target interface, a method type, and a role type allowing access to the target interface, and these 3 fields need to be considered when sorting. The order of the sort keys may refer to the sort order of the corresponding fields, for example, the URL path may be sorted according to priority, and then the URL path may be sorted sequentially by the method type and the role type, thereby completing the whole sorting process; or sorting the priority method types according to the priority method types, and then sorting the priority method types sequentially through the URL paths and the role types, thereby finishing the whole sorting process. The sorting mode may refer to a sorting rule corresponding to a value of a certain keyword, for example, the sorting mode for the URL path may be sorting according to the forward order or the reverse order of letters in the path, and the sorting mode for the character type allowed to be accessed may be sorting according to the forward order or the reverse order of pinyin or strokes. Of course, other sorting manners may be adopted, and this embodiment is not limited to this. It should be noted that, in order to ensure the accuracy of the subsequent calculation of the ciphertext, after the sorting order and the corresponding sorting manner of the fields are determined, each subsequent acquisition should be performed according to the sorting order and the sorting manner, but cannot be changed at will.
In one embodiment, when the ordered set is converted into the serialized character string, the ordered set may be specifically converted into a JSON (JSON Object Notation) character string, so that the JSON character string has a lightweight data exchange format, is easy to read and write, is easy to analyze and generate by a machine, and can effectively improve network transmission efficiency. Of course, other serialization data exchange formats may be converted, for example, the ordered set may be converted into an XML (eXtensible Markup Language) string, so as to obtain a serialized string after the ordered set is converted.
In an embodiment, when performing a unidirectional encryption operation on the serialized character string, specifically, the serialized character string may be subjected to an MD5(Message Digest Algorithm) operation to obtain an operated MD5, so as to ensure that information transmission is complete and consistent. Of course, other one-way encryption operation methods, such as Hash (Hash) algorithm other than MD5, may also be used, which is not limited in this embodiment.
In an embodiment, the scanning of the interface method in the Spring container may specifically be performed by starting the authority register when the Spring container is started, so as to scan the interface method in the Spring container. The permission registry may specifically be a program module integrated with the method corresponding to fig. 1, and the program module may be started and run after receiving an instruction, so as to implement an interface method in an automatic scanning Spring container, so as to collect and maintain the permission configuration described by the permission descriptor in the interface method.
In an embodiment, the authority register may also be configured in a startup file (Spring) of the Spring container, so as to obtain an authenticated startup program (Auth-Starter), so that when the Spring container is started, the startup program may be automatically triggered, thereby implementing an interface method in the automatic scanning Spring container, so as to collect and maintain the authority configuration described by the authority descriptor in the interface method.
In one embodiment, the method of the present application is further described below by a specific embodiment, as shown in fig. 4, comprising the steps of:
In step 402, a program (i.e., the above-mentioned authority register) for automatically collecting authority configuration when the Spring container is started is configured in a starting file (Spring).
In step 403, when the Spring container is started, the program automatically scans the interface methods in the Spring container, so as to screen out the target interface with the authority descriptor.
And 405, sequencing the elements in the set according to the full fields to obtain a sequenced ordered set.
And step 409, ending the process.
And step 410, updating the ciphertext configured by the historical authority stored in the database into the current calculation result. Therefore, automatic acquisition and maintenance of the authority configuration are realized, and the cost for manually acquiring and maintaining the authority configuration is greatly saved.
It should be understood that although the various steps in the flow charts of fig. 1-4 are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least some of the steps in fig. 1-4 may include multiple sub-steps or multiple stages that are not necessarily performed at the same time, but may be performed at different times, and the order of performance of the sub-steps or stages is not necessarily sequential, but may be performed in turn or alternating with other steps or at least some of the sub-steps or stages of other steps.
In one embodiment, as shown in fig. 5, there is provided an apparatus for updating a right, including: a scanning module 501, a target interface screening module 502, a sorting module 503, a processing module 504 and a permission configuration updating module 505, wherein:
a scanning module 501, configured to scan an interface method in a Spring container;
a target interface screening module 502, configured to screen out a target interface according to an interface method, where the target interface has a permission descriptor, and the permission descriptor is used to indicate a role type allowing access to the target interface;
the sorting module 503 is configured to sort the screened target interfaces according to the attribute information of the target interfaces and the role types that allow access to the target interfaces, so as to obtain a sorted ordered set;
the processing module 504 is configured to convert the ordered set into a serialized character string, and perform a one-way encryption operation on the serialized character string to obtain an operation result;
and the authority configuration updating module 505 is configured to update the authority configuration according to the operation result when the operation result is inconsistent with the stored authority configuration.
In one embodiment, the system further comprises a permission configuration module, configured to perform initial configuration of permissions through permission descriptors in corresponding interface methods when creating the interfaces.
In an embodiment, the scanning module 501 is specifically configured to start the authority register when the Spring container is started, so as to scan the interface method in the Spring container.
In an embodiment, the scanning module 501 is specifically configured to configure the authority registrar in a start-up file of the Spring container, so that the authority registrar automatically scans an interface method in the Spring container when the Spring container is started.
In an embodiment, the sorting module 503 is specifically configured to store each screened target interface as an element in a set, where a URL path, a method type and a role type allowed to access the target interface corresponding to the target interface are fields of the element; and sequencing all elements in the set according to the full fields to obtain a sequenced ordered set.
In one embodiment, the serialized string comprises a JSON string; the one-way encryption operation includes an MD5 operation.
For the specific definition of the updating device of the authority, reference may be made to the above definition of the updating method of the authority, which is not described herein again. The various modules in the above-described rights updating apparatus may be implemented in whole or in part by software, hardware, and combinations thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
In one embodiment, a computer device is provided, which may be a server, and its internal structure diagram may be as shown in fig. 6. The computer device includes a processor, a memory, a network interface, and a database connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The database of the computer device is used for storing data of the permission configuration. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a method of updating a right.
Those skilled in the art will appreciate that the architecture shown in fig. 6 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
In one embodiment, a computer device is provided, which herein may be a server, a PC, a PAD, a cell phone, etc. The computer device comprises at least one processor, at least one memory connected with the processor, and a bus; the processor and the memory complete mutual communication through a bus; the processor is used for calling the program instructions in the memory, and the processor realizes the following steps when executing the computer program:
scanning an interface method in a Spring container through an authority register;
screening a target interface according to an interface method, wherein the target interface is provided with a permission descriptor which is used for expressing the role type allowing the target interface to be accessed;
sorting the screened target interfaces according to the attribute information of the target interfaces and the role types allowing the target interfaces to be accessed to obtain a sorted ordered set;
converting the ordered set into a serialized character string, and performing unidirectional encryption operation on the serialized character string to obtain an operation result;
and when the operation result is inconsistent with the stored authority configuration, updating the authority configuration according to the operation result.
In one embodiment, before the method of scanning for an interface in a Spring container, the method further comprises: when an interface is created, the initial configuration of the rights is performed through the rights descriptor in the corresponding interface method.
In one embodiment, a method for scanning an interface in a Spring container includes: when the Spring container is started, the authority register is started to scan the interface method in the Spring container.
In one embodiment, a method for scanning an interface in a Spring container includes: and configuring an authority register in the starting file of the Spring container so that the authority register automatically scans the interface method in the Spring container when the Spring container is started.
In one embodiment, the attribute information of the target interface includes a URL path of the target interface and a corresponding method type; sorting the screened target interfaces according to the attribute information of the target interfaces and the role types allowing the target interfaces to be accessed, wherein the sorting comprises the following steps: storing each screened target interface as an element in a set, wherein the URL path and the method type corresponding to the target interface and the role type allowing access to the target interface are fields corresponding to the elements; and sequencing all elements in the set according to the full fields to obtain a sequenced ordered set.
In one embodiment, the serialized string comprises a JSON string; converting the ordered set to a serialized string, comprising: the ordered set is converted to a JSON string.
In one embodiment, the one-way encryption operation comprises an MD5 operation; performing a one-way encryption operation on the serialized character string, including: the serialized string is subjected to MD5 operations to obtain an operated MD 5.
In one embodiment, a computer-readable storage medium is provided, having a computer program stored thereon, which when executed by a processor, performs the steps of:
scanning an interface method in a Spring container through an authority register;
screening a target interface according to an interface method, wherein the target interface is provided with a permission descriptor which is used for expressing the role type allowing the target interface to be accessed;
sorting the screened target interfaces according to the attribute information of the target interfaces and the role types allowing the target interfaces to be accessed to obtain a sorted ordered set;
converting the ordered set into a serialized character string, and performing unidirectional encryption operation on the serialized character string to obtain an operation result;
and when the operation result is inconsistent with the stored authority configuration, updating the authority configuration according to the operation result.
In one embodiment, before the method of scanning for an interface in a Spring container, the method further comprises: when an interface is created, the initial configuration of the rights is performed through the rights descriptor in the corresponding interface method.
In one embodiment, a method for scanning an interface in a Spring container includes: when the Spring container is started, the authority register is started to scan the interface method in the Spring container.
In one embodiment, a method for scanning an interface in a Spring container includes: and configuring an authority register in the starting file of the Spring container so that the authority register automatically scans the interface method in the Spring container when the Spring container is started.
In one embodiment, the attribute information of the target interface includes a URL path of the target interface and a corresponding method type; sorting the screened target interfaces according to the attribute information of the target interfaces and the role types allowing the target interfaces to be accessed, wherein the sorting comprises the following steps: storing each screened target interface as an element in a set, wherein the URL path and the method type corresponding to the target interface and the role type allowing access to the target interface are fields corresponding to the elements; and sequencing all elements in the set according to the full fields to obtain a sequenced ordered set.
In one embodiment, the serialized string comprises a JSON string; converting the ordered set to a serialized string, comprising: the ordered set is converted to a JSON string.
In one embodiment, the one-way encryption operation comprises an MD5 operation; performing a one-way encryption operation on the serialized character string, including: the serialized string is subjected to MD5 operations to obtain an operated MD 5.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory, among others. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.
Claims (10)
1. A method for updating rights, the method comprising:
scanning an interface method in a Spring container through an authority register;
screening a target interface according to the interface method, wherein the target interface is provided with a permission descriptor which is used for expressing the role type allowing the target interface to be accessed;
sorting the screened target interfaces according to the attribute information of the target interfaces and the role types allowing the target interfaces to be accessed to obtain a sorted ordered set;
converting the ordered set into a serialized character string, and performing unidirectional encryption operation on the serialized character string to obtain an operation result;
and when the operation result is inconsistent with the stored authority configuration, updating the authority configuration according to the operation result.
2. The method for updating right according to claim 1, wherein before scanning the interface method in the Spring container, the method further comprises:
when an interface is created, the initial configuration of the authority is carried out through the authority descriptor in the corresponding interface method.
3. The method for updating authority according to claim 1, wherein the method for scanning interfaces in Spring containers includes:
and when the Spring container is started, starting the authority register to scan the interface method in the Spring container.
4. The method for updating authority according to claim 1, wherein the method for scanning interfaces in Spring containers includes:
and configuring the authority register in a starting file of the Spring container so that the authority register automatically scans the interface method in the Spring container when the Spring container is started.
5. The method for updating authority according to any one of claims 1 to 4, wherein the attribute information of the target interface includes a URL path of the target interface and a corresponding method type; the sorting the screened target interfaces according to the attribute information of the target interfaces and the role types allowing the target interfaces to be accessed comprises the following steps:
storing each screened target interface as an element in a set, wherein the URL path and the method type corresponding to the target interface and the role type allowing access to the target interface are fields of the element;
and sequencing all elements in the set according to the full fields to obtain a sequenced ordered set.
6. The method for updating right according to any one of claims 1 to 4, wherein the serialized string includes a JSON string; the one-way encryption operation comprises an MD5 operation.
7. An apparatus for updating rights, the apparatus comprising:
the scanning module is used for scanning the interface method in the Spring container;
the target interface screening module is used for screening a target interface according to the interface method, the target interface is provided with an authority descriptor, and the authority descriptor is used for expressing the role type allowing the target interface to be accessed;
the sorting module is used for sorting the screened target interfaces according to the attribute information of the target interfaces and the role types allowing the target interfaces to be accessed to obtain a sorted ordered set;
the processing module is used for converting the ordered set into a serialized character string and carrying out unidirectional encryption operation on the serialized character string to obtain an operation result;
and the authority configuration updating module is used for updating the authority configuration according to the operation result when the operation result is inconsistent with the stored authority configuration.
8. The apparatus for updating authority of claim 7, further comprising an authority configuration module, wherein the authority configuration module is configured to perform initial configuration of authority through the authority descriptor in a corresponding interface method when creating an interface.
9. A computer device comprising at least one processor, and at least one memory connected to the processor, a bus;
the processor and the memory complete mutual communication through the bus;
the processor is configured to invoke program instructions in the memory to implement the steps of the method of any of claims 1 to 6.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method of any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911164697.5A CN112835599A (en) | 2019-11-25 | 2019-11-25 | Permission updating method and device, computer equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911164697.5A CN112835599A (en) | 2019-11-25 | 2019-11-25 | Permission updating method and device, computer equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112835599A true CN112835599A (en) | 2021-05-25 |
Family
ID=75922777
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911164697.5A Pending CN112835599A (en) | 2019-11-25 | 2019-11-25 | Permission updating method and device, computer equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112835599A (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100011438A1 (en) * | 2008-07-11 | 2010-01-14 | International Business Machines Corporation | Role-Based Privilege Management |
| CN105227551A (en) * | 2015-09-24 | 2016-01-06 | 四川长虹电器股份有限公司 | The uniform permission administration method of XBRL application platform |
| CN109669718A (en) * | 2018-09-26 | 2019-04-23 | 深圳壹账通智能科技有限公司 | System permission configuration method, device, equipment and storage medium |
| CN110166466A (en) * | 2019-05-28 | 2019-08-23 | 湖南大学 | It is a kind of efficiently the multi-user of renewal authority to can search for encryption method and system |
-
2019
- 2019-11-25 CN CN201911164697.5A patent/CN112835599A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100011438A1 (en) * | 2008-07-11 | 2010-01-14 | International Business Machines Corporation | Role-Based Privilege Management |
| CN105227551A (en) * | 2015-09-24 | 2016-01-06 | 四川长虹电器股份有限公司 | The uniform permission administration method of XBRL application platform |
| CN109669718A (en) * | 2018-09-26 | 2019-04-23 | 深圳壹账通智能科技有限公司 | System permission configuration method, device, equipment and storage medium |
| CN110166466A (en) * | 2019-05-28 | 2019-08-23 | 湖南大学 | It is a kind of efficiently the multi-user of renewal authority to can search for encryption method and system |
Non-Patent Citations (1)
| Title |
|---|
| DBEAUTIFULLIFE: "使用spring事件驱动机制,实现权限信息的自动收集存库", pages 1 - 10, Retrieved from the Internet <URL:https://blog.csdn.net/dbeautifulLife/article/details/78477523> * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110209652B (en) | Data table migration method, device, computer equipment and storage medium | |
| CN109474578B (en) | Message checking method, device, computer equipment and storage medium | |
| CN108304201B (en) | Object updating method, device and equipment | |
| CN108804618B (en) | Database configuration method, device, computer equipment and storage medium | |
| CN109032662B (en) | Code file generation method and device, computer equipment and storage medium | |
| CN109814854B (en) | Project framework generation method, device, computer equipment and storage medium | |
| US11805136B2 (en) | Scanning container images and objects associated with building the container images | |
| CN111191221B (en) | Configuration method and device of authority resources and computer readable storage medium | |
| CN111310427A (en) | Service data configuration processing method and device, computer equipment and storage medium | |
| CN111475376B (en) | Method, apparatus, computer device and storage medium for processing test data | |
| CN110689232A (en) | Workflow configuration optimization processing method and device and computer equipment | |
| US8386608B1 (en) | Service scripting framework | |
| CN110135129B (en) | Code segment protection method and device, computer equipment and storage medium | |
| CN109389299B (en) | Workflow process deployment method, workflow process deployment device, computer equipment and storage medium | |
| CN109460252B (en) | Configuration file processing method and device based on git and computer equipment | |
| CN108418797B (en) | Webpage access method and device, computer equipment and storage medium | |
| CN112860778B (en) | Database management method, device, equipment and medium for desktop application program | |
| US20200142674A1 (en) | Extracting web api endpoint data from source code | |
| CN114531477B (en) | Method and device for configuring functional components, computer equipment and storage medium | |
| CN112631686A (en) | Data processing method, data processing device, computer equipment and storage medium | |
| CN113867600A (en) | Development method and device for processing streaming data and computer equipment | |
| CN111222153B (en) | Application program authority management method and device and storage medium | |
| CN112199200B (en) | Resource scheduling method and device, computer equipment and storage medium | |
| CN114816170A (en) | Rule scheme generation method, device, medium and electronic equipment | |
| CN110704099B (en) | Alliance chain construction method and device and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |