CN113032770A - User classification authority management method and device and intelligent terminal - Google Patents
User classification authority management method and device and intelligent terminal Download PDFInfo
- Publication number
- CN113032770A CN113032770A CN202110401821.6A CN202110401821A CN113032770A CN 113032770 A CN113032770 A CN 113032770A CN 202110401821 A CN202110401821 A CN 202110401821A CN 113032770 A CN113032770 A CN 113032770A
- Authority
- CN
- China
- Prior art keywords
- user
- menu
- role information
- accessible
- level
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000007726 management method Methods 0.000 title abstract description 35
- 238000000034 method Methods 0.000 claims description 38
- 238000012795 verification Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Abstract
The invention provides a user grading authority management method, a device and an intelligent terminal, which are characterized in that a user name and a user password of a current login system are obtained; inquiring whether user role information of a user name and a user password exists in a pre-established user database; and if the corresponding user role information is inquired, calling an accessible menu corresponding to the user role information in a pre-established menu database, and enabling the user to access the accessible menu. In the embodiment of the invention, user roles with different user permission levels are set, the corresponding accessible menus are customized for the user roles with different user permission levels, and after the user roles of login users are determined, the menus with the user permission levels corresponding to the user roles are only opened for the access of the users, so that different accessible menus are provided through the user permission levels, and the purpose of protecting the user privacy with different user permission levels is realized.
Description
Technical Field
The invention relates to the technical field of Android application systems, in particular to a user grading authority management method and device and an intelligent terminal.
Background
When the intelligent terminal is used as a relatively private device, a large amount of business secret information and privacy information of enterprises or users are usually stored, in order to ensure information security, an account and a corresponding password are set at present, and information in the intelligent terminal is encrypted through verification of the account and the password.
However, in the process of specifically using the intelligent terminal, as long as the account and the password are input and pass the verification, the intelligent terminal opens all the operation permissions, which easily causes the disclosure of the privacy information.
Disclosure of Invention
In view of this, embodiments of the present invention provide a user hierarchical authority management method, an apparatus, and an intelligent terminal, so as to solve the problem in the prior art that privacy information is easily leaked because user authorities are not distinguished.
In order to achieve the above purpose, the embodiments of the present invention provide the following technical solutions:
the first aspect of the embodiment of the invention discloses a user grading authority management method, which comprises the following steps:
acquiring a user name and a user password of a current login system;
inquiring whether user role information to which the user name and the user password belong exists in a pre-established user database, wherein the user role information at least comprises the user name, the user password and user permission levels, and different user permission levels correspond to different accessible menus;
and if the corresponding user role information is inquired, calling an accessible menu corresponding to the user role information in a menu database established in advance to enable the user to access the accessible menu.
Optionally, after the controlling the user to access the accessible menu, the method further includes:
acquiring a next-level authority user creating request initiated by the user, wherein the next-level authority user creating request carries a user name and a user password to be created;
creating user role information of a next-level authority user based on the next-level authority user creating request, and storing the user role information in the user database;
and customizing an accessible menu item corresponding to the user role information in a pre-established menu database according to the user role information to obtain an accessible menu of the user with the next level of authority.
Optionally, customizing an accessible menu item corresponding to the user role information in a pre-established menu database according to the user role information, including:
determining a menu item in which the user role information is inoperable;
setting the attribute of the corresponding menu item in the pre-established menu database as inoperable according to the inoperable menu item;
determining that a menu item in the pre-established menu database whose attributes are operational is a menu item accessible to the user role information.
Optionally, after the controlling the user to access the accessible menu, the method further includes:
acquiring a low-level authority user editing request initiated by the user to any low-level authority user, wherein the low-level authority user editing request carries user role information of the low-level authority user and/or editing information of an accessible menu;
and re-editing the user role information and/or the accessible menu of the low-level authority user based on the editing information.
Optionally, the process of pre-establishing the user database includes:
setting user role information of different user permission levels, wherein the user role information comprises codes and permission information corresponding to the user permission levels, the permission information comprises user creation permission and editing permission, the highest user permission level is an administrator permission level, the user creation permission means that the current user permission level can only create a next-level permission user, and the editing permission means that the current user permission level can only edit the user role information of other permission users with permission levels lower than that of the current user permission level;
the process of pre-establishing the menu database comprises the following steps:
establishing all menu items used by the system, and representing the menu items with different levels by using a MenuItamaCode field coded by 6 bits, wherein the coding format of the menu items is as follows: dxnxnxnxn … … Xn, where the number of bits of Xn represents the number of levels of the menu and n represents the number of the menu bar at that level.
The second aspect of the embodiments of the present invention discloses a user classification authority management device, including:
the login module is used for acquiring a user name and a user password of a current login system, and inquiring whether user role information to which the user name and the user password belong exists in a pre-established user database, wherein the user role information at least comprises the user name, the user password and user permission levels, and different user permission levels correspond to different accessible menus;
and the access module is used for calling an accessible menu corresponding to the user role information in a pre-established menu database if the corresponding user role information is inquired, so that the user can access the accessible menu.
Optionally, the method further includes:
the acquiring unit is used for acquiring a next-level authority user creating request initiated by the user, wherein the next-level authority user creating request carries a user name to be created;
the creating unit is used for creating user role information of the next-level authority user based on the next-level authority user creating request and storing the user role information in the user database; and customizing an accessible menu item corresponding to the user role information in a pre-established menu database according to the user role information to obtain an accessible menu of the user with the next level of authority.
Optionally, the creating unit is configured to customize, in a pre-established menu database, accessible menu items corresponding to the user role information according to the user role information, and is specifically configured to:
determining a menu item in which the user role information is inoperable; setting the attribute of the corresponding menu item in the pre-established menu database as inoperable according to the inoperable menu item; determining that a menu item in the pre-established menu database whose attributes are operational is a menu item accessible to the user role information.
Optionally, the method further includes:
an obtaining unit, configured to obtain a low-level authority user editing request initiated by a user to any low-level authority user, where the low-level authority user editing request carries user role information and/or editing information of an accessible menu for the low-level authority user;
and the editing unit is used for re-editing the user role information and/or the accessible menu of the low-level authority user based on the editing information.
The third aspect of the embodiment of the invention discloses an intelligent terminal, which comprises the user grading authority management device disclosed by the second aspect of the embodiment of the invention.
Based on the user classification authority management method, the device and the intelligent terminal provided by the embodiment of the invention, the user name and the user password of the current login system are obtained; inquiring whether user role information to which the user name and the user password belong exists in a pre-established user database, wherein the user role information at least comprises the user name, the user password and user permission levels, and different user permission levels correspond to different accessible menus; and if the corresponding user role information is inquired, calling an accessible menu corresponding to the user role information in a menu database established in advance to enable the user to access the accessible menu. In the embodiment of the invention, user roles with different user permission levels are set, the corresponding accessible menus are customized for the user roles with different user permission levels, and after the user roles of login users are determined, the menus with the user permission levels corresponding to the user roles are only opened for the access of the users, so that different accessible menus are provided through the user permission levels, and the purpose of protecting the user privacy with different user permission levels is realized.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
FIG. 1 is a flowchart illustrating a method for managing user hierarchical rights according to an embodiment of the present invention;
FIG. 2 is a flowchart illustrating another method for hierarchical rights management of a user according to an embodiment of the present invention;
FIG. 3 is a flowchart illustrating another method for hierarchical rights management of a user according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a user hierarchical rights management apparatus according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In this application, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
It can be known from the background art that, in the process of using the intelligent terminal by a user at present, the intelligent terminal opens all operation permissions as long as an account and a password are input and pass verification, so that the leakage of privacy information is easily caused.
Therefore, the embodiment of the invention discloses a user hierarchical authority management method, a device and an intelligent terminal, wherein user roles with different user authority levels are set, corresponding accessible menus are customized for the user roles with different user authority levels, and after the user roles of login users are determined, the menus with the user authority levels corresponding to the user roles are only opened for the users to access, so that different accessible menus are provided through the user authority levels, and the purpose of protecting the user privacy of different user authority levels is achieved. The specific implementation process is illustrated in detail by the following examples.
As shown in fig. 1, a schematic flow chart of a user hierarchical rights management method disclosed in the embodiment of the present invention is shown, and the method mainly includes the following steps:
step S101: and acquiring a user name and a user password of the current login system.
Step S102: and inquiring whether the user role information to which the user name and the user password belong exists in a pre-established user database, if so, executing the step S103, and if not, quitting the login.
The user database involved in step S102 is pre-established, and the pre-established user database is used to store user role information, where the user role information at least includes a user name, a user password, and user permission levels, and different user permission levels correspond to different accessible menus.
Specifically, the process of pre-establishing the user database is as follows:
firstly, user role information of different user authority levels is set based on a user database storage rule.
And secondly, correspondingly storing the user role information according to the user authority level to obtain a constructed user database.
The user role information comprises a user name, a user password, codes corresponding to user authority levels and authority information, and the authority information comprises user creation authority and editing authority. The user creating authority means that the current user authority level can only create a next-level authority user, and the editing authority means that the current user authority level can only edit the user role information of other authority users with authority levels lower than the current user authority level.
The highest user privilege level in the pre-established user database is the administrator privilege level. When the system is used for the first time, the user name and the user password with the highest user authority level are provided for the user.
Optionally, different codes are used to represent different user permission levels, and each code corresponds to a unique user permission level. The code may be numeric, text and/or English, etc.
Optionally, when a user name corresponding to the authority level is newly created, the user role information to which the user name belongs is stored in the user database according to the storage rule of the user database, and the accessible menu items are determined to be associated in the pre-established menu database.
In the specific process of executing step S102, a pre-established user database is queried based on the user name used by the current user to log in the system, and whether the user name exists in the user database is searched, that is, whether user role information including the user name is stored.
If the user name is found, the authority level of the user using the user name and the authority information thereof can be determined, and step S103 is executed.
If not, confirming that the user using the user name has no authority to log in the system, and directly logging out.
Step S103: and calling an accessible menu corresponding to the user role information in a pre-established menu database to enable the user to access the accessible menu.
The menu database referred to in step S103 is pre-established for storing all menu items used by the present system.
Specifically, the process of pre-establishing the user database is as follows:
first, all menu items used by the present system are determined.
Alternatively, the menu item may be a menu item of multiple levels. For example, a main menu item may further include a plurality of sub-menu items, and a sub-menu item may also continue to include a smaller menu item.
Secondly, all menu items used by the system are set and stored according to the determined menu items and the storage rule of the menu database.
Optionally, a menuitramcode field encoded by 6 bits is used to represent menu items with different levels, where the encoding format of the menu item is: dxnxnxnxn … … Xn, where the number of bits of Xn represents the number of levels of the menu and n represents the number of the menu bar at that level. The embodiment of the present invention is not limited to this, as to the storage manner of the menu item in the menu database.
Optionally, when a user name corresponding to an authority level is created in the pre-established user database, menu items accessible to the user name are determined in the pre-established menu database and associated with the user name. Namely, an association relationship is established with the user role information to which the user name belongs.
It should be further noted that the user database and the menu database may be integrated into one database, and when the database is established, two areas are divided in the database, one area is used as the user database, and the other area is used as the menu database.
In the specific process of executing step S103, according to the queried user name, determining an accessible menu item associated with the user name in the pre-established menu data, that is, an accessible menu associated with the user role information to which the user name belongs, calling the accessible menu, and displaying at the login end, so that the user can access the accessible menu.
Based on the user hierarchical authority management method provided by the embodiment of the invention, whether user role information to which the user name belongs exists in a pre-established user database is inquired by acquiring the user name of a current login system, wherein the user role information at least comprises the user name and user authority levels, and different user authority levels correspond to different accessible menus; and if the corresponding user role information is inquired, calling an accessible menu corresponding to the user role information in a menu database established in advance to enable the user to access the accessible menu. In the embodiment of the invention, user roles with different user permission levels are set, the corresponding accessible menus are customized for the user roles with different user permission levels, and after the user roles of login users are determined, the menus with the user permission levels corresponding to the user roles are only opened for the access of the users, so that different accessible menus are provided through the user permission levels, and the purpose of protecting the user privacy with different user permission levels is realized.
The user hierarchical right management method disclosed based on the above embodiment of the present invention is described here with specific application examples.
For example, the authority level of the current USER is an administrator level, the USER name of the current USER is USER-T, and the USER password is 1111.
First, when a user logs into the application, the user's role is obtained in the clicked event of the "confirm" button of the login window. The specific process is as follows: and searching whether the user name exists in a UserNamc table or not in a pre-established user database, if so, searching whether a password corresponding to the user name in the UserPassword table is 1111 or not, and if so, acquiring the user permission level of the user from a tab _ user table associated with the UserNamc table and the UserPassword table.
And secondly, calling an accessible menu corresponding to the user role information in a pre-established menu database based on the determined user permission level.
Finally, the accessible menu of the user is displayed on the terminal used by the user to log in the application system.
In the embodiment of the invention, after the user role of the login user is determined, only the menu of the user permission level corresponding to the user role is opened for the user to access, so that different accessible menus are provided through the user permission level, and the purpose of protecting the user privacy of different user permission levels is realized.
Based on the user grading authority management method disclosed by the embodiment of the invention, the embodiment of the invention also discloses another user grading authority management method. As shown in fig. 2, the other hierarchical rights management method for users mainly includes the following steps:
step S201: and acquiring a user name and a user password of the current login system.
Step S202: and inquiring whether the user name and the user role information to which the user password belongs exist in a pre-established user database, if so, executing the step S203, and if not, logging out.
Step S203: and calling an accessible menu corresponding to the user role information in a pre-established menu database to enable the user to access the accessible menu.
The specific execution process and principle of steps S201 to S203 are the same as those of steps S101 to S103 disclosed in fig. 1, see.
Step S204: and acquiring a next-level authority user creation request initiated by the user.
In step S204, the next-level user authority creating request carries a user name and a user password to be created.
After step S203 is executed, a menu accessible to the user is presented on the current login terminal. Shown on the accessible menu is a menu that the current user has permission to operate. If the user has the authority of creating the next-level user, the user triggers a menu item for creating the next-level user and initiates a user creating request of the next-level authority.
It should be noted that the creation of the next-level authority user can only be initiated by the upper-level authority user, and the cross-level creation authority user is not supported in the embodiment of the present invention.
Step S205: and creating user role information of the next-level authority user based on the next-level authority user creating request, and storing the user role information in the user database.
In the process of specifically executing step S205, based on the next-level authority user creation request initiated by the current user, the user name, the user password, and the user authority level carried in the next-level authority user creation request are stored in the user database, and the creation of the user role information is completed.
Step S206: and customizing an accessible menu item corresponding to the user role information in a pre-established menu database according to the user role information to obtain an accessible menu of the user with the next level of authority.
In the specific execution of step S206, first, a menu item in which the user character information is inoperable is determined.
Secondly, setting the attribute of the corresponding menu item in the pre-established menu database as inoperable according to the inoperable menu item.
And finally, determining that the menu item with the attribute being operable in the pre-established menu database is the menu item accessible by the user role information.
That is, according to the user permission level in the user role information, the menu item that is inoperable according to the user permission level is acquired from the menu database that is established in advance, and then the attribute of the acquired inoperable menu item is set to be inaccessible. And finally, constructing the accessible menu items of the next-level authority user to be created by utilizing other menu items which are not set as inaccessible in the pre-established menu database.
Based on the user hierarchical authority management method provided by the embodiment of the invention, the user at the current authority level can only create the user authority at the next level, and cannot create the authority user across levels. The permission users are created step by step, and the accessible menus of the users are set after the creation is finished, so that the access permissions of the whole menu database are reduced step by step, the condition of override can be prevented, the purpose of protecting the user privacy of different user permission levels is realized, and the creation users of the current permission level can be traced.
The user hierarchical right management method disclosed based on the above embodiment of the present invention is described here with specific application examples.
For example, the current USER has a primary permission level USER with a USER name of USER-1 and a USER password of 1234.
First, when a user logs into the application, the user's role is obtained in the clicked event of the "confirm" button of the login window. The specific process is as follows: and searching whether the user name exists in a UserNamc table or not in a pre-established user database, if so, searching whether a password corresponding to the user name in the UserPassword table is 1234 or not, and if so, acquiring the primary authority level of the user from a tab _ user table associated with the UserNamc table and the UserPassword table.
And secondly, calling an accessible menu corresponding to the primary authority level in a pre-established menu database.
Secondly, displaying the accessible menu of the user with the primary authority level on the terminal used by the user for logging in the application system.
Secondly, the USER triggers a secondary authority USER creating menu item, sets the USER name of the secondary authority level USER as USER-2 and the USER password as 2314, and generates a secondary authority USER creating request carrying the USER name and the USER password.
And secondly, storing the user name, the user password and the user role information of the secondary authority level carried in the secondary authority user creating request in a user database to complete the creation of the user role information.
Secondly, all the inoperable menu items corresponding to the secondary permission level are obtained in a tab _ role _ menu table of a pre-established menu database.
And secondly, circulating step by step according to the content of the MenultamCode field, and setting the enabled attribute of the corresponding menu item to false so as to make the menu item inaccessible.
Secondly, determining other menu items in the pre-established menu database as menu items accessible by the user role information.
And finally, establishing association between the user role information of the secondary permission level user and the determined accessible menu items, and finishing the creation of the secondary permission level user.
In the embodiment of the invention, the authority users are created step by step, and the accessible menu of the user is set after the creation is finished, so that the access authority of the whole menu database is reduced step by step, thereby not only preventing the unauthorized situation from occurring and realizing the purpose of protecting the privacy of the users with different user authority levels, but also being beneficial to tracing the creation user of the user with the current authority level.
Based on the user grading authority management method disclosed by the embodiment of the invention, the embodiment of the invention also discloses another user grading authority management method. As shown in fig. 3, the other hierarchical rights management method for users mainly includes the following steps:
step S301: and acquiring a user name and a user password of the current login system.
Step S302: and inquiring whether the user role information to which the user name and the user password belong exists in a pre-established user database, if so, executing the step S303, and if not, quitting the login.
Step S303: and calling an accessible menu corresponding to the user role information in a pre-established menu database to enable the user to access the accessible menu.
The specific execution process and principle of steps S301 to S303 are the same as those of steps S101 to S103 disclosed in fig. 1, see.
Step S304: and acquiring a low-level authority user editing request initiated by the user to any low-level authority user.
In step S304, the low-level authority user edit request carries user role information and/or edit information of an accessible menu for the low-level authority user.
Step S305: and re-editing the user role information and/or the accessible menu of the low-level authority user based on the editing information.
In the specific implementation of step S305, the current user may delete the user name and the user password in the user role information of the low-level-authority user based on the editing information of the user role information. The current user can also delete and modify the accessible menu corresponding to the low-level authority user based on the editing information of the accessible menu.
In the embodiment of the invention, the user with high authority level can edit the user role information and the accessible menu of the user with low authority level, and the purpose of protecting the user privacy of different user authority levels in a grading way can be realized.
Based on the user grading authority management method disclosed by the embodiment of the invention, the embodiment of the invention also correspondingly discloses a user grading authority management device.
Fig. 4 is a schematic diagram illustrating a result of a user hierarchical rights management apparatus according to an embodiment of the present invention. The user grading authority management device mainly comprises: a login module 401 and an access module 402.
The login module 401 is configured to obtain a user name and a user password of a current login system, and query whether user role information to which the user name and the user password belong exists in a pre-established user database, where the user role information at least includes the user name, the user password, and user permission levels, and different user permission levels correspond to different accessible menus.
An accessing module 402, configured to, if the corresponding user role information is queried, invoke an accessible menu corresponding to the user role information in a pre-established menu database, so that the user accesses the accessible menu.
Optionally, the user hierarchical right management apparatus further includes: a user creation module.
The user creation module includes: an acquisition unit and a creation unit.
And the acquisition unit is used for acquiring a next-level authority user creation request initiated by the user.
The creating unit is used for creating user role information of the next-level authority user based on the next-level authority user creating request and storing the user role information in the user database; and customizing an accessible menu item corresponding to the user role information in a pre-established menu database according to the user role information to obtain an accessible menu of the user with the next level of authority.
Wherein, the creating unit is configured to customize, in a pre-established menu database, accessible menu items corresponding to the user role information according to the user role information, and is specifically configured to:
determining a menu item in which the user role information is inoperable; setting the attribute of the corresponding menu item in the pre-established menu database as inoperable according to the inoperable menu item; determining that a menu item in the pre-established menu database whose attributes are operational is a menu item accessible to the user role information.
Optionally, the user hierarchical right management apparatus further includes: and a user editing module.
The user editing module comprises: an acquisition unit and an editing unit.
An obtaining unit, configured to obtain a low-level authority user editing request initiated by the user for any low-level authority user, where the low-level authority user editing request carries user role information and/or editing information of an accessible menu for the low-level authority user.
And the editing unit is used for re-editing the user role information and/or the accessible menu of the low-level authority user based on the editing information.
Based on the user classification authority management device provided by the embodiment of the invention, the user name and the user password of the current login system are obtained; inquiring whether user role information to which the user name and the user password belong exists in a pre-established user database, wherein the user role information at least comprises the user name, the user password and user permission levels, and different user permission levels correspond to different accessible menus; and if the corresponding user role information is inquired, calling an accessible menu corresponding to the user role information in a menu database established in advance to enable the user to access the accessible menu. In the embodiment of the invention, user roles with different user permission levels are set, the corresponding accessible menus are customized for the user roles with different user permission levels, and after the user roles of login users are determined, the menus with the user permission levels corresponding to the user roles are only opened for the access of the users, so that different accessible menus are provided through the user permission levels, and the purpose of protecting the user privacy with different user permission levels is realized.
Based on the user grading authority management method and device disclosed by the embodiment of the invention, the embodiment of the invention also discloses an intelligent terminal, the intelligent terminal comprises the user grading authority management device disclosed by the embodiment of the invention, and the user grading authority management device is used for executing the user grading authority management method disclosed by the embodiment of the invention.
In summary, according to the method, the device, and the intelligent terminal for managing user hierarchical rights provided by the embodiments of the present invention, by setting user roles at different user rights levels and customizing corresponding accessible menus for the user roles at different user rights levels, after determining the user role of a login user, only the menu at the user rights level corresponding to the user role is opened for access, so that different accessible menus are provided through the user rights levels, and the purpose of protecting user privacy at different user rights levels is achieved.
In the above embodiments, the implementation may be wholly or partially realized by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, the system or system embodiments are substantially similar to the method embodiments and therefore are described in a relatively simple manner, and reference may be made to some of the descriptions of the method embodiments for related points. The above-described system and system embodiments are only illustrative, wherein the units described as separate parts may or may not be physically separate, and the parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (10)
1. A method for hierarchical rights management of a user, the method comprising:
acquiring a user name and a user password of a current login system;
inquiring whether user role information to which the user name and the user password belong exists in a pre-established user database, wherein the user role information at least comprises the user name, the user password and user permission levels, and different user permission levels correspond to different accessible menus;
and if the corresponding user role information is inquired, calling an accessible menu corresponding to the user role information in a menu database established in advance to enable the user to access the accessible menu.
2. The method of claim 1, further comprising, after said controlling said user to access said accessible menu:
acquiring a next-level authority user creating request initiated by the user, wherein the next-level authority user creating request carries a user name and a user password to be created;
creating user role information of a next-level authority user based on the next-level authority user creating request, and storing the user role information in the user database;
and customizing an accessible menu item corresponding to the user role information in a pre-established menu database according to the user role information to obtain an accessible menu of the user with the next level of authority.
3. The method of claim 2, wherein customizing accessible menu items corresponding to the user role information in a pre-established menu database according to the user role information comprises:
determining a menu item in which the user role information is inoperable;
setting the attribute of the corresponding menu item in the pre-established menu database as inoperable according to the inoperable menu item;
determining that a menu item in the pre-established menu database whose attributes are operational is a menu item accessible to the user role information.
4. The method of claim 1, further comprising, after said controlling said user to access said accessible menu:
acquiring a low-level authority user editing request initiated by the user to any low-level authority user, wherein the low-level authority user editing request carries user role information of the low-level authority user and/or editing information of an accessible menu;
and re-editing the user role information and/or the accessible menu of the low-level authority user based on the editing information.
5. The method according to any one of claims 1 to 4, wherein the pre-establishing a user database comprises:
setting user role information of different user permission levels, wherein the user role information comprises codes and permission information corresponding to the user permission levels, the permission information comprises user creation permission and editing permission, the highest user permission level is an administrator permission level, the user creation permission means that the current user permission level can only create a next-level permission user, and the editing permission means that the current user permission level can only edit the user role information of other permission users with permission levels lower than that of the current user permission level;
the process of pre-establishing the menu database comprises the following steps:
establishing all menu items used by the system, and representing the menu items with different levels by using a MenuItamaCode field coded by 6 bits, wherein the coding format of the menu items is as follows: dxnxnxnxn … … Xn, where the number of bits of Xn represents the number of levels of the menu and n represents the number of the menu bar at that level.
6. A user hierarchical rights management apparatus, comprising:
the login module is used for acquiring a user name and a user password of a current login system, and inquiring whether user role information to which the user name and the user password belong exists in a pre-established user database, wherein the user role information at least comprises the user name, the user password and user permission levels, and different user permission levels correspond to different accessible menus;
and the access module is used for calling an accessible menu corresponding to the user role information in a pre-established menu database if the corresponding user role information is inquired, so that the user can access the accessible menu.
7. The apparatus of claim 6, further comprising:
the acquiring unit is used for acquiring a next-level authority user creating request initiated by the user, wherein the next-level authority user creating request carries a user name to be created;
the creating unit is used for creating user role information of the next-level authority user based on the next-level authority user creating request and storing the user role information in the user database; and customizing an accessible menu item corresponding to the user role information in a pre-established menu database according to the user role information to obtain an accessible menu of the user with the next level of authority.
8. The apparatus according to claim 7, wherein the creation unit is configured to customize, according to the user role information, an accessible menu item corresponding to the user role information in a pre-established menu database, and is specifically configured to:
determining a menu item in which the user role information is inoperable; setting the attribute of the corresponding menu item in the pre-established menu database as inoperable according to the inoperable menu item; determining that a menu item in the pre-established menu database whose attributes are operational is a menu item accessible to the user role information.
9. The apparatus of claim 6, further comprising:
an obtaining unit, configured to obtain a low-level authority user editing request initiated by a user to any low-level authority user, where the low-level authority user editing request carries user role information and/or editing information of an accessible menu for the low-level authority user;
and the editing unit is used for re-editing the user role information and/or the accessible menu of the low-level authority user based on the editing information.
10. An intelligent terminal, characterized in that the intelligent terminal comprises the user hierarchical rights management device of any one of claims 6 to 9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110401821.6A CN113032770A (en) | 2021-04-14 | 2021-04-14 | User classification authority management method and device and intelligent terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110401821.6A CN113032770A (en) | 2021-04-14 | 2021-04-14 | User classification authority management method and device and intelligent terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113032770A true CN113032770A (en) | 2021-06-25 |
Family
ID=76457371
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110401821.6A Pending CN113032770A (en) | 2021-04-14 | 2021-04-14 | User classification authority management method and device and intelligent terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113032770A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114844673A (en) * | 2022-03-25 | 2022-08-02 | 华能信息技术有限公司 | Data security management method |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102004868A (en) * | 2009-09-01 | 2011-04-06 | 上海杉达学院 | Role access control-based information system data storage layer and building method |
| CN103001803A (en) * | 2012-12-10 | 2013-03-27 | 上海斐讯数据通信技术有限公司 | Method and system for achieving right management in network management |
| CN104050401A (en) * | 2013-03-12 | 2014-09-17 | 腾讯科技(深圳)有限公司 | User permission management method and system |
| CN104573478A (en) * | 2014-11-20 | 2015-04-29 | 深圳市远行科技有限公司 | User authority management system of Web application |
| CN110688631A (en) * | 2019-09-29 | 2020-01-14 | 西北大学 | RBAC-based dynamic control system for fine-grained authority under virtual teaching environment |
-
2021
- 2021-04-14 CN CN202110401821.6A patent/CN113032770A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102004868A (en) * | 2009-09-01 | 2011-04-06 | 上海杉达学院 | Role access control-based information system data storage layer and building method |
| CN103001803A (en) * | 2012-12-10 | 2013-03-27 | 上海斐讯数据通信技术有限公司 | Method and system for achieving right management in network management |
| CN104050401A (en) * | 2013-03-12 | 2014-09-17 | 腾讯科技(深圳)有限公司 | User permission management method and system |
| CN104573478A (en) * | 2014-11-20 | 2015-04-29 | 深圳市远行科技有限公司 | User authority management system of Web application |
| CN110688631A (en) * | 2019-09-29 | 2020-01-14 | 西北大学 | RBAC-based dynamic control system for fine-grained authority under virtual teaching environment |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114844673A (en) * | 2022-03-25 | 2022-08-02 | 华能信息技术有限公司 | Data security management method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Al-Kahtani et al. | A model for attribute-based user-role assignment | |
| EP1625691B1 (en) | System and method for electronic document security | |
| CN110457891B (en) | Permission configuration interface display method, device, terminal and storage medium | |
| US20050065933A1 (en) | System and method for customizing form elements in a form building application | |
| CN111756621A (en) | Method and device for managing data of group users and maintaining instant messaging group | |
| CN101754182A (en) | Packed-based network contact list implementation method and system | |
| CN101256605A (en) | Enterprise entitlement framework | |
| US20090019424A1 (en) | System and method of application context driven access restriction | |
| AU2014208184A1 (en) | Systems and methodologies for managing document access permissions | |
| CN109460400B (en) | System and method for establishing safety baseline library of power monitoring system | |
| CN110930561B (en) | Control method and device of intelligent lock | |
| CN114021531A (en) | Document collaborative editing method and device, electronic equipment and storage medium | |
| CN112150122A (en) | Agile network resource positioning and decision-making system | |
| CN112307444A (en) | Role creation method, role creation device, computer equipment and storage medium | |
| CN104834865A (en) | Method for setting access permission of mobile terminal and mobile terminal | |
| CN113032770A (en) | User classification authority management method and device and intelligent terminal | |
| CN114385999A (en) | User authority management method, device, equipment and medium | |
| CN101383030A (en) | Problem tracking system and method in process of project progressing | |
| CN105827597A (en) | Method for managing internet account number and password | |
| CN106487770A (en) | Method for authenticating and authentication device | |
| CN111611220B (en) | File sharing method and system based on hierarchical nodes | |
| CN102158347A (en) | Data protection method and device and server | |
| CN115688199A (en) | Key generation method and device for intelligent device, electronic device and medium | |
| US8290979B1 (en) | Software architecture for access control based on hierarchical characteristics | |
| CN107332840A (en) | Authority intelligent management system and its method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210625 |
|
| RJ01 | Rejection of invention patent application after publication |