CN113505389B - Data authority management method, electronic device, server and readable storage medium - Google Patents
Data authority management method, electronic device, server and readable storage medium Download PDFInfo
- Publication number
- CN113505389B CN113505389B CN202110759633.0A CN202110759633A CN113505389B CN 113505389 B CN113505389 B CN 113505389B CN 202110759633 A CN202110759633 A CN 202110759633A CN 113505389 B CN113505389 B CN 113505389B
- Authority
- CN
- China
- Prior art keywords
- user account
- data
- authority
- access
- acquiring
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000007726 management method Methods 0.000 title claims abstract description 27
- 238000000034 method Methods 0.000 claims abstract description 15
- 238000004590 computer program Methods 0.000 claims description 8
- 230000001105 regulatory effect Effects 0.000 abstract description 6
- 230000008859 change Effects 0.000 abstract description 4
- 238000004891 communication Methods 0.000 description 9
- 230000007246 mechanism Effects 0.000 description 4
- 238000013475 authorization Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000013523 data management Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/25—Integrating or interfacing systems involving database management systems
- G06F16/256—Integrating or interfacing systems involving database management systems in federated or virtual databases
Landscapes
- Engineering & Computer Science (AREA)
- Databases & Information Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Data Mining & Analysis (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a data authority management method, an electronic device, a server and a readable storage medium, wherein the method comprises the following steps: when a permission setting instruction is received, acquiring a permission label in the permission setting instruction and data corresponding to the permission setting instruction; acquiring an association tag of the data associated user account, and setting an access authority user account corresponding to the data according to the association tag and the authority tag; when the adjustment of the association tag of the user account is detected, the access authority user account corresponding to the data is adjusted according to the adjusted association tag. The access authority user account corresponding to the data is preset according to the association between the user account and the data, and the access authority user account corresponding to the data is regulated according to the change of the association between the user account and the data, so that the data access authority can be regulated in real time, management is convenient, and meanwhile, the control complexity is reduced.
Description
Technical Field
The present invention relates to the field of data management, and in particular, to a data authority management method, an electronic device, a server, and a readable storage medium.
Background
In a big data system, the control of data authority is particularly important in the fusion treatment of multi-source heterogeneous data. In the existing data authority control, two mechanisms are generally adopted, one is preset authority, namely, when a user account is registered, a certain authority or role is given to the user account; the other is the post-right, namely, when the user account uses the system, the user account data right is modified through an authorization mechanism. Both mechanisms meet the need for access control of most data rights, but both authorization mechanisms can be complex when the user account itself is also the creator or participant of the business data; it is difficult to manage the data right.
Disclosure of Invention
The main object of the present invention is to propose a data rights management method, an electronic device, a server and a readable storage medium, the method aims to solve the problems that the control of the data authority is complex and difficult to manage in the prior art.
In order to achieve the above object, the present invention provides a data right management method, the method comprising the steps of:
when a permission setting instruction is received, acquiring a permission label in the permission setting instruction and data corresponding to the permission setting instruction;
Acquiring an association tag of the data associated user account, and setting an access authority user account corresponding to the data according to the association tag and the authority tag;
when the adjustment of the association tag of the user account is detected, the access authority user account corresponding to the data is adjusted according to the adjusted association tag.
Optionally, the step of obtaining the association tag of the data associated user account and setting the access authority user account corresponding to the data according to the association tag and the authority tag includes:
acquiring a first user account number which is associated with the data and matched with the permission label by an associated label;
and setting the access right user account according to the first user account.
Optionally, the step of setting the access authority user account according to the first user account includes:
acquiring a second user account marked with an inheritor label on the first user account;
taking the first user account and the second user account as access authority user accounts;
Optionally, the step of taking the first user account and the second user account as access authority user accounts includes:
acquiring user account information of the first user account and the second user account;
And writing the user account information into a right user account attribute field of the data.
Optionally, the acquiring the association tag of the data associated user account, and setting the access authority user account corresponding to the data according to the association tag and the authority tag includes:
acquiring initial authority information in the authority setting instruction;
And dividing the data into public data and private data according to the initial authority information.
Optionally, the method further comprises:
when an access request of the data, which is sent by a third user account, is received, acquiring identity information of the third user account in the access request;
Judging whether the third user account is an access right user account corresponding to the data according to the identity information;
And if yes, allowing the third user account to access the data.
Optionally, the step of determining whether the third user account is the access right user account corresponding to the data according to the identity information includes:
acquiring a permission user account attribute field corresponding to the data;
judging whether the identity information is matched with the user account information in the authority user account attribute field;
and if the identity information is matched with the user account information in the authority user account attribute field, the third user account is the access authority user account corresponding to the data.
To achieve the above object, the present invention also provides an electronic device including:
The first acquisition module is used for acquiring the authority label in the authority setting instruction and the data corresponding to the authority setting instruction when the authority setting instruction is received;
The first execution module is used for acquiring the association tag of the data associated user account and setting the access authority user account corresponding to the data according to the association tag and the authority tag;
and the second execution module is used for adjusting the access right user account corresponding to the data according to the adjusted associated label when the associated label of the user account is detected to be adjusted.
Optionally, the first execution module includes:
The first acquisition sub-module is used for acquiring a first user account which is associated with the data and matched with the permission label by an associated label;
and the first execution sub-module is used for setting the access authority user account according to the first user account.
Optionally, the first execution unit includes:
The first acquisition unit is used for acquiring a second user account marked with an inheritor label on the first user account;
the first execution unit is used for taking the first user account and the second user account as access authority user accounts;
Optionally, the first execution unit includes:
The first acquisition subunit is used for acquiring the user account information of the first user account and the second user account;
and the first execution subunit is used for writing the user account information into the authority user account attribute field of the data.
Optionally, the electronic device further includes:
the second acquisition module is used for acquiring the initial authority information in the authority setting instruction;
And the third execution module is used for dividing the data into public data and private data according to the initial authority information.
Optionally, the electronic device further includes:
The third acquisition module is used for acquiring the identity information of a third user account in the access request when receiving the access request of the data, which is sent by the third user account;
the first judging module is used for judging whether the third user account is an access right user account corresponding to the data according to the identity information;
And the fourth execution module is used for allowing the third user account to access the data when the third user account is the access authority user account corresponding to the data.
Optionally, the first judging module includes:
The second acquisition sub-module is used for acquiring the attribute field of the account number of the authority user corresponding to the data;
the first judging sub-module is used for judging whether the identity information is matched with the user account information in the authority user account attribute field;
and the second execution sub-module is used for determining that the third user account is the access authority user account corresponding to the data when the identity information is matched with the user account information in the authority user account attribute field.
To achieve the above object, the present invention also provides a server comprising a memory, a processor and a computer program stored on the memory and executable on the processor, which when executed by the processor implements the steps of the data rights management method as described above.
To achieve the above object, the present invention also provides a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the data right management method as described above.
The invention can be applied to data organization storage in the technical field of data capacity, and provides a data authority management method, an electronic device, a server and a readable storage medium, wherein the method comprises the following steps: when a permission setting instruction is received, acquiring a permission label in the permission setting instruction and data corresponding to the permission setting instruction; acquiring an association tag of the data associated user account, and setting an access authority user account corresponding to the data according to the association tag and the authority tag; when the adjustment of the association tag of the user account is detected, the access authority user account corresponding to the data is adjusted according to the adjusted association tag. The access authority user account corresponding to the data is preset according to the association between the user account and the data, and the access authority user account corresponding to the data is regulated according to the change of the association between the user account and the data, so that the data access authority can be regulated in real time, management is convenient, and meanwhile, the control complexity is reduced.
Drawings
FIG. 1 is a flowchart of a first embodiment of a data rights management method according to the present invention;
FIG. 2 is a detailed flow chart of a second embodiment of the data rights management method of the present invention;
Fig. 3 is a schematic block diagram of a server according to the present invention.
Detailed Description
It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the application. In order that those skilled in the art will better understand the present application, a technical solution in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present application, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present application without making any inventive effort, shall fall within the scope of the present application.
The invention provides a data authority management method, referring to fig. 1, fig. 1 is a flow chart of a first embodiment of the data authority management method of the invention, the method comprises the steps of:
Step S10, when a permission setting instruction is received, acquiring a permission label in the permission setting instruction and data corresponding to the permission setting instruction;
The rights setting instruction is sent by an administrator when setting access rights to the data. The permission setting instruction comprises a permission label, wherein the permission label is used for associating the data with the user account with the access permission for the data, namely the user account with the permission label can access the data;
It should be noted that the permission label may further include an access permission label and an edit permission label; specifically, a user account with an access permission label on data can access the data, but cannot edit the data; and the user account with the editing authority label can access and edit the data.
The permission setting instruction can comprise data or a data tag, when an administrator stores new data, the permission setting instruction comprises the data to be stored, and after the data in the permission setting instruction is acquired, the access permission of the data is synchronously set; when an administrator sets an existing data, the permission setting instruction includes a data tag, and the data to be set can be obtained according to the data tag. It should be noted that, the data in this embodiment may be a single data, may be a type of data having the same attribute, or may be a data set of different data selected according to the need.
Step S20, acquiring an association tag of the data associated user account, and setting an access authority user account corresponding to the data according to the association tag and the authority tag;
When the data and the user account are associated, at least one association tag exists between the data and the associated user account, namely the association tag is used for representing the relationship between the user account and the data; when the associated tag of the data set on the user account is the authority tag set on the data, the user account has the right to access the data, namely the user account is the access authority user account corresponding to the data.
And step S30, when the adjustment of the association tag of the user account is detected, adjusting the access right user account corresponding to the data according to the adjusted association tag.
Different associated labels are set on the user account aiming at different data, when the associated labels on the user account are adjusted, if the associated labels are newly added, the data corresponding to the associated labels are obtained, whether the newly added associated labels are matched with the permission labels of the data or not is judged, and if so, the user account is set as an access permission user account corresponding to the data; and when deleting the associated tag, if the permission tag of the data is matched with the associated tag, removing the user account from the access permission user account corresponding to the data. For example: the data is the contact way of the client, the user account is the employee account, and the permission label set by the data is the contact; in the initial state, the employee account is not a contact corresponding to the client, and at the moment, the employee account is not an access authority user account corresponding to the client contact, and cannot access the client contact; when the employee account and the client establish a contact relation, the employee account is newly added with a contact association tag, and is set as an access authority user account of the contact way of the client, and the employee account can access the contact way of the client.
According to the embodiment, the access authority user account corresponding to the data is preset according to the association between the user account and the data, and the adjustment of the access authority user account corresponding to the data is implemented according to the change of the association between the user account and the data, so that the data access authority can be adjusted in real time, the management is convenient, and the control complexity is reduced.
Further, referring to fig. 2, in a second embodiment of the data rights management method according to the present invention proposed based on the first embodiment of the present invention, the step S20 includes the steps of:
step S21, a first user account which is associated with the data and is matched with the permission label by an associated label is obtained;
Step S22, setting the access authority user account according to the first user account.
The step S22 includes the steps of:
Step S221, a second user account marked with an inheritor label on the first user account is obtained;
Step S222, using the first user account and the second user account as access authority user accounts;
The first user account is an owner account directly having data access rights; the second user account is a user account indirectly having data access rights by establishing a inheritor association with the first user account; specifically, if the directly upper level of the first user account is set to the inheritor label of the first user account, at this time, the directly upper level of the first user account is the second user account corresponding to the first user account; or when the owner of the first user account leaves the job, setting the inheritor label for the first user account for the user account which takes over the work of the owner of the first user account, so that the user which takes over the work can access the data in the first user account through the user account. It will be appreciated that the inheritor tag may also be passed, such as having a user account with respect to the second user account inheritor tag that is able to access both the first user account and the second user account as data for the owner account.
It should be noted that, the access authority of the second user account may be set regularly, and only the second user account is allowed to access the data shared by the first user account, or the second user account is not allowed to access the data not shared by the first user account.
The embodiment can reasonably set the access authority of the user account.
Further, in a third embodiment of the data rights management method according to the present invention set forth in the second embodiment of the present invention, the step S222 includes the steps of:
step S2221, obtaining user account information of the first user account and the second user account;
Step S2222, writing the user account information into the authority user account attribute field of the data.
Each data is correspondingly provided with an owner attribute field, namely an authority user account attribute field; the owner attribute field is a built-in attribute field, which can be written into multiple values and can be modified or reset; the user account corresponding to the user account information in the owner attribute field has the authority to access the corresponding data;
The system monitors the user account in real time, and when a new first user account or a new second user account is monitored, the user account information of the first user account and the second user account is written into the owner attribute field.
The embodiment can reasonably set the access rights for the first user account and the second user account.
Further, in a fourth embodiment of the data rights management method according to the present invention, which is set forth based on the first embodiment of the present invention, the step S20 includes the steps of:
step S40, obtaining initial authority information in the authority setting instruction;
And S50, dividing the data into public data and private data according to the initial authority information.
Different kinds of sub-data are contained in one data, such as contact name, mobile phone number, mailbox address, telephone, basic information of a contact, etc. are contained in contact information data of a certain contact; when browsing a plurality of contact lists, the contact names are required to be displayed for selection by a user, at this time, the contact names in the contact data can be set as public data, and other mobile phone numbers, mailbox addresses, telephones, basic information of contacts and the like are set as private data; when the sub data in the data is public data, the sub data can be accessed without access permission; when the sub data in the data is private data, only the user account with the access right corresponding to the data can be accessed.
It can be understood that the public data and the private data in the data can be adjusted subsequently, and the access right of the data can be adjusted in real time according to the adjusted data attribute.
The embodiment can meet the requirements of general work on the premise of protecting data safety.
Further, in a fifth embodiment of the data rights management method according to the present invention set forth in the first embodiment of the present invention, the method further includes the steps of:
step S60, when an access request of the data, which is sent by a third user account, is received, acquiring identity information of the third user account in the access request;
step S70, judging whether the third user account is an access right user account corresponding to the data according to the identity information;
And step S80, if yes, allowing the third user account to access the data.
And if not, prohibiting the third user account from accessing the data.
Judging whether the user account has access rights to the access data according to the access request of the user account, and allowing or prohibiting the third user to access the data according to the judging result.
In this embodiment, in addition to determining that the access request is to access the data of the user account, when the user account logs in, the data may be filtered, and only the data having the access right of the user account is displayed for the user account.
The step S70 includes the steps of:
step S71, obtaining a permission user account attribute field corresponding to the data;
Step S72, judging whether the identity information is matched with the user account information in the attribute field of the authority user account;
step S73, if the identity information is matched with the user account information in the attribute field of the authority user account, the third user account is the access authority user account corresponding to the data.
If the identity information is not matched with the user account information in the authority user account attribute field, the third user account is not the access authority user account corresponding to the data.
The user account attribute field comprises at least one piece of user account information, and when the account information of the user account which requests to access is matched with one piece of user account information in the user account attribute field, the user account is indicated to have the authority of accessing the data, and the user account is the user account with the access authority corresponding to the data.
The embodiment can reasonably judge whether the user account has the access right.
The application also provides an electronic device for implementing the data authority management method, which comprises:
The first acquisition module is used for acquiring the authority label in the authority setting instruction and the data corresponding to the authority setting instruction when the authority setting instruction is received;
The first execution module is used for acquiring the association tag of the data associated user account and setting the access authority user account corresponding to the data according to the association tag and the authority tag;
and the second execution module is used for adjusting the access right user account corresponding to the data according to the adjusted associated label when the associated label of the user account is detected to be adjusted.
It should be noted that, the first obtaining module in this embodiment may be used to perform step S10 in the embodiment of the present application, the first performing module in this embodiment may be used to perform step S20 in the embodiment of the present application, and the third performing module in this embodiment may be used to perform step S30 in the embodiment of the present application.
The access authority user account corresponding to the data is preset according to the association between the user account and the data, and the access authority user account corresponding to the data is regulated according to the change of the association between the user account and the data, so that the data access authority can be regulated in real time, management is convenient, and meanwhile, the control complexity is reduced.
Further, the first execution module includes:
The first acquisition sub-module is used for acquiring a first user account which is associated with the data and matched with the permission label by an associated label;
and the first execution sub-module is used for setting the access authority user account according to the first user account.
Further, the first execution unit includes:
The first acquisition unit is used for acquiring a second user account marked with an inheritor label on the first user account;
the first execution unit is used for taking the first user account and the second user account as access authority user accounts;
further, the first execution unit includes:
The first acquisition subunit is used for acquiring the user account information of the first user account and the second user account;
and the first execution subunit is used for writing the user account information into the authority user account attribute field of the data.
Further, the electronic device further includes:
the second acquisition module is used for acquiring the initial authority information in the authority setting instruction;
And the third execution module is used for dividing the data into public data and private data according to the initial authority information.
Further, the electronic device further includes:
The third acquisition module is used for acquiring the identity information of a third user account in the access request when receiving the access request of the data, which is sent by the third user account;
the first judging module is used for judging whether the third user account is an access right user account corresponding to the data according to the identity information;
And the fourth execution module is used for allowing the third user account to access the data when the third user account is the access authority user account corresponding to the data.
Further, the first judging module includes:
The second acquisition sub-module is used for acquiring the attribute field of the account number of the authority user corresponding to the data;
the first judging sub-module is used for judging whether the identity information is matched with the user account information in the authority user account attribute field;
and the second execution sub-module is used for determining that the third user account is the access authority user account corresponding to the data when the identity information is matched with the user account information in the authority user account attribute field.
It should be noted that the above modules are the same as examples and application scenarios implemented by the corresponding steps, but are not limited to what is disclosed in the above embodiments. It should be noted that, the above modules may be implemented in software as a part of the apparatus, or may be implemented in hardware, where the hardware environment includes a network environment.
Referring to fig. 3, the server may include components such as a communication module 10, a memory 20, and a processor 30 in a hardware configuration. In the server, the processor 30 is connected to the memory 20 and the communication module 10, respectively, and the memory 20 stores a computer program, and the computer program is executed by the processor 30 at the same time, where the computer program implements the steps of the method embodiments described above.
The communication module 10 is connectable to an external communication device via a network. The communication module 10 may receive a request sent by an external communication device, and may also send a request, an instruction, and information to the external communication device, where the external communication device may be another server, a server, or an internet of things device, such as a television, and so on.
The memory 20 is used for storing software programs and various data. The memory 20 may mainly include a memory program area and a memory data area, wherein the memory program area may store an operating system, an application program required for at least one function (such as acquiring a first user account number associated with the data and an associated tag matching the rights tag), etc.; the storage data area may include a database, may store data or information created according to the use of the system, and the like. In addition, the memory 20 may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid-state storage device.
The processor 30, which is a control center of the server, connects various parts of the entire server using various interfaces and lines, performs various functions of the server and processes data by running or executing software programs and/or modules stored in the memory 20, and calling data stored in the memory 20, thereby performing overall monitoring of the server. Processor 30 may include one or more processing units; alternatively, the processor 30 may integrate an application processor that primarily handles operating systems, user account interfaces, applications, etc., with a modem processor that primarily handles wireless communications. It will be appreciated that the modem processor described above may not be integrated into the processor 30.
Although not shown in fig. 3, the server may further include a circuit control module, which is used to connect with a power source to ensure normal operation of other components. Those skilled in the art will appreciate that the server architecture shown in fig. 3 is not limiting of the server and may include more or fewer components than shown, or may combine certain components, or a different arrangement of components.
The present invention also proposes a computer-readable storage medium on which a computer program is stored. The computer readable storage medium may be the Memory 20 in the server of fig. 3, or may be at least one of ROM (Read-Only Memory)/RAM (Random Access Memory ), magnetic disk, or optical disk, and the computer readable storage medium includes several instructions for causing a terminal device (which may be a television, an automobile, a mobile phone, a computer, a server, a terminal, or a network device) having a processor to perform the method according to the embodiments of the present invention.
In the present invention, the terms "first", "second", "third", "fourth", "fifth" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance, and the specific meaning of the above terms in the present invention will be understood by those of ordinary skill in the art depending on the specific circumstances.
In the description of the present specification, a description referring to terms "one embodiment," "some embodiments," "examples," "specific examples," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present invention. In this specification, schematic representations of the above terms are not necessarily directed to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. Furthermore, the different embodiments or examples described in this specification and the features of the different embodiments or examples may be combined and combined by those skilled in the art without contradiction.
Although embodiments of the present invention have been shown and described above, the scope of the present invention is not limited thereto, and it should be understood that the above embodiments are exemplary and should not be construed as limiting the present invention, and that variations, modifications and substitutions of the above embodiments may be made by those skilled in the art within the scope of the present invention, and are intended to be included in the scope of the present invention. Therefore, the protection scope of the invention is subject to the protection scope of the claims.
Claims (8)
1. A method of data rights management, the method comprising:
when a permission setting instruction is received, acquiring a permission label in the permission setting instruction and data corresponding to the permission setting instruction;
Acquiring an association tag of the data associated user account, and setting an access authority user account corresponding to the data according to the association tag and the authority tag;
When the adjustment of the association tag of the user account is detected, adjusting the access right user account corresponding to the data according to the adjusted association tag;
The step of obtaining the association tag of the data associated user account and setting the access authority user account corresponding to the data according to the association tag and the authority tag comprises the following steps:
acquiring a first user account number which is associated with the data and matched with the permission label by an associated label;
Setting the access right user account according to the first user account;
the step of setting the access right user account according to the first user account includes:
acquiring a second user account marked with an inheritor label on the first user account;
And taking the first user account and the second user account as access authority user accounts.
2. The data rights management method of claim 1, wherein the step of taking the first user account and the second user account as access rights user accounts comprises:
acquiring user account information of the first user account and the second user account;
And writing the user account information into a right user account attribute field of the data.
3. The method for managing data authority according to claim 1, wherein the steps of obtaining the association tag of the data associated user account, and setting the access authority user account corresponding to the data according to the association tag and the authority tag include:
acquiring initial authority information in the authority setting instruction;
And dividing the data into public data and private data according to the initial authority information.
4. The data rights management method of claim 1, wherein the method further comprises:
when an access request of the data, which is sent by a third user account, is received, acquiring identity information of the third user account in the access request;
Judging whether the third user account is an access right user account corresponding to the data according to the identity information;
And if yes, allowing the third user account to access the data.
5. The method of claim 4, wherein the step of determining whether the third user account is an access right user account corresponding to the data according to the identity information comprises:
acquiring a permission user account attribute field corresponding to the data;
judging whether the identity information is matched with the user account information in the authority user account attribute field;
and if the identity information is matched with the user account information in the authority user account attribute field, the third user account is the access authority user account corresponding to the data.
6. An electronic device, the electronic device comprising:
The first acquisition module is used for acquiring the authority label in the authority setting instruction and the data corresponding to the authority setting instruction when the authority setting instruction is received;
The first execution module is used for acquiring the association tag of the data associated user account and setting the access authority user account corresponding to the data according to the association tag and the authority tag;
The second execution module is used for adjusting the access right user account corresponding to the data according to the adjusted associated label when the associated label of the user account is detected to be adjusted;
The first execution module includes:
The first acquisition sub-module is used for acquiring a first user account which is associated with the data and matched with the permission label by an associated label;
the first execution sub-module is used for setting the access authority user account according to the first user account;
Further, the first execution submodule includes:
The first acquisition unit is used for acquiring a second user account marked with an inheritor label on the first user account;
And the first execution unit is used for taking the first user account and the second user account as access authority user accounts.
7. A server comprising a memory, a processor and a computer program stored on the memory and executable on the processor, which when executed by the processor implements the steps of the data rights management method of any of claims 1 to 5.
8. A computer readable storage medium, characterized in that the computer readable storage medium has stored thereon a computer program which, when executed by a processor, implements the steps of the data rights management method according to any of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110759633.0A CN113505389B (en) | 2021-07-05 | 2021-07-05 | Data authority management method, electronic device, server and readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110759633.0A CN113505389B (en) | 2021-07-05 | 2021-07-05 | Data authority management method, electronic device, server and readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113505389A CN113505389A (en) | 2021-10-15 |
| CN113505389B true CN113505389B (en) | 2024-08-02 |
Family
ID=78011607
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110759633.0A Active CN113505389B (en) | 2021-07-05 | 2021-07-05 | Data authority management method, electronic device, server and readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113505389B (en) |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111814179A (en) * | 2020-06-29 | 2020-10-23 | 中国平安人寿保险股份有限公司 | User authority management and data control method and related equipment thereof |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107633184A (en) * | 2017-10-19 | 2018-01-26 | 上海砾阳软件有限公司 | A kind of database and method and apparatus for being used to manage user right |
| CN109360114A (en) * | 2018-10-15 | 2019-02-19 | 北京字节跳动网络技术有限公司 | Method and apparatus for handling information |
| CN111143793B (en) * | 2019-12-13 | 2021-05-28 | 支付宝(杭州)信息技术有限公司 | Access control method and access control device |
| CN111490981B (en) * | 2020-04-01 | 2022-02-01 | 广州虎牙科技有限公司 | Access management method and device, bastion machine and readable storage medium |
-
2021
- 2021-07-05 CN CN202110759633.0A patent/CN113505389B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111814179A (en) * | 2020-06-29 | 2020-10-23 | 中国平安人寿保险股份有限公司 | User authority management and data control method and related equipment thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113505389A (en) | 2021-10-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7584201B2 (en) | Management of mobile-device data | |
| US8539553B2 (en) | System and method for managing delivery of internet content | |
| US20080043696A1 (en) | Method and System for Mobile Terminals to Share Storage Space | |
| CN107995286B (en) | Automatic service starting and stopping method based on dubbo platform, server and storage medium | |
| CA3152835A1 (en) | Dimension data processing method and apparatus, computer device, and storage medium | |
| CN101754187B (en) | Management method for connection setting and terminal thereof | |
| CN107545637A (en) | The Activiation method and server of a kind of electronic lock | |
| CN113032050A (en) | Configuration center access method, system, electronic device and storage medium | |
| CN103428370B (en) | Mobile phone and multi-user control method thereof | |
| CN105207989A (en) | Multi-dimensional user workbench system and control method thereof | |
| WO2017140154A1 (en) | Method and system for security information management based on intelligent platform | |
| CN113505389B (en) | Data authority management method, electronic device, server and readable storage medium | |
| CN109076005B (en) | VPN line switching method and device and electronic equipment | |
| CN105447384B (en) | A kind of anti-method monitored, system and mobile terminal | |
| CN111897843B (en) | Configuration method and device of data flow strategy of Internet of things and computer equipment | |
| US9652630B2 (en) | Enhanced view compliance tool | |
| CN111339173A (en) | Data sharing method, server and readable storage medium | |
| CN104639666A (en) | Domain name access method and device | |
| CN104346228A (en) | Application program sharing method and terminal | |
| CN114040378B (en) | Method, device, computer equipment and storage medium for arranging application | |
| CN113609460A (en) | Page loading method and system based on user permission | |
| CN107172097B (en) | Efficient message sending method and system | |
| CN107483738B (en) | Communication information processing method based on dual systems, mobile terminal and storage medium | |
| US20110283192A1 (en) | System and method for data management in a communication device | |
| CN111757326B (en) | Vulnerability prevention and control method, vulnerability prevention and control device, mobile terminal and computer readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |