CN113971005A - Control method, device and system for space application permission - Google Patents

Control method, device and system for space application permission Download PDF

Info

Publication number
CN113971005A
CN113971005A CN202111263026.1A CN202111263026A CN113971005A CN 113971005 A CN113971005 A CN 113971005A CN 202111263026 A CN202111263026 A CN 202111263026A CN 113971005 A CN113971005 A CN 113971005A
Authority
CN
China
Prior art keywords
data
block
accessed
user
block code
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111263026.1A
Other languages
Chinese (zh)
Inventor
肖健
罗亚
白富权
齐小玲
殷国栋
刘海芹
郑琴文
王建恭
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Shuhui System Technology Co ltd
Original Assignee
Shanghai Shuhui System Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Shuhui System Technology Co ltd filed Critical Shanghai Shuhui System Technology Co ltd
Priority to CN202111263026.1A priority Critical patent/CN113971005A/en
Publication of CN113971005A publication Critical patent/CN113971005A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0628Interfaces specially adapted for storage systems making use of a particular technique
    • G06F3/0629Configuration or reconfiguration of storage systems
    • G06F3/0637Permissions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/248Presentation of query results
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/29Geographical information databases

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • Computational Linguistics (AREA)
  • Computing Systems (AREA)
  • Remote Sensing (AREA)
  • Human Computer Interaction (AREA)
  • Storage Device Security (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The application discloses a method, a device and a system for controlling space application permission, wherein an access instruction is obtained, user role information of an access user side for outputting the access instruction is determined based on the access instruction, a block code to be accessed on a map matched with the user role information is determined based on the user role information, and block data to be accessed matched with the block code to be accessed is fed back. According to the scheme, when the access instruction is obtained, the user role information of the access user side outputting the access instruction can be obtained, so that the block code to be accessed which is matched with the user is the information is determined, the block data to be accessed which is matched with the block code to be accessed can be output, the block data to be accessed which is matched with the block code to be accessed is output based on the user role of the access user side, authority control of different blocks on a map is achieved according to the role, and data filtering matched with the role is achieved.

Description

Control method, device and system for space application permission
Technical Field
The present application relates to the field of authority control, and in particular, to a method, an apparatus, and a system for controlling spatial application authority.
Background
At present, for the display of spatial data, the display and query of full data can be usually performed only according to roles, and block management and control cannot be performed on the space.
Disclosure of Invention
In view of this, the present application provides a method, an apparatus, and a system for controlling a spatial application authority, and the specific scheme is as follows:
a control method of space application authority comprises the following steps:
obtaining an access instruction;
determining user role information of an access user side for outputting the access instruction based on the access instruction;
determining a block code to be accessed on a map matched with the user role information based on the user role information;
and feeding back the data of the block to be accessed which is matched with the code of the block to be accessed.
Further, the feedback of the data of the block to be accessed, which is matched with the code of the block to be accessed, includes:
and determining block data matched with the block code to be accessed in the spatial data acquired based on the geographic information service request as block data to be accessed, and feeding back the block data to be accessed to an access user side outputting the access instruction.
Further, the method also comprises the following steps:
obtaining full data of a map;
determining business data and spatial data in the full data so as to determine user role information based on the business data and determine block data to be accessed based on the spatial data, wherein the business data at least comprises user role attribute information, and the spatial data at least comprises: and information for controlling the layer space information attribute.
Further, the method also comprises the following steps:
determining block codes corresponding to the data of each dimension in the spatial data respectively;
and dynamically storing the data of each dimension and the corresponding block code correspondingly.
Further, the feedback of the data of the block to be accessed, which is matched with the code of the block to be accessed, includes:
obtaining a first block code input by the access user side, wherein the block code to be accessed at least comprises the first block code;
determining first block data matched with the first block code, and outputting the first block data, wherein the block data to be accessed at least comprises the first block data.
An apparatus for controlling spatial application authority, comprising:
an obtaining unit configured to obtain an access instruction;
a first determination unit configured to determine user role information of an access user side that outputs the access instruction based on the access instruction;
a second determination unit configured to determine a block code to be accessed on a map that matches the user role information based on the user role information;
and the output unit is used for feeding back the to-be-accessed block data matched with the to-be-accessed block code.
Further, the method also comprises the following steps:
a third determining unit, configured to obtain full data of a map, determine service data and spatial data in the full data so as to be able to determine user role information based on the service data, and determine block data to be accessed based on the spatial data, where the service data at least includes user role attribute information, and the spatial data at least includes: and information for controlling the layer space information attribute.
Further, the method also comprises the following steps:
and the storage unit is used for determining the block codes corresponding to the data of each dimension in the spatial data respectively and storing the data of each dimension and the corresponding block codes correspondingly and dynamically.
Further, the output unit is configured to:
obtaining a first block code input by the access user side, wherein the block code to be accessed at least comprises the first block code, determining first block data matched with the first block code, and outputting the first block data, wherein the block data to be accessed at least comprises the first block data.
A control system for spatial application rights, comprising:
at least one user side for outputting access instructions;
the application server is used for obtaining an access instruction, determining user role information of a user side outputting the access instruction based on the access instruction, determining a block code to be accessed on a map matched with the user role information based on the user role information, and feeding back block data to be accessed matched with the block code to be accessed.
According to the technical scheme, the control method, the device and the system for the space application permission obtain the access instruction, determine user role information of an access user side for outputting the access instruction based on the access instruction, determine the block code to be accessed on the map matched with the user role information based on the user role information, and feed back the block data to be accessed matched with the block code to be accessed. According to the scheme, when the access instruction is obtained, the user role information of the access user side outputting the access instruction can be obtained, so that the block code to be accessed which is matched with the user is the information is determined, the block data to be accessed which is matched with the block code to be accessed can be output, the block data to be accessed which is matched with the block code to be accessed is output based on the user role of the access user side, authority control of different blocks on a map is achieved according to the role, and data filtering matched with the role is achieved.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart of a method for controlling spatial application permission disclosed in an embodiment of the present application;
fig. 2 is a schematic diagram illustrating permissions corresponding to role information of a user side according to an embodiment of the present application;
fig. 3 is a flowchart of a method for controlling spatial application permission disclosed in an embodiment of the present application;
fig. 4 is a flowchart of a method for controlling spatial application permission disclosed in an embodiment of the present application;
FIG. 5 is a schematic diagram illustrating an example of accessing spatial services through a proxy layer according to the disclosure;
FIG. 6 is a schematic diagram illustrating an example of spatial data access via multiple servers according to the disclosure;
fig. 7 is a schematic structural diagram of a control apparatus for spatial application authority disclosed in an embodiment of the present application;
fig. 8 is a schematic structural diagram of a control system for spatial application permission disclosed in an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The application discloses a method for controlling space application permission, a flow chart of which is shown in figure 1, and the method comprises the following steps:
step S11, obtaining an access instruction;
step S12, determining user role information of the access user side for outputting the access instruction based on the access instruction;
step S13, determining the block code to be accessed on the map matched with the user role information based on the user role information;
and step S14, feeding back the data of the to-be-accessed blocks matched with the codes of the to-be-accessed blocks.
In map-like graphic data management, at present, business data query and display are mostly provided, business data are controlled according to roles of users who perform map query, existing spatial data are bound for browsing, and the spatial data can only perform full data display and query and cannot meet the requirement of block authority control in space.
For example: in general, maps are base map data on which administrative districts, place name information, city road networks, and the like are superimposed.
In the existing scheme, mostly, service data is used as guidance to perform service data management and control, the management and control force on spatial data is only limited to the processing of a data source, and full-volume full-layer data management and control processing is performed, for example: when a certain district in a certain city finds an epidemic situation, only closed management and control can be performed on the whole district, and the district management and control or the zoning management and control cannot be refined.
In order to solve the problem, in the scheme, the data of the corresponding block is displayed and inquired according to the role and the authority of the user so as to ensure the management and control of the block.
The scheme disclosed in this embodiment is implemented based on an application server, where the application server obtains an access instruction sent by a user side, and determines user role information of an access user side that outputs the access instruction based on the access instruction.
When a user side needs to display a map, the user side can output an access instruction to request for accessing a map block, at the moment, the application server can obtain the access instruction, and can determine role information corresponding to a user account on which the user side outputting the access instruction is based on the obtained access instruction.
The access instruction output by each user side carries the user side account information, the user account outputting the access instruction can be directly determined based on the obtained access instruction, meanwhile, the role information of each user account is prestored in the application server, and the corresponding authority information is obtained through the role information request service interface, so that the application server can directly determine the account and the role information of the user side outputting the access instruction based on the access instruction after obtaining the access instruction.
After determining the user role information of the user side, the application server searches the block code matched with the user role information based on the corresponding relation between the pre-stored user role information and the authority. The application server stores role information of each user account in advance, acquires corresponding authority information through a role information request service interface, and the authority information is codes of map blocks which can be accessed by the role information and is matched with space attribute block codes in map data through code identification so as to call different blocks in a map based on the codes.
Therefore, after the user role is determined, the block code on the map matched with the user role stored in the application server is determined, and then the application server feeds back to the user side the map block corresponding to the block code, namely, the user side can obtain and display the block map which only has the authority for the user side, and the position of the map which does not have the authority for the user side cannot be obtained by the user side and cannot be displayed at the user side.
Specifically, the block data matched with the block code to be accessed in the spatial data acquired based on the geographic information service request is determined as the block data to be accessed, and the block data to be accessed is fed back to the access user side outputting the access instruction, so that the data security is ensured.
For example: the application server obtains an access instruction, determines that the access instruction is output by a first account based on account information carried by the access instruction, and feeds back a block map of a block corresponding to a city-level user to the user side if the application server stores the city-level user corresponding to the first account.
As shown in fig. 2, the user role of the user terminal only has the authority of "anlong county", so that the whole map is displayed on the application server, and the map block fed back to the user terminal by the application server only includes the map block of the administrative district "anlong county" in the box shown in fig. 2, and the user terminal can only obtain and display the map block in the box.
The method for controlling the spatial application permission, disclosed by the embodiment, includes obtaining an access instruction, determining user role information of an access user side for outputting the access instruction based on the access instruction, determining a block code to be accessed on a map matched with the user role information based on the user role information, and feeding back block data to be accessed matched with the block code to be accessed. According to the scheme, when the access instruction is obtained, the user role information of the access user side outputting the access instruction can be obtained, so that the block code to be accessed which is matched with the user is the information is determined, the block data to be accessed which is matched with the block code to be accessed can be output, the block data to be accessed which is matched with the block code to be accessed is output based on the user role of the access user side, authority control of different blocks on a map is achieved according to the role, and data filtering matched with the role is achieved.
The embodiment discloses a method for controlling space application permission, a flowchart of which is shown in fig. 3, and the method comprises the following steps:
step S31, obtaining the full data of the map;
step S32, determining service data and spatial data in the total data, wherein the service data at least comprises user role attribute information, and the spatial data at least comprises information for controlling layer spatial information attributes;
step S33, obtaining an access instruction;
step S34, determining user role information of the access user side for outputting the access instruction based on the access instruction and the service data;
step S35, determining the block code to be accessed on the map matched with the user role information based on the user role information and the spatial data;
and step S36, feeding back the data of the to-be-accessed blocks matched with the codes of the to-be-accessed blocks.
The full amount of data of the map, i.e. all data related to the map. The total data at least comprises service data and spatial data, wherein the service data at least comprises user role attribute information, the user role information can be determined based on the service data, the spatial data at least comprises information used for controlling the layer spatial information attribute, and the block data to be accessed can be determined based on the spatial data.
The service data may be data that needs to be used by the service logic of the control layer, and is usually object attribute information, such as: human subject, gender: male, age: 20, wherein gender and age are the attribute information of the person, which can be determined as business data; the service data is usually stored in a service database of the application server, and the user side accesses and acquires the service data through a service interface for user role control and service logic processing of the user side.
The spatial data refers to attributes of control layer spatial information, such as: the space data is data in a map, and the space data can contain attributes such as coordinate data, graphic display resolution, scale, graphic hierarchy, graphic grid block identification and the like.
The business data is used for simple filtering to determine the role information of the user, the determination of the role information of the user can be determined only based on the account information of the user, and if the data of the block to be accessed is to be determined, the user role information is required, and the data of different administrative blocks, graphic levels, resolution ratios and the like on a map, namely spatial data, are also required.
The user role information may include: system administrator, common user, provincial user, city user, county user, etc.; the blocks are generally divided into administrative regions, that is, national administrative regions, such as: shanghai city administration scope, etc.
Further, the method for controlling the space application permission disclosed in this embodiment may further include:
and determining block codes corresponding to the data of each dimension in the spatial data respectively, and dynamically storing the data of each dimension and the corresponding block codes correspondingly.
After business data and spatial data are determined from the full data, the business data and the spatial data are respectively stored, and in the process of storing the spatial data, the spatial data need to be firstly arranged and combined, spatial data matrix processing is carried out, and multidimensional data are converted and stored into a two-dimensional data form to be output.
The multi-dimensional data in the spatial data is transferred and stored into a two-dimensional data form, so that the spatial data comprises a plurality of two-dimensional data, each two-dimensional data is stored respectively, a block code is allocated to each two-dimensional data in the storage process, and therefore when a user calls the spatial data, the user calls the spatial data based on the block code, the data of any dimension in the spatial data can be called independently, meanwhile, the corresponding block code is allocated to each user according to the role information of the user, the corresponding block can be called based on different user roles, the block which can be called can be realized by taking the two-dimensional data as a unit, the independent calling of the data of any dimension in the spatial data is ensured, and the safety of the data is ensured.
The multi-dimensional data is transferred into two-dimensional data, which can be: and storing the multidimensional data into two-dimensional data according to the administrative area range, storing the two-dimensional data according to the road network layer, storing the two-dimensional data according to the city name and the like.
The code setting for the space data may be: carrying out raster data naming on the spatial data in an image pyramid mode, and binding codes, such as: the map is formed by splicing 1-9 blocks of Sudoku numbers, each block has a number, and the number is a block code.
Dividing different block viewing permissions for different roles, such as: 1-9 are total provinces, 1-5 are city 1 areas, 6-9 are city 2 areas, provincial users can see all areas of Sudoku 1-9, city 1 level users can only see the area corresponding to 1-5, city 2 level users can only see the area corresponding to 6-9, different users have different authorities, each user has corresponding attribute, namely authority code, and area authority can be obtained according to the authority code, such as: the permission code of the city 1 level user is 12345, and the corresponding block of the viewable space data is 12345, that is, the region permission is 12345.
The method for controlling the spatial application permission, disclosed by the embodiment, includes obtaining an access instruction, determining user role information of an access user side for outputting the access instruction based on the access instruction, determining a block code to be accessed on a map matched with the user role information based on the user role information, and feeding back block data to be accessed matched with the block code to be accessed. According to the scheme, when the access instruction is obtained, the user role information of the access user side outputting the access instruction can be obtained, so that the block code to be accessed which is matched with the user is the information is determined, the block data to be accessed which is matched with the block code to be accessed can be output, the block data to be accessed which is matched with the block code to be accessed is output based on the user role of the access user side, authority control of different blocks on a map is achieved according to the role, and data filtering matched with the role is achieved.
The embodiment discloses a method for controlling space application permission, a flowchart of which is shown in fig. 4, and the method comprises the following steps:
step S41, obtaining an access instruction;
step S42, determining user role information of the access user side for outputting the access instruction based on the access instruction;
step S43, determining the block code to be accessed on the map matched with the user role information based on the user role information;
step S44, obtaining a first block code input by an access user side, wherein the block code to be accessed at least comprises the first block code;
step S45, determining first tile data matching the first tile code, and outputting the first tile data, where the tile data to be accessed at least includes the first tile data.
When the user side outputs an access instruction and the application server determines the block matched with the user role information of the user side based on the access instruction, the application server directly outputs all the block codes with the access authority of the user role to the user side so that the user side can select a first block code from all the block codes with the access authority.
The method comprises the steps of selecting codes corresponding to blocks needing to be displayed from all block codes with access rights, sending a first block code selected by a user side to an application server, so that the application server can filter all block data corresponding to other block codes except the first block code from all block codes with access rights of user roles, and returning only the data corresponding to the first block code in all spatial data to the user side, so that the first block data corresponding to the first block code can be displayed on the user side, the block data corresponding to other block codes except the first block code can not be displayed, and the data corresponding to the block codes with access rights of the user roles corresponding to the user side can not be displayed no matter whether the data are displayed.
As shown in fig. 5, the schematic diagram of accessing a space service through a proxy layer is shown, where the space service is a cloud end storing space data, the proxy layer is implemented on the basis of an application server, and the logical processing of the proxy layer is performed on the application server.
The client, namely a user side outputs an access instruction to an application server, the application server outputs a block code matched with the user role information based on the access instruction, the client selects a first block code from the block code and transmits the first block code to a proxy layer through the application server after receiving the block code with the access authority, the proxy layer accesses a space service, namely space graphic data is obtained from a cloud end, data filtering is carried out according to the first block code, space graphic data matched with the first block code, namely the first block data, is obtained, and the first block data is fed back to the client so as to be displayed through the client.
Furthermore, when a plurality of servers store and manage data, the data are accessed and requested by using gateway processing such as VPN (virtual private network) and a gateway for data security, and the data of the service layer are controlled through the main server.
Specifically, as shown in fig. 6, each client interacts with the main server to determine a block code corresponding to a user role of the client that outputs an access instruction, after the client outputs a first block code to the main server, the main server controls the proxy server to request the space data stored by the map server, and the map server returns the space map data corresponding to the first block code to the proxy server, and the proxy server feeds the space map data back to the client.
The method for controlling the spatial application permission, disclosed by the embodiment, includes obtaining an access instruction, determining user role information of an access user side for outputting the access instruction based on the access instruction, determining a block code to be accessed on a map matched with the user role information based on the user role information, and feeding back block data to be accessed matched with the block code to be accessed. According to the scheme, when the access instruction is obtained, the user role information of the access user side outputting the access instruction can be obtained, so that the block code to be accessed which is matched with the user is the information is determined, the block data to be accessed which is matched with the block code to be accessed can be output, the block data to be accessed which is matched with the block code to be accessed is output based on the user role of the access user side, authority control of different blocks on a map is achieved according to the role, and data filtering matched with the role is achieved.
The embodiment discloses a control device for space application permission, a schematic structural diagram of which is shown in fig. 7, and the control device comprises:
an obtaining unit 71, a first determining unit 72, a second determining unit 73 and an output unit 74.
Wherein the obtaining unit 71 is configured to obtain an access instruction;
the first determining unit 72 is configured to determine user role information of an access user side that outputs an access instruction based on the access instruction;
the second determination unit 73 is configured to determine a to-be-accessed block code on a map that matches the user role information based on the user role information;
the output unit 74 is used for feeding back the to-be-accessed block data matched with the to-be-accessed block code.
In map-like graphic data management, at present, business data query and display are mostly provided, business data are controlled according to roles of users who perform map query, existing spatial data are bound for browsing, and the spatial data can only perform full data display and query and cannot meet the requirement of block authority control in space.
For example: in general, maps are base map data on which administrative districts, place name information, city road networks, and the like are superimposed.
In the existing scheme, mostly, service data is used as guidance to perform service data management and control, the management and control force on spatial data is only limited to the processing of a data source, and full-volume full-layer data management and control processing is performed, for example: and if the new Pudong area in Shanghai is found to be epidemic situation, only closed control can be performed on the whole new Pudong area, and the cell control or the zoning control cannot be refined.
In order to solve the problem, in the scheme, the data of the corresponding block is displayed and inquired according to the role and the authority of the user so as to ensure the management and control of the block.
The scheme disclosed in this embodiment is implemented based on an application server, where the application server obtains an access instruction sent by a user side, and determines user role information of an access user side that outputs the access instruction based on the access instruction.
When a user side needs to display a map, the user side can output an access instruction to request for accessing a map block, at the moment, the application server can obtain the access instruction, and can determine role information corresponding to a user account on which the user side outputting the access instruction is based on the obtained access instruction.
The access instruction output by each user side carries the user side account information, the user account outputting the access instruction can be directly determined based on the obtained access instruction, meanwhile, the role information of each user account is prestored in the application server, and the corresponding authority information is obtained through the role information request service interface, so that the application server can directly determine the account and the role information of the user side outputting the access instruction based on the access instruction after obtaining the access instruction.
After determining the user role information of the user side, the application server searches the block code matched with the user role information based on the corresponding relation between the pre-stored user role information and the authority. The application server stores role information of each user account in advance, acquires corresponding authority information through a role information request service interface, and the authority information is codes of map blocks which can be accessed by the role information and is matched with space attribute block codes in map data through code identification so as to call different blocks in a map based on the codes.
Therefore, after the user role is determined, the block code on the map matched with the user role stored in the application server is determined, and then the application server feeds back to the user side the map block corresponding to the block code, namely, the user side can obtain and display the block map which only has the authority for the user side, and the position of the map which does not have the authority for the user side cannot be obtained by the user side and cannot be displayed at the user side.
Specifically, the block data matched with the block code to be accessed in the spatial data acquired based on the geographic information service request is determined as the block data to be accessed, and the block data to be accessed is fed back to the access user side outputting the access instruction, so that the data security is ensured.
For example: the application server obtains an access instruction, determines that the access instruction is output by a first account based on account information carried by the access instruction, and feeds back a block map of a block corresponding to a city-level user to the user side if the application server stores the city-level user corresponding to the first account.
As shown in fig. 2, the user role of the user terminal only has the authority of "anlong county", so that the whole map is displayed on the application server, and the map block fed back to the user terminal by the application server only includes the map block of the administrative district "anlong county" in the box shown in fig. 2, and the user terminal can only obtain and display the map block in the box.
Further, the control device disclosed in this embodiment may further include: a third determination unit, wherein:
a third determining unit, configured to obtain full data of the map, determine service data and spatial data in the full data, so as to determine user role information based on the service data, and determine block data to be accessed based on the spatial data, where the service data at least includes user role attribute information, and the spatial data at least includes: and information for controlling the layer space information attribute.
The full amount of data of the map, i.e. all data related to the map. The total data at least comprises service data and spatial data, wherein the service data at least comprises user role attribute information, the user role information can be determined based on the service data, the spatial data at least comprises information used for controlling the layer spatial information attribute, and the block data to be accessed can be determined based on the spatial data.
The service data may be data that needs to be used by the service logic of the control layer, and is usually object attribute information, such as: human subject, gender: male, age: 20, wherein gender and age are the attribute information of the person, which can be determined as business data; the service data is usually stored in a service database of the application server, and the user side accesses and acquires the service data through a service interface for user role control and service logic processing of the user side.
The spatial data refers to attributes of control layer spatial information, such as: the space data is data in a map, and the space data can contain attributes such as coordinate data, graphic display resolution, scale, graphic hierarchy, graphic grid block identification and the like.
The business data is used for simple filtering to determine the role information of the user, the determination of the role information of the user can be determined only based on the account information of the user, and if the data of the block to be accessed is to be determined, the user role information is required, and the data of different administrative blocks, graphic levels, resolution ratios and the like on a map, namely spatial data, are also required.
The user role information may include: system administrator, common user, provincial user, city user, county user, etc.; the blocks are generally divided into administrative regions, that is, national administrative regions, such as: shanghai city administration scope, etc.
Further, the output unit is further configured to:
and determining block codes corresponding to the data of each dimension in the spatial data respectively, and dynamically storing the data of each dimension and the corresponding block codes correspondingly.
After business data and spatial data are determined from the full data, the business data and the spatial data are respectively stored, and in the process of storing the spatial data, the spatial data need to be firstly arranged and combined, spatial data matrix processing is carried out, and multidimensional data are converted and stored into a two-dimensional data form to be output.
The multi-dimensional data in the spatial data is transferred and stored into a two-dimensional data form, so that the spatial data comprises a plurality of two-dimensional data, each two-dimensional data is stored respectively, a block code is allocated to each two-dimensional data in the storage process, and therefore when a user calls the spatial data, the user calls the spatial data based on the block code, the data of any dimension in the spatial data can be called independently, meanwhile, the corresponding block code is allocated to each user according to the role information of the user, the corresponding block can be called based on different user roles, the block which can be called can be realized by taking the two-dimensional data as a unit, the independent calling of the data of any dimension in the spatial data is ensured, and the safety of the data is ensured.
The multi-dimensional data is transferred into two-dimensional data, which can be: and storing the multidimensional data into two-dimensional data according to the administrative area range, storing the two-dimensional data according to the road network layer, storing the two-dimensional data according to the city name and the like.
The code setting for the space data may be: carrying out raster data naming on the spatial data in an image pyramid mode, and binding codes, such as: the map is formed by splicing 1-9 blocks of Sudoku numbers, each block has a number, and the number is a block code.
Dividing different block viewing permissions for different roles, such as: 1-9 are total provinces, 1-5 are city 1 areas, 6-9 are city 2 areas, provincial users can see all areas of Sudoku 1-9, city 1 level users can only see the area corresponding to 1-5, city 2 level users can only see the area corresponding to 6-9, different users have different authorities, each user has corresponding attribute, namely authority code, and area authority can be obtained according to the authority code, such as: the permission code of the city 1 level user is 12345, and the corresponding block of the viewable space data is 12345, that is, the region permission is 12345.
Further, the output unit is configured to: the method comprises the steps of obtaining a first block code input by an access user side, determining first block data matched with the first block code, and outputting the first block data, wherein the block code to be accessed at least comprises the first block code.
When the user side outputs an access instruction and the application server determines the block matched with the user role information of the user side based on the access instruction, the application server directly outputs all the block codes with the access authority of the user role to the user side so that the user side can select a first block code from all the block codes with the access authority.
The method comprises the steps of selecting codes corresponding to blocks needing to be displayed from all block codes with access rights, sending a first block code selected by a user side to an application server, so that the application server can filter all block data corresponding to other block codes except the first block code from all block codes with access rights of user roles, and returning only the data corresponding to the first block code in all spatial data to the user side, so that the first block data corresponding to the first block code can be displayed on the user side, the block data corresponding to other block codes except the first block code can not be displayed, and the data corresponding to the block codes with access rights of the user roles corresponding to the user side can not be displayed no matter whether the data are displayed.
As shown in fig. 5, the schematic diagram of accessing a space service through a proxy layer is shown, where the space service is a cloud end storing space data, the proxy layer is implemented on the basis of an application server, and the logical processing of the proxy layer is performed on the application server.
The client, namely a user side outputs an access instruction to an application server, the application server outputs a block code matched with the user role information based on the access instruction, the client selects a first block code from the block code and transmits the first block code to a proxy layer through the application server after receiving the block code with the access authority, the proxy layer accesses a space service, namely space graphic data is obtained from a cloud end, data filtering is carried out according to the first block code, space graphic data matched with the first block code, namely the first block data, is obtained, and the first block data is fed back to the client so as to be displayed through the client.
Furthermore, when a plurality of servers store and manage data, the data are accessed and requested by using gateway processing such as VPN (virtual private network) and a gateway for data security, and the data of the service layer are controlled through the main server.
Specifically, as shown in fig. 6, the schematic diagram of accessing the space server through multiple servers is shown, where each client interacts with the main server to determine a block code corresponding to a user role of the client that outputs an access instruction, after the client outputs a first block code to the main server, the main server controls the proxy server to request space data stored by the map server, the map server returns the space map data corresponding to the first block code to the proxy server, and the proxy server feeds the space map data back to the client.
The control device for space application permission disclosed in this embodiment obtains an access instruction, determines user role information of an access user side that outputs the access instruction based on the access instruction, determines a block code to be accessed on a map that matches the user role information based on the user role information, and feeds back block data to be accessed that matches the block code to be accessed. According to the scheme, when the access instruction is obtained, the user role information of the access user side outputting the access instruction can be obtained, so that the block code to be accessed which is matched with the user is the information is determined, the block data to be accessed which is matched with the block code to be accessed can be output, the block data to be accessed which is matched with the block code to be accessed is output based on the user role of the access user side, authority control of different blocks on a map is achieved according to the role, and data filtering matched with the role is achieved.
The embodiment discloses a control system for space application permission, a schematic structural diagram of which is shown in fig. 8, and the control system comprises:
not less than one client 81 and application server 82.
Wherein, at least one user side is used for outputting an access instruction;
the application server is used for obtaining the access instruction, determining user role information of a user side outputting the access instruction based on the access instruction, determining a block code to be accessed on a map matched with the user role information based on the user role information, and feeding back block data to be accessed matched with the block code to be accessed.
The control system of the spatial application permission disclosed in this embodiment is implemented based on the control method of the spatial application permission disclosed in the above embodiment, and is not described herein again.
The control system for space application permission disclosed in this embodiment obtains an access instruction, determines user role information of an access user side that outputs the access instruction based on the access instruction, determines a block code to be accessed on a map that matches the user role information based on the user role information, and feeds back block data to be accessed that matches the block code to be accessed. According to the scheme, when the access instruction is obtained, the user role information of the access user side outputting the access instruction can be obtained, so that the block code to be accessed which is matched with the user is the information is determined, the block data to be accessed which is matched with the block code to be accessed can be output, the block data to be accessed which is matched with the block code to be accessed is output based on the user role of the access user side, authority control of different blocks on a map is achieved according to the role, and data filtering matched with the role is achieved.
The embodiments in the present description are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. The device disclosed by the embodiment corresponds to the method disclosed by the embodiment, so that the description is simple, and the relevant points can be referred to the method part for description.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in Random Access Memory (RAM), memory, Read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (10)

1. A method for controlling spatial application authority, comprising:
obtaining an access instruction;
determining user role information of an access user side for outputting the access instruction based on the access instruction;
determining a block code to be accessed on a map matched with the user role information based on the user role information;
and feeding back the data of the block to be accessed which is matched with the code of the block to be accessed.
2. The method according to claim 1, wherein the feeding back the to-be-accessed block data matching the to-be-accessed block code comprises:
and determining block data matched with the block code to be accessed in the spatial data acquired based on the geographic information service request as block data to be accessed, and feeding back the block data to be accessed to an access user side outputting the access instruction.
3. The method of claim 1, further comprising:
obtaining full data of a map;
determining business data and spatial data in the full data so as to determine user role information based on the business data and determine block data to be accessed based on the spatial data, wherein the business data at least comprises user role attribute information, and the spatial data at least comprises: and information for controlling the layer space information attribute.
4. The method of claim 3, further comprising:
determining block codes corresponding to the data of each dimension in the spatial data respectively;
and dynamically storing the data of each dimension and the corresponding block code correspondingly.
5. The method according to claim 1, wherein the feeding back the to-be-accessed block data matching the to-be-accessed block code comprises:
obtaining a first block code input by the access user side, wherein the block code to be accessed at least comprises the first block code;
determining first block data matched with the first block code, and outputting the first block data, wherein the block data to be accessed at least comprises the first block data.
6. An apparatus for controlling spatial application authority, comprising:
an obtaining unit configured to obtain an access instruction;
a first determination unit configured to determine user role information of an access user side that outputs the access instruction based on the access instruction;
a second determination unit configured to determine a block code to be accessed on a map that matches the user role information based on the user role information;
and the output unit is used for feeding back the to-be-accessed block data matched with the to-be-accessed block code.
7. The apparatus of claim 6, further comprising:
a third determining unit, configured to obtain full data of a map, determine service data and spatial data in the full data so as to be able to determine user role information based on the service data, and determine block data to be accessed based on the spatial data, where the service data at least includes user role attribute information, and the spatial data at least includes: and information for controlling the layer space information attribute.
8. The apparatus of claim 7, further comprising:
and the storage unit is used for determining the block codes corresponding to the data of each dimension in the spatial data respectively and storing the data of each dimension and the corresponding block codes correspondingly and dynamically.
9. The apparatus of claim 7, wherein the output unit is configured to:
obtaining a first block code input by the access user side, wherein the block code to be accessed at least comprises the first block code, determining first block data matched with the first block code, and outputting the first block data, wherein the block data to be accessed at least comprises the first block data.
10. A system for controlling spatial application rights, comprising:
at least one user side for outputting access instructions;
the application server is used for obtaining an access instruction, determining user role information of a user side outputting the access instruction based on the access instruction, determining a block code to be accessed on a map matched with the user role information based on the user role information, and feeding back block data to be accessed matched with the block code to be accessed.
CN202111263026.1A 2021-10-28 2021-10-28 Control method, device and system for space application permission Pending CN113971005A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111263026.1A CN113971005A (en) 2021-10-28 2021-10-28 Control method, device and system for space application permission

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111263026.1A CN113971005A (en) 2021-10-28 2021-10-28 Control method, device and system for space application permission

Publications (1)

Publication Number Publication Date
CN113971005A true CN113971005A (en) 2022-01-25

Family

ID=79588761

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111263026.1A Pending CN113971005A (en) 2021-10-28 2021-10-28 Control method, device and system for space application permission

Country Status (1)

Country Link
CN (1) CN113971005A (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103886255A (en) * 2014-03-12 2014-06-25 可牛网络技术(北京)有限公司 Application program privacy authority management method and device
CN106991330A (en) * 2017-03-27 2017-07-28 武汉地大信息工程股份有限公司 A kind of method of data access authority control on three-dimensional map
CN108491445A (en) * 2018-02-13 2018-09-04 北京天元创新科技有限公司 The methods of exhibiting and system of achievement data in region
CN108924115A (en) * 2018-06-25 2018-11-30 武汉众智鸿图科技有限公司 A kind of Simulation spatial service authority control method and system
CN111611338A (en) * 2020-05-15 2020-09-01 交通运输部规划研究院 Dynamic map clipping method and device and storage medium
CN112559667A (en) * 2021-02-23 2021-03-26 北京简巨科技有限公司 Map editor, map engine, map editing system, map editing method, and storage medium
CN112766671A (en) * 2021-01-07 2021-05-07 北京码牛科技有限公司 Wisdom community data monitoring system

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103886255A (en) * 2014-03-12 2014-06-25 可牛网络技术(北京)有限公司 Application program privacy authority management method and device
CN106991330A (en) * 2017-03-27 2017-07-28 武汉地大信息工程股份有限公司 A kind of method of data access authority control on three-dimensional map
CN108491445A (en) * 2018-02-13 2018-09-04 北京天元创新科技有限公司 The methods of exhibiting and system of achievement data in region
CN108924115A (en) * 2018-06-25 2018-11-30 武汉众智鸿图科技有限公司 A kind of Simulation spatial service authority control method and system
CN111611338A (en) * 2020-05-15 2020-09-01 交通运输部规划研究院 Dynamic map clipping method and device and storage medium
CN112766671A (en) * 2021-01-07 2021-05-07 北京码牛科技有限公司 Wisdom community data monitoring system
CN112559667A (en) * 2021-02-23 2021-03-26 北京简巨科技有限公司 Map editor, map engine, map editing system, map editing method, and storage medium

Similar Documents

Publication Publication Date Title
US20180218169A1 (en) Security and data isolation for tenants in a business data system
US7062511B1 (en) Method and system for portal web site generation
US6292904B1 (en) Client account generation and authentication system for a network server
US7234032B2 (en) Computerized system, method and program product for managing an enterprise storage system
US7366787B2 (en) Dynamic configuration of a content publisher
US6519647B1 (en) Methods and apparatus for synchronizing access control in a web server
US5911045A (en) Method and system for sharing information in a virtual reality world
US20100017855A1 (en) State Saver/Restorer for a Geospatial Decision Management System
US10148637B2 (en) Secure authentication to provide mobile access to shared network resources
CN104766024A (en) Cloud platform based medical system case information storage and calling method
CN109669955B (en) Digital asset query system and method based on block chain
US8117254B2 (en) User name mapping in a heterogeneous network
EP3605948A2 (en) Distributing overlay network ingress information
CN108924115B (en) Space service authority control method and system
CN112231603A (en) File downloading method, server, client and storage medium
US11126460B2 (en) Limiting folder and link sharing
CN108268614B (en) Distributed management method for forest resource spatial data
CN113094334B (en) Digital service method, device, equipment and storage medium based on distributed storage
CN115061989A (en) GIS data sharing method and system
JP5244967B2 (en) Devices and methods for managing accessibility to real or virtual objects in various locations
CN116915493A (en) Secure login method, device, system, computer equipment and storage medium
CN102123220A (en) Image forming apparatus and system and method for charging for printing
CN113971005A (en) Control method, device and system for space application permission
CN105260402A (en) Data management method and apparatus
JP6199458B1 (en) Print log concealment system, print log concealment method, and print log concealment program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination