CN114580004A - Authority management system, method, medium and device of second classroom achievement list system - Google Patents
Authority management system, method, medium and device of second classroom achievement list system Download PDFInfo
- Publication number
- CN114580004A CN114580004A CN202210491389.9A CN202210491389A CN114580004A CN 114580004 A CN114580004 A CN 114580004A CN 202210491389 A CN202210491389 A CN 202210491389A CN 114580004 A CN114580004 A CN 114580004A
- Authority
- CN
- China
- Prior art keywords
- authority
- module
- data
- user
- permission
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Abstract
The present disclosure relates to a system, method, medium, and device for authority management of a second classroom transcript system, the system comprising: the system comprises an account module, a role module, a function module and a permission data module, wherein the account module is used for storing a plurality of user accounts and user passwords corresponding to the user accounts, the user accounts of a user are sent to the role module after the user successfully logs in the system based on the user passwords, the role module is used for determining role information corresponding to the user accounts and sending the role information to the function module, the function module is used for determining permission range information corresponding to the role information and sending the permission range information to the permission data module, and the permission data module is used for determining permission data according to the permission range information and returning the permission data to user equipment so that the user can operate the permission data on the user equipment. And the system is used for carrying out decentralized authority management, so that the risk caused by the lack of authority control is avoided, and the decentralized authority management system is suitable for the changed service data.
Description
Technical Field
The present disclosure relates to the field of computers, and in particular, to a system, a method, a medium, and a device for managing permissions of a second classroom achievement list system.
Background
The authority management is an important component involved in background systems, and the main purpose of the authority management is to control the authority of the whole background management system and avoid the risk problem caused by the lack of authority control or improper operation. In the related art, the system management authority is centralized, so that the risk problems of improper authority management or missing authority control and the like are easily caused.
Disclosure of Invention
To overcome the problems in the related art, the present disclosure provides a system, method, medium, and apparatus for privilege management of a second classroom transcript system.
A first aspect of the embodiments of the present disclosure provides an authority management system of a second classroom achievement list system, including an account module, a role module, a function module, and an authority data module:
the account module is used for storing a plurality of user accounts and a user password corresponding to each user account, and sending the user accounts of the users to the role module after the users successfully log in the system based on the user passwords;
the role module is used for determining role information corresponding to the user account and sending the role information to the function module;
the function module is used for determining authority range information corresponding to the role information and sending the authority range information to the authority data module;
and the permission data module is used for determining permission data according to the permission range information and returning the permission data to the user equipment so that the user can operate the permission data on the user equipment.
Optionally, the account module is further configured to modify the plurality of user accounts in response to a modification instruction of the account module by the first authorized user, and synchronize the modified user accounts to the role module.
Optionally, the function module is further configured to assign a permission range to each piece of role information to generate a permission configuration table, and send the permission configuration table to the permission data module, so that the permission data module configures corresponding permission data for each piece of role information according to the permission configuration table.
Optionally, the system further comprises a management module:
the management module is used for generating an authority range modification instruction according to a configuration request of a second authorized user and sending the modification instruction to the function module;
and the functional module is also used for responding to the modification instruction and configuring the authority range corresponding to the role information based on the modification instruction.
Optionally, the system further comprises a verification module;
the functional module is also used for acquiring a corresponding authorized identification code according to the authority range and sending the authorized identification code to the verification module;
and the verification module is used for verifying the corresponding relation between the authorization identification code and the authority data and sending the corresponding data request to the authority data module.
According to a second aspect of the embodiments of the present disclosure, there is provided a method for managing permissions of a second classroom achievement list system, where the method is used in the permission management system of any one of the first aspect, and the method includes:
responding to an instruction that user equipment successfully logs in the authority management system based on a login account, and determining role information corresponding to the login account;
determining an authority range corresponding to the role information according to a preset role authority table, wherein the preset role authority table comprises mapping relations between a plurality of role information and a plurality of authority ranges;
and determining corresponding authority data according to the authority range, and returning the authority data to the user equipment so that the user can operate the authority data on the user equipment.
Optionally, the permission data includes service data and operation permission, the determining the corresponding permission data according to the permission range and returning the permission data to the user equipment includes:
determining the corresponding service data and the corresponding operation authority according to the authority range;
and sending the service data to the user equipment so that the user equipment modifies the service data based on the operation authority.
Optionally, the determining, according to the authority range, corresponding authority data and returning the authority data to the user equipment includes:
acquiring a corresponding authorization identification code based on the authority range;
and determining the authority data corresponding to the authorized identification code, and returning the authority data to the user equipment.
According to a third aspect of embodiments of the present disclosure, there is provided a computer readable storage medium having stored thereon computer program instructions which, when executed by a processor, implement the steps of the rights management method provided by the second aspect of the present disclosure.
According to a fourth aspect of the embodiments of the present disclosure, there is provided an electronic apparatus including:
a memory having a computer program stored thereon;
a processor for executing the computer program in the memory to implement the steps of the method of any of the second aspects.
The technical scheme provided by the embodiment of the disclosure can have the following beneficial effects:
the system comprises an account module, a role module, a function module and a permission data module, wherein the account module is used for storing a plurality of user accounts and user passwords corresponding to the user accounts, the user accounts of users are sent to the role module after the users successfully log in the system based on the user passwords, the role module is used for determining role information corresponding to the user accounts and sending the role information to the function module, the function module is used for determining permission range information corresponding to the role information and sending the permission range information to the permission data module, the permission data module is used for determining permission data according to the permission range information and returning the permission data to user equipment, and therefore the users can operate the permission data on the user equipment. Therefore, the system is used for decentralized authority management, and the centralized management authority of the system is distributed to each role, so that each role can manage corresponding system data in the authority range, the risk problem caused by the lack of authority control is effectively avoided, and the decentralized authority management system can adapt to continuously changing service data.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and, together with the description, serve to explain the principles of the disclosure.
FIG. 1 is a block diagram illustrating a rights management system of a second classroom transcript system in accordance with one illustrative embodiment.
FIG. 2 is a block diagram illustrating another rights management system of a second classroom achievement list system in accordance with an exemplary embodiment.
FIG. 3 is a flow diagram illustrating a method of rights management for a second classroom transcript system in accordance with an exemplary embodiment.
Fig. 4 is a block diagram illustrating a rights management apparatus of a second classroom transcript system in accordance with one illustrative embodiment.
FIG. 5 is a block diagram illustrating an electronic device in accordance with an example embodiment.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. The following description refers to the accompanying drawings in which the same numbers in different drawings represent the same or similar elements unless otherwise indicated. The implementations described in the exemplary embodiments below are not intended to represent all implementations consistent with the present disclosure. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present disclosure, as detailed in the appended claims.
Fig. 1 is a block diagram illustrating a rights management system of a second classroom transcript system, according to an exemplary embodiment, the system 100 includes an account module 110, a role module 120, a function module 130, and a rights data module 140, as shown in fig. 1.
The account module 110 is configured to store a plurality of user accounts and a user password corresponding to each user account, and send the user account of the user to the role module 120 after the user successfully logs in the system based on the user password.
It can be understood that, in the present embodiment, the system 100 is an authority management system that requires a user to perform authorized login through a login account, and therefore, each user needs a corresponding user account and a user password when wanting to enter the system. The account module 110 stores mapping relationships between user accounts and user passwords, and when a user performs authentication login, the account module 110 can determine whether the user successfully logs in the system based on the mapping relationships pre-stored in the account module 110, and send the corresponding user account to the role module 120 after the system successfully logs in, so that the role module 120 can identify the user account. For example, in the account module 110, before the role information corresponding to the user account is not determined, a password modification permission is assigned to each user in advance, so that the user can modify the corresponding user password based on the verification information. It should be noted that, in the account module 110, identity information of each user, such as name, age, time of employment, home address, telephone, etc., is stored under each user account, so that the system can go to the user account for identification and confirmation.
Optionally, the account module 110 is further configured to modify a plurality of user accounts in response to a modification instruction of the account module by the first authorized user, and synchronize the modified user accounts to the role module 120.
In the rights management system 100, a management right may be set to modify the account module 110, a first authorized user is set to be an authorized user having the management account module 110, and a modification instruction of the first authorized user may modify the content in the account module 110. For example, in the enterprise management system, the first authorized user may be a user of a personnel management department, and the operations of adding, deleting, modifying and searching the account number in the account number module 110 are performed according to the modification instruction of the first authorized user, so as to cooperate with personnel scheduling of the personnel management department. And synchronizes the new account information obtained after modification to the role module 120, so that the role module 120 allocates a corresponding authority role to the new account information.
The role module 120 is configured to determine role information corresponding to the user account, and send the role information to the function module 130.
It should be noted that the "role" in the system 100 is created to complete the corresponding work, and the corresponding role is assigned according to the responsibility and qualification of the corresponding user, and the authority is given to the corresponding account through the "role" attribute, so that the user obtains the inherent authority of the corresponding role by becoming the corresponding role. In the role module 120, by giving role information corresponding to each account, a user corresponding to the account can obtain different permissions based on the role information. In this embodiment, one account can set multiple role information, and multiple accounts can be set under the same role information. For example, in a daily management system of a company, role information may be job information such as "general staff of market department", "director of market department", "manager of personnel department", "technical director of development department", and different management authorities of corresponding accounts are provided under different role information. For example, when the role information is "general staff of the market department", the corresponding set authority may only have the authority for reading the data of the market department; when the role information is "technical director of development department", the corresponding set authority may be all the authorities for searching, modifying and adding each item data of the development department. It is understood that a role mapping table may be set in the role module 120, and a mapping relationship between a user account and role information is recorded, and when the role module receives a user account, one or more role information corresponding to the user account may be determined based on the role mapping table, so as to return a corresponding data management permission to a corresponding user. For example, a plurality of character levels can be set in the same character information dimension in the character module 120, for example, the character information is a character dimension of "market department director", and the character information of "market department director" and the character information of "market department sub-director" are included, and different character information in the same dimension has different data management authorities, "market department director" can manage all data of the entire "market department", and "market department sub-director" can manage partial data of the "market department". By subdividing the multi-level role information under the same role dimension, the authority scope is further subdivided, and the authority management system 100 can better adapt to the actual market management requirements.
The function module 130 is configured to determine authority range information corresponding to the role information, and send the authority range information to the authority data module 140.
It can be understood that, in the present embodiment, for data in the database of the system 100, the corresponding permission range may be divided into three permissions: page rights, operation rights, and data rights. The page authority is used for controlling which pages can be seen and which pages cannot be seen by corresponding role information. The operation authority controls which operation control functions are included in the display page, for example, after the system enters through the role information, the system returns the corresponding operation page according to the corresponding role, and adds the corresponding functions of inquiry, deletion, editing, new creation and the like in the page according to the authority of the role information, so that the corresponding user can manage the authority corresponding to the role information. The data authority is used for controlling which data can be checked, for example, the data authority of the user can be determined according to a department corresponding to the role information of the user account, the employee of the department A can only check and modify the data corresponding to the department A, and the employee of the department B has no authority to check the data of the department A.
After the user logs in the system through the corresponding user account, the user account is transmitted to the role module 120, and after the role identification, the authority range corresponding to the user is determined in the function module 130 based on the role information of the user, and the authority range is sent to the authority data module 140 to request the corresponding authority data.
Optionally, the function module 130 may be further configured to generate a permission configuration table for assigning a permission range to each role information, and send the permission configuration table to the permission data module 140, so that the permission data module 140 configures corresponding permission data for each role information according to the permission configuration table.
It can be understood that, in this embodiment, the function module 130 may configure all functions accessible to the system 100, and the configuration permission includes operations of adding, deleting, and modifying based on a service data plane, and the like, and further includes configurations of corresponding functions in each other function module. For example, the function module 130 may configure the function of the account module 110, for example, an association function may be set in the account module 110, and the user is authorized to refer to an association relationship (including a previous colleague relationship, a classmate relationship, a relationship between relatives, and the like) between users corresponding to respective accounts. The authority configuration is performed for the aspect function module 130, an authority range may be allocated to each role information, a corresponding authority configuration table is generated, and the authority configuration table is sent to the authority data module 140, so that the authority data module configures corresponding authority data for each role information according to the corresponding authority configuration table. It should be noted that, in the authority management of an enterprise, different authorities actually correspond to different data and operation codes in the system, and the data range corresponding to role information can be determined through the authority configuration table, so that corresponding authority data is requested in the system database and returned to the user equipment.
And the authority data module 140 is configured to determine authority data according to the authority range information, and return the authority data to the user equipment, so that the user can operate the authority data on the user equipment.
In this embodiment, the permission data module 140 includes service data of the system and a corresponding permission range, and by determining permission range information corresponding to the role information, corresponding permission data can be selected from the system database and returned to the user. It can be understood that, in this embodiment, the permission data returned to the user by the permission data module 140 includes page data for display and operation data for operation (including addition, deletion, editing, new creation, query, etc.), and the permission data is corresponding data selected by the permission data module 140 in the system database according to the permission range information of the user, so that the permission data is data that can be correspondingly operated by the user.
In the embodiment, the system comprises an account module, a role module, a function module and a permission data module, wherein the account module is used for storing a plurality of user accounts and user passwords corresponding to each user account, and sending the user accounts of the users to the role module after the users successfully log in the system based on the user passwords, the role module is used for determining role information corresponding to the user accounts and sending the role information to the function module, the function module is used for determining permission range information corresponding to the role information and sending the permission range information to the permission data module, the permission data module is used for determining permission data according to the permission range information and returning the permission data to the users, and the permission data are data which can be operated by the users. Therefore, the system carries out decentralized authority management, distributes the centralized management authority of the system to each role, enables each role to manage corresponding system data in the authority range, effectively avoids the risk problem caused by the lack of authority control, and enables the decentralized authority management system to adapt to continuously changing service data.
Optionally, the system 100 further comprises a management module 150;
the management module 150 is configured to generate an authority range modification instruction according to the configuration request of the second authorized user, and send the authority range modification instruction to the function module 130.
The function module 130 is further configured to, in response to the modification instruction, configure a permission range corresponding to the role information based on the modification instruction.
It is understood that the functions in the respective modules can be modified and added by the management module 150 in the present embodiment. When the management module 150 receives the configuration request of the second authorized user, the authority range modification instruction is generated according to the configuration request, and the modification instruction is sent to the function module. The second authorized user can set according to the account module 110 and the role module 120, and define the user account as the second authorized user. The second authorized user can modify, delete and add functions in each module according to corresponding authority. Typically, the second authorized user is a software developer, and configures the functions of the modules according to the requirements of the departments of the enterprise. In this embodiment, the functional configuration of each module also requires that the functional module 130 requests the permission data module 140 for corresponding permission data, and the functional module 130 reconfigures the permission range corresponding to the role information through the modification instruction of the management module 150.
Optionally, the system 100 further comprises a verification module 160;
the function module 130 is further configured to obtain a corresponding authorized identification code according to the authority range, and send the authorized identification code to the verification module 160;
the verification module 160 is configured to verify a corresponding relationship between the authorization identifier and the permission data, and send a corresponding data request to the permission data module 140.
It can be understood that, in this embodiment, in order to determine the authority range better, the corresponding authorization identification code is preset in each authority range information, and the authorization identification code is used as a unique identifier of the authority range, so that the system better identifies the authority data corresponding to the authority range information. The function module 130 determines a corresponding authorized identification code according to the authority scope, and transmits the authorized identification code to the verification module 160. The verification module 160 determines the corresponding relationship between the authority range and the authority data by verifying the authorized identification code, and sends the corresponding data request to the authority data module 140 to request the corresponding authority data. It should be noted that the authorized identification code is used as unique identification information for the user to perform data request, and corresponds to the authority range of the user, when the user requests data outside the authority range, the authorized identification code is not matched with the authority data corresponding to the authority range information, so that the system pops up an error early warning prompt box on the user interface to remind the user to perform data request within the normal authority range.
Fig. 2 is a block diagram illustrating another rights management system of a second classroom transcript system, see fig. 2, according to an exemplary embodiment, the system 100 including an account module 110, a role module 120, a function module 130, a rights data module 140, a management module 150, and a verification module 160.
In the system 100, after receiving a user logs in the system 100 through a login account authorization, an account module 110 transmits a corresponding user account to a role module 120, the role module 120 determines role information corresponding to the user account and sends the role information to a function module 130, the function module 130 is connected with a management module 150, and configures an authority range corresponding to the role information according to a modification instruction of the authority range by the management module 150. After receiving the role information transmitted by the role module 120, the function module 130 determines authority range information corresponding to the role information, and sends the authority range information to the verification module 160 for authority verification, the verification module 160 determines whether the corresponding data request conforms to the authority range according to a preset authority mapping relationship, and sends the corresponding authorization identification code to the authority data module 140 to request corresponding authority data when the data request conforms to the authority range, and the authority data module 140 returns the corresponding authority data to the user equipment according to the data request.
Fig. 3 is a flowchart illustrating a method for rights management of a second classroom achievement list system according to an exemplary embodiment, referring to fig. 3, the method is applied to any one of the rights management systems, and the method includes:
and S11, responding to the instruction that the user equipment successfully logs in the authority management system based on the login account, and determining the role information corresponding to the login account.
And S12, determining the authority range corresponding to the role information according to a preset role authority table, wherein the preset role authority table comprises the mapping relation between a plurality of role information and a plurality of authority ranges.
And S13, determining corresponding authority data according to the authority range, and returning the authority data to the user equipment so that the user can operate the authority data on the user equipment.
It can be understood that, after receiving that the user equipment successfully logs in the authority management system through the authority management system, the role information corresponding to the user account is determined according to the login account of the user. And comparing the role information with a preset role authority table to determine the authority range corresponding to the role information. And determining corresponding authority data through the authority range, and returning the authority data to the user equipment to enable the user to exercise the corresponding authority operation, wherein the authority data is data which can be operated by the user.
Optionally, the authority data includes service data and operation authority, and the step S12 includes:
and determining corresponding service data and operation authority according to the authority range.
And sending the service data to the user equipment so that the user equipment modifies the service data based on the operation authority.
It should be noted that the authority data includes service data for display and operation authority for performing related operations (including addition, deletion, inquiry, modification, etc.). And after the user equipment receives the authority data, displaying an operation page corresponding to the service data on a user interface, and setting a corresponding authority button at a corresponding position in the operation page according to the operation authority. The user can modify the displayed service data based on the operation authority. Therefore, the system carries out decentralized authority management, distributes the centralized management authority of the system to each role, enables each role to manage corresponding system data in the authority range, effectively avoids the risk problem caused by the lack of authority control, and enables the decentralized authority management system to adapt to continuously changing service data.
Optionally, the step S12 may further include:
and acquiring the corresponding authorized identification code based on the authority range.
And determining the authority data corresponding to the authorization identification code, and returning the authority data to the user equipment.
In the embodiment, the role information corresponding to the login account is determined by responding to an instruction that the user equipment successfully logs in the authority management system based on the login account, the authority range corresponding to the role information is determined according to a preset role authority table, the preset role authority table comprises mapping relations between a plurality of role information and a plurality of authority ranges, corresponding authority data is determined according to the authority ranges, the authority data is returned to the user equipment, and the authority data is data which can be operated by the user.
For example, the authority management system provided by the present disclosure may also be applied to a second classroom achievement list system managed by a college, where the second classroom achievement list is generated by guiding students to adhere to the academic industry and simultaneously performing employment and establishment practice activities on the basis of a central task around a breeder, and performing corresponding data scoring according to specific performances of the students in the employment and establishment practice activities. The second classroom achievement list system mainly comprises a course project system, a recording evaluation system, a data management system, a work operation system and the like. The systems are independent from each other, different users correspond to different operation data, for example, if the corresponding role of the ID account in the second classroom achievement list system is a student, the account is added and modified corresponding to related data in the intelligent work operation system and the course project system, and the student account is limited to only see the recorded evaluation data in the recorded evaluation system according to the authority management of the authority management system, and cannot modify and add the recorded evaluation data. The data management system in the second classroom achievement list system is a management module in the authority management system and is responsible for adding, modifying and deleting data to the functional modules and the functional authorities in each system. The role module distributes role information corresponding to the account ID for each account, distributes roles such as 'student', 'teacher', 'principal and subordinate', 'administrator' and the like for corresponding users according to the account ID, and sets corresponding management authority aiming at the roles. By the method, the management of the second classroom record list system of colleges and universities is simpler and more convenient, and the condition that the second classroom record list is wrong due to the loss of authority management control is effectively avoided.
Fig. 4 is a block diagram illustrating a rights management apparatus 400 of a second classroom transcript system in accordance with one illustrative embodiment. For example, the apparatus 400 may be a mobile phone, a computer, a digital broadcast terminal, a messaging device, a game console, a tablet device, a medical device, an exercise device, a personal digital assistant, and the like.
Referring to fig. 4, the apparatus 400 may include one or more of the following components: a processing component 402, a memory 404, a power component 406, a multimedia component 408, an audio component 410, an interface for input/output (I/O) 412, a sensor component 414, and a communication component 416.
The processing component 402 generally controls overall operation of the apparatus 400, such as operations associated with display, telephone calls, data communications, camera operations, and recording operations. The processing component 402 may include one or more processors 420 to execute instructions to perform all or a portion of the steps of the methods described above. Further, the processing component 402 can include one or more modules that facilitate interaction between the processing component 402 and other components. For example, the processing component 402 can include a multimedia module to facilitate interaction between the multimedia component 408 and the processing component 402.
The memory 404 is configured to store various types of data to support operations at the apparatus 400. Examples of such data include instructions for any application or method operating on the device 400, contact data, phonebook data, messages, pictures, videos, and so forth. The memory 404 may be implemented by any type or combination of volatile or non-volatile memory devices such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disks.
The multimedia component 408 includes a screen that provides an output interface between the device 400 and the user. In some embodiments, the screen may include a Liquid Crystal Display (LCD) and a Touch Panel (TP). If the screen includes a touch panel, the screen may be implemented as a touch screen to receive an input signal from a user. The touch panel includes one or more touch sensors to sense touch, slide, and gestures on the touch panel. The touch sensor may not only sense the boundary of a touch or slide action, but also detect the duration and pressure associated with the touch or slide operation. In some embodiments, the multimedia component 408 includes a front facing camera and/or a rear facing camera. The front camera and/or the rear camera may receive external multimedia data when the apparatus 400 is in an operation mode, such as a photographing mode or a video mode. Each front camera and rear camera may be a fixed optical lens system or have a focal length and optical zoom capability.
The audio component 410 is configured to output and/or input audio signals. For example, audio component 410 includes a Microphone (MIC) configured to receive external audio signals when apparatus 400 is in an operational mode, such as a call mode, a recording mode, and a voice recognition mode. The received audio signals may further be stored in the memory 404 or transmitted via the communication component 416. In some embodiments, audio component 410 also includes a speaker for outputting audio signals.
The I/O interface 412 provides an interface between the processing component 402 and peripheral interface modules, which may be keyboards, click wheels, buttons, etc. These buttons may include, but are not limited to: a home button, a volume button, a start button, and a lock button.
The sensor component 414 includes one or more sensors for providing various aspects of status assessment for the apparatus 400. For example, the sensor component 414 may detect the open/closed state of the apparatus 400, the relative positioning of components, such as a display and keypad of the apparatus 400, the sensor component 414 may also detect a change in the position of the apparatus 400 or a component of the apparatus 400, the presence or absence of user contact with the apparatus 400, orientation or acceleration/deceleration of the apparatus 400, and a change in the temperature of the apparatus 400. The sensor assembly 414 may include a proximity sensor configured to detect the presence of a nearby object without any physical contact. The sensor assembly 414 may also include a light sensor, such as a CMOS or CCD image sensor, for use in imaging applications. In some embodiments, the sensor assembly 414 may also include an acceleration sensor, a gyroscope sensor, a magnetic sensor, a pressure sensor, or a temperature sensor.
The communication component 416 is configured to facilitate wired or wireless communication between the apparatus 400 and other devices. The apparatus 400 may access a wireless network based on a communication standard, such as WiFi, 2G or 3G, or a combination thereof. In an exemplary embodiment, the communication component 416 receives broadcast signals or broadcast related information from an external broadcast management system via a broadcast channel. In an exemplary embodiment, the communication component 416 further includes a Near Field Communication (NFC) module to facilitate short-range communications. For example, the NFC module may be implemented based on Radio Frequency Identification (RFID) technology, infrared data association (IrDA) technology, Ultra Wideband (UWB) technology, Bluetooth (BT) technology, and other technologies.
In an exemplary embodiment, the apparatus 400 may be implemented by one or more Application Specific Integrated Circuits (ASICs), Digital Signal Processors (DSPs), Digital Signal Processing Devices (DSPDs), Programmable Logic Devices (PLDs), Field Programmable Gate Arrays (FPGAs), controllers, micro-controllers, microprocessors, or other electronic components for performing the above-described rights management methods.
In an exemplary embodiment, a non-transitory computer-readable storage medium comprising instructions, such as the memory 404 comprising instructions, executable by the processor 420 of the device 400 to perform the rights management method described above is also provided. For example, the non-transitory computer readable storage medium may be a ROM, a Random Access Memory (RAM), a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like.
Fig. 5 is a block diagram illustrating an electronic device 500 in accordance with an example embodiment. For example, the electronic device 500 may be provided as a server. Referring to fig. 5, the electronic device 500 comprises a processor 522, which may be one or more in number, and a memory 532 for storing computer programs executable by the processor 522. The computer programs stored in memory 532 may include one or more modules that each correspond to a set of instructions. Further, the processor 522 may be configured to execute the computer program to perform the tax controlled device management method described above.
Additionally, the electronic device 500 may also include a power component 526 and a communication component 550, the power component 526 may be configured to perform power management of the electronic device 500, and the communication component 550 may be configured to enable communication, e.g., wired or wireless communication, of the electronic device 500. In addition, the electronic device 500 may also include input/output (I/O) interfaces 558. The electronic device 500 may operate based on an operating system stored in memory 532, such as Windows Server, Mac OS XTM, UnixTM, Linux, and the like.
In another exemplary embodiment, a computer readable storage medium including program instructions for implementing the steps of the tax control device management method described above when executed by a processor is also provided. For example, the computer readable storage medium may be the memory 532 including program instructions executable by the processor 522 of the electronic device 500 to perform the tax controlled device management method described above.
In another exemplary embodiment, a computer program product is also provided, which comprises a computer program executable by a programmable apparatus, the computer program having code portions for performing the method of rights management of the second classroom transcript system described above when executed by the programmable apparatus.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure. This application is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It will be understood that the present disclosure is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.
Claims (10)
1. The authority management system of the second classroom achievement list system is characterized by comprising an account module, a role module, a function module and an authority data module;
the account module is used for storing a plurality of user accounts and a user password corresponding to each user account, and sending the user accounts of the users to the role module after the users successfully log in the system based on the user passwords;
the role module is used for determining role information corresponding to the user account and sending the role information to the function module;
the function module is used for determining authority range information corresponding to the role information and sending the authority range information to the authority data module;
and the permission data module is used for determining permission data according to the permission range information and returning the permission data to the user equipment so that the user can operate the permission data on the user equipment.
2. The system of claim 1, wherein the account module is further configured to modify the plurality of user accounts in response to a modification instruction of the account module by the first authorized user, and synchronize the modified user accounts to the role module.
3. The system of claim 1, wherein the function module is further configured to assign a permission range to each piece of role information to generate a permission configuration table, and send the permission configuration table to the permission data module, so that the permission data module configures corresponding permission data for each piece of role information according to the permission configuration table.
4. The system of claim 1, further comprising a management module;
the management module is used for generating an authority range modification instruction according to a configuration request of a second authorized user and sending the modification instruction to the function module;
and the functional module is also used for responding to the modification instruction and configuring the authority range corresponding to the role information based on the modification instruction.
5. The system of claim 1, further comprising a verification module;
the functional module is also used for acquiring a corresponding authorized identification code according to the authority range and sending the authorized identification code to the verification module;
and the verification module is used for verifying the corresponding relation between the authorization identification code and the authority data and sending the corresponding data request to the authority data module.
6. A method for managing authority of a second classroom achievement list system, which is used for the authority management system of any one of claims 1-5, and comprises the following steps:
responding to an instruction that user equipment successfully logs in the authority management system based on a login account, and determining role information corresponding to the login account;
determining an authority range corresponding to the role information according to a preset role authority table, wherein the preset role authority table comprises mapping relations between a plurality of role information and a plurality of authority ranges;
and determining corresponding authority data according to the authority range, and returning the authority data to the user equipment so that the user can operate the authority data on the user equipment.
7. The method of claim 6, wherein the permission data comprises service data and operation permission, and wherein determining the corresponding permission data according to the permission range and returning the permission data to the ue comprises:
determining the corresponding service data and the corresponding operation authority according to the authority range;
and sending the service data to the user equipment so that the user equipment modifies the service data based on the operation authority.
8. The method according to claim 6, wherein the determining corresponding permission data according to the permission range and returning the permission data to the user equipment comprises:
acquiring a corresponding authorization identification code based on the authority range;
and determining the authority data corresponding to the authorized identification code, and returning the authority data to the user equipment.
9. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 6 to 8.
10. An electronic device, comprising:
a memory having a computer program stored thereon;
a processor for executing the computer program in the memory to carry out the steps of the method of any one of claims 6 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210491389.9A CN114580004A (en) | 2022-05-07 | 2022-05-07 | Authority management system, method, medium and device of second classroom achievement list system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210491389.9A CN114580004A (en) | 2022-05-07 | 2022-05-07 | Authority management system, method, medium and device of second classroom achievement list system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114580004A true CN114580004A (en) | 2022-06-03 |
Family
ID=81767522
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210491389.9A Pending CN114580004A (en) | 2022-05-07 | 2022-05-07 | Authority management system, method, medium and device of second classroom achievement list system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114580004A (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020026592A1 (en) * | 2000-06-16 | 2002-02-28 | Vdg, Inc. | Method for automatic permission management in role-based access control systems |
| CN103001803A (en) * | 2012-12-10 | 2013-03-27 | 上海斐讯数据通信技术有限公司 | Method and system for achieving right management in network management |
| US20140157350A1 (en) * | 2012-12-03 | 2014-06-05 | Microsoft Corporation | Role-based access control modeling and auditing system |
| CN109446833A (en) * | 2018-09-17 | 2019-03-08 | 深圳点猫科技有限公司 | A kind of authorization check method and electronic equipment based on educational system |
| CN109670768A (en) * | 2018-09-27 | 2019-04-23 | 深圳壹账通智能科技有限公司 | Right management method, device, platform and the readable storage medium storing program for executing in multi-service domain |
| CN112367365A (en) * | 2020-10-26 | 2021-02-12 | 南京燚麒智能科技有限公司 | Method and system for directionally pushing data |
| CN112541743A (en) * | 2020-12-22 | 2021-03-23 | 北京百家科技集团有限公司 | Information processing method and device, computer equipment and storage medium |
-
2022
- 2022-05-07 CN CN202210491389.9A patent/CN114580004A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020026592A1 (en) * | 2000-06-16 | 2002-02-28 | Vdg, Inc. | Method for automatic permission management in role-based access control systems |
| US20140157350A1 (en) * | 2012-12-03 | 2014-06-05 | Microsoft Corporation | Role-based access control modeling and auditing system |
| CN103001803A (en) * | 2012-12-10 | 2013-03-27 | 上海斐讯数据通信技术有限公司 | Method and system for achieving right management in network management |
| CN109446833A (en) * | 2018-09-17 | 2019-03-08 | 深圳点猫科技有限公司 | A kind of authorization check method and electronic equipment based on educational system |
| CN109670768A (en) * | 2018-09-27 | 2019-04-23 | 深圳壹账通智能科技有限公司 | Right management method, device, platform and the readable storage medium storing program for executing in multi-service domain |
| CN112367365A (en) * | 2020-10-26 | 2021-02-12 | 南京燚麒智能科技有限公司 | Method and system for directionally pushing data |
| CN112541743A (en) * | 2020-12-22 | 2021-03-23 | 北京百家科技集团有限公司 | Information processing method and device, computer equipment and storage medium |
Non-Patent Citations (1)
| Title |
|---|
| 陈湘军等: "一种基于RBAC扩展的校园信息资源访问模型及其应用", 《实验室研究与探索》 * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11070543B2 (en) | Multi-persona management and devices | |
| JP6812467B2 (en) | Multi-factor authentication to access services | |
| KR102070341B1 (en) | User dependent functions and data in a mobile communication device | |
| US11086692B2 (en) | Multiplatform management system and method for mobile devices | |
| CN107430666A (en) | Tenant's lock box | |
| US20210127257A1 (en) | Learning gamification and safety control application for mobile devices | |
| US10841342B2 (en) | Data driven user interfaces for device management | |
| CN107612888B (en) | Enterprise user space creation method and device | |
| CN105453072A (en) | User centric data maintenance | |
| CN114237454A (en) | Project display method and device, electronic equipment, storage medium and product | |
| US20190215380A1 (en) | Data driven user interfaces for device management | |
| US20150281377A1 (en) | Method, device and system for event reminding | |
| US9674768B2 (en) | Method and device for accessing wireless network | |
| CN116954649A (en) | Method and device for updating attribute information of field replaceable unit | |
| US10303343B1 (en) | Data driven user interfaces for device management | |
| CN114580004A (en) | Authority management system, method, medium and device of second classroom achievement list system | |
| CN112286632B (en) | Cloud platform, cloud platform management method and device, electronic equipment and storage medium | |
| CN109542644B (en) | Application programming interface calling method and device | |
| CA3088798C (en) | System and method for using a secondary device to access information stored remotely | |
| CN113901496A (en) | Business processing method, device and equipment based on multi-business system | |
| CN113806779A (en) | System authority management method and device, electronic equipment and storage medium | |
| CN109743441B (en) | Read-write permission setting method and device | |
| CN107402784B (en) | Application management method and application management device | |
| CN109409097B (en) | Information management method, device and computer readable storage medium | |
| CN112580104B (en) | Authority management method, device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |