CN115953119A

CN115953119A - Form authority management method and device, storage medium and electronic equipment

Info

Publication number: CN115953119A
Application number: CN202211591663.6A
Authority: CN
Inventors: 魏安权; 刘开飞
Original assignee: Caxa Technology Co Ltd
Current assignee: Caxa Technology Co Ltd
Priority date: 2022-12-12
Filing date: 2022-12-12
Publication date: 2023-04-11

Abstract

The invention discloses a form authority management method, a form authority management device, a storage medium and electronic equipment, wherein the method comprises the following steps: acquiring authority configuration data of at least one form; according to a plurality of target dimensions, respectively determining target authority configuration data from the authority configuration data, generating authorization data corresponding to each target dimension, and obtaining an authorization data set, wherein the target dimension is one of the following: page dimensions, control element dimensions, block element dimensions; generating an authorization management data table based on the authorization data set; and under the condition of receiving an operation instruction for managing at least one form by the target object, determining the target operation authority of the target object according to the authorization management data table so that the target object manages at least one form according to the target operation authority. The invention solves the technical problem of low flexibility of authorization management of the form in the prior art.

Description

Form authority management method and device, storage medium and electronic equipment

Technical Field

The invention relates to the technical field of computers, in particular to a form authority management method, a form authority management device, a storage medium and electronic equipment.

Background

At present, the management information system usually uses forms as a carrier, and the forms are circulated among a plurality of department personnel, and different personnel browse and edit the form contents. Where different people have different rights to different form content, e.g., some people have editing rights to form content and some people are not visible to the form content.

Generally, in the related art, the form authority management mode has low flexibility, and a user cannot customize the control range of the form authority. Moreover, the authority is often assigned to the role to which the person belongs, and the role is relatively fixed, so that dynamic authorization management cannot be performed on the form.

In view of the above problems, no effective solution has been proposed.

Disclosure of Invention

The embodiment of the invention provides a form authority management method, a form authority management device, a storage medium and electronic equipment, and at least solves the technical problem that the authorization management of a form in the prior art is low in flexibility.

According to an aspect of an embodiment of the present invention, a form authority management method is provided, including: acquiring authority configuration data of at least one form, wherein the authority configuration data at least comprises page authority configuration data, control authority configuration data and block authority configuration data; according to a plurality of target dimensions, respectively determining target authority configuration data from the authority configuration data, generating authorization data corresponding to each target dimension, and obtaining an authorization data set, wherein the target dimension is one of the following: page dimensions, control element dimensions, block element dimensions; generating an authorization management data table based on the authorization data set, wherein the authorization management data table is used for representing the corresponding relation between authorization data and an authorization object set, the authorization object set comprises at least one authorization object, and the authorization object is an object for managing at least one form; and under the condition of receiving an operation instruction of a target object for managing at least one form, determining the target operation authority of the target object according to the authorization management data table so that the target object manages the at least one form according to the target operation authority, wherein the target object is an object in an authorization object set.

Further, the form right management method further comprises the following steps: according to the page dimension, first configuration data are obtained from the page authority configuration data, wherein the first configuration data at least comprise the following four parts: the method comprises the steps of identifying a form, identifying a page, and identifying a first authorized object set corresponding to the page and authority content corresponding to the first authorized object set; and generating authorization data corresponding to the page dimension based on the form identifier, the page identifier, the first authorization object set and the authority content corresponding to the first authorization object set.

Further, the form authority management method further comprises the following steps: under the condition that the control element is an independent control element, acquiring second configuration data from the control authority configuration data according to the dimension of the control element, wherein the second configuration data at least comprises the following five parts of contents: the method comprises the steps of identifying a form, a page, an identifier of a control element, a second authorized object set corresponding to the control element and authority content corresponding to the second authorized object set; and generating authorization data corresponding to the control element dimension based on the form identifier, the page identifier, the identifier of the control element, the second authorization object set and the authority content corresponding to the second authorization object set.

Further, the form right management method further comprises the following steps: acquiring third configuration data from the block authority configuration data according to the dimension of the block element, wherein the third configuration data at least comprises the following five parts: form identification, page identification, identification of block elements, a third authorized object set corresponding to the block elements and authority content corresponding to the third authorized object set; and generating authorization data corresponding to the dimension of the block element based on the form identifier, the page identifier, the identifier of the block element, the third authorization object set and the authority content corresponding to the third authorization object set.

Further, the form right management method further comprises the following steps: determining the operation authority of the target object to the page of at least one form according to the authorization management data table; if the operation authority of the page is the editable authority, determining the operation authority of the target object to the block elements contained in the page according to the authorization management data table; if the operation authority of the block element is editable authority, determining the operation authority of the target object to the control element according to the authorization management data table; and determining the target operation authority based on the operation authority of the page, the operation authority of the block element and the operation authority of the control element.

Further, the form right management method further comprises the following steps: acquiring an identifier of a current form, an identifier of a current page and an identifier of a target object; based on the identifier of the current form, the identifier of the current page and the identifier of the target object, performing query operation in an authorization management data table according to a mode of a single authorization object to obtain a first operation authority of the target object to the page of at least one form; determining whether the target object belongs to a first authorized object set or not according to the identification of the target object; if the target object belongs to the first authorized object set, acquiring an identifier of the first authorized object set, and performing query operation in an authorized object set mode in an authorized management data table based on the identifier of the current form, the identifier of the current page and the identifier of the first authorized object set to obtain a second operation permission of the target object to the page of at least one form; and determining the operation authority of the target object to the page of at least one form according to the first operation authority and the second operation authority.

Further, the form right management method further comprises the following steps: responding to the permission configuration instruction of at least one form; displaying a page permission configuration option, a control permission configuration option and a block permission configuration option in a permission configuration area of at least one form; responding to an authorization instruction of the authorization object set, and respectively performing page authority configuration, control authority configuration and block authority configuration on the authorization object set based on the page authority configuration option, the control authority configuration option and the block authority configuration option; and acquiring authority configuration data generated in the processes of page authority configuration, control authority configuration and block authority configuration of the authorization object set, and generating the authority configuration data of at least one form.

According to another aspect of the embodiments of the present invention, there is provided a form authority management apparatus, including: the acquisition module is used for acquiring authority configuration data of at least one form, wherein the authority configuration data at least comprises page authority configuration data, control authority configuration data and block authority configuration data; the first determining module is configured to determine target authority configuration data from the authority configuration data according to a plurality of target dimensions, generate authorization data corresponding to each target dimension, and obtain an authorization data set, where the target dimension is one of: page dimensions, control element dimensions, block element dimensions; the processing module is used for generating an authorization management data table based on the authorization data set, wherein the authorization management data table is used for representing the corresponding relation between the authorization data and the authorization object set, the authorization object set comprises at least one authorization object, and the authorization object is an object for managing at least one form; and the second determining module is used for determining the target operation authority of the target object according to the authorization management data table under the condition that an operation instruction for managing the at least one form by the target object is received, so that the target object manages the at least one form according to the target operation authority, wherein the target object is an object in the authorization object set.

According to another aspect of the embodiments of the present invention, there is also provided a computer-readable storage medium, in which a computer program is stored, where the computer program is configured to execute the above form right management method when running.

According to another aspect of the embodiments of the present invention, there is also provided an electronic device, including one or more processors; a memory for storing one or more programs which, when executed by the one or more processors, cause the one or more processors to implement a method for executing a program, wherein the program is arranged to perform the above-described form right management method when executed.

According to another aspect of the embodiments of the present invention, there is also provided a computer program product, which includes a computer program/instruction, and the computer program/instruction, when executed by a processor, implements the form right management method described above.

In the embodiment of the invention, a form authority management mode through a page dimension, a control element dimension and a block element dimension is adopted, authority configuration data of at least one form are firstly obtained, then target authority configuration data are respectively determined from the authority configuration data according to a plurality of target dimensions, authorization data corresponding to each target dimension are generated to obtain an authorization data set, then an authorization management data table is generated based on the authorization data set, and under the condition that an operation instruction for a target object to manage at least one form is received, a target operation authority of the target object is determined according to the authorization management data table, so that the target object manages at least one form according to the target operation authority. The authority configuration data at least comprises page authority configuration data, control authority configuration data and block authority configuration data, and the target dimension is one of the following dimensions: the system comprises a page dimension, a control element dimension and a block element dimension, wherein an authorization management data table is used for representing the corresponding relation between authorization data and an authorization object set, the authorization object set comprises at least one authorization object, the authorization object is an object for managing at least one form, and a target object is an object in the authorization object set.

In the process, data basis is provided for the subsequent generation of the authorization management data table by acquiring the authority configuration data of at least one form; target permission configuration data are determined from the permission configuration data through page dimensions, control element dimensions and block element dimensions respectively, so that authorization data corresponding to each target dimension are generated, an authorization data set is obtained, flexible configuration of form permission is achieved, time cost and labor cost are saved, and further the efficiency of form permission management can be improved; under the condition that an operation instruction for managing at least one form by a target object is received, the target operation authority of the target object can be accurately determined through the authorization management data table, the process of matching the operation authority of the target object is realized, and therefore the target object can manage at least one form according to the target operation authority.

Therefore, through the technical scheme of the invention, the aim of performing flexible and dynamic authority management on the form from multiple dimensions is fulfilled, so that the technical effect of improving the flexibility of performing authorization management on the form is realized, and the technical problem of low flexibility of performing authorization management on the form in the prior art is solved.

Drawings

The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the invention without limiting the invention. In the drawings:

FIG. 1 is a flow diagram of an alternative form rights management method according to an embodiment of the invention;

FIG. 2 is a diagram illustrating an alternative form rights management method according to an embodiment of the present invention;

FIG. 3 is a flow diagram of an alternative form authority management device authorization setting in accordance with an embodiment of the present invention;

FIG. 4 is a flow diagram of an alternative form rights management device page authorization setting in accordance with an embodiment of the invention;

FIG. 5 is a flow diagram of an alternative form rights management device control element authorization setting in accordance with an embodiment of the present invention;

FIG. 6 is a flow diagram of an alternative form rights management device block element authorization setting in accordance with an embodiment of the present invention;

FIG. 7 is a flow diagram of an alternative form rights management device rights check in accordance with an embodiment of the present invention;

FIG. 8 is a flowchart of an optional form rights management device page rights check in accordance with an embodiment of the present invention;

FIG. 9 is a flow diagram of an optional form rights management device block rights check in accordance with an embodiment of the present invention;

FIG. 10 is a flow diagram of an alternative form rights management device control element rights check in accordance with an embodiment of the present invention;

fig. 11 is a schematic diagram of an alternative form authority management apparatus according to an embodiment of the present invention.

Detailed Description

In order to make the technical solutions of the present invention better understood, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

It should be noted that the terms "first," "second," and the like in the description and claims of the present invention and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.

It should be noted that the related information (including but not limited to user device information, user personal information, etc.) and data (including but not limited to data for presentation, analyzed data, etc.) related to the present invention are information and data authorized by the user or sufficiently authorized by each party. For example, an interface is provided between the system and the relevant user or organization, before obtaining the relevant information, an obtaining request needs to be sent to the user or organization through the interface, and after receiving the consent information fed back by the user or organization, the relevant information is obtained.

Example 1

There is provided, in accordance with an embodiment of the present invention, a method embodiment of a form rights management method, it being noted that the steps illustrated in the flowchart of the accompanying figures may be carried out in a computer system such as a set of computer-executable instructions, and that while a logical order is illustrated in the flowchart, in some cases, the steps illustrated or described may be carried out in an order different than here.

Fig. 1 is a flowchart of an alternative form authority management method according to an embodiment of the present invention, as shown in fig. 1, the method includes the following steps:

step S101, authority configuration data of at least one form are obtained, wherein the authority configuration data at least comprise page authority configuration data, control authority configuration data and block authority configuration data.

In the above steps, the permission configuration data of at least one form may be obtained by an application system, a processor, an electronic device, or the like. Optionally, the management information system includes at least one form, where the form may be a web page with data collection and browsing functions, and the unique identifier of the form is a form ID. A form may contain a plurality of sheet pages, i.e. a sheet page exists in a web page, for dividing a page into a plurality of tabs, each tab being an independent page, each sheet page having a unique sheet ID.

Optionally, a sheet page may be composed of a plurality of control elements and a plurality of block elements, where the unique identifier of a control element is a control ID and the unique identifier of a block element is a block ID. Optionally, the control element may belong to at most one block element, or may not belong to any block element, and the independent control element exists in the sheet page, and the block element may belong to at most one sheet page.

Optionally, the permission configuration data at least includes page permission configuration data, that is, permission configuration data of a sheet page, control permission configuration data, that is, permission configuration data of an independent control element, and block permission configuration data, that is, permission configuration data of a block element.

It should be noted that, by obtaining the authority configuration data of at least one form, a data basis is provided for the subsequent generation of the authorization management data table.

Step S102, respectively determining target authority configuration data from the authority configuration data according to a plurality of target dimensions, generating authorization data corresponding to each target dimension, and obtaining an authorization data set, wherein the target dimension is one of the following: page dimensions, control element dimensions, block element dimensions.

In the above steps, target permission configuration data can be determined from the permission configuration data respectively according to page dimensions, i.e. sheet page dimensions, control element dimensions, and block element dimensions, and authorization data corresponding to each target dimension is generated to obtain an authorization data set. That is, the authorization data set includes authorization data corresponding to the page dimension, authorization data corresponding to the control element dimension, and authorization data corresponding to the block element dimension.

Optionally, as shown in fig. 2, in this embodiment, the form includes a plurality of sheet pages, and each sheet page may have an independent authorization setting. A sheet page may contain multiple independent control elements and block elements, which may all have independent authorization settings. The block elements can contain a plurality of control elements, the authorization setting of the block elements is effective for all the control elements subordinate to the block elements, namely, the authorization setting of all the control elements subordinate to the block elements can be realized only by carrying out the authorization setting on the block elements.

Optionally, the authorization control apparatus shown in fig. 2 includes an authorization setting function and an authorization checking function. The method comprises the following steps that through an authorization setting function, corresponding personnel or working groups can be distributed to a sheet page, a block element and a control element, and corresponding permissions are given to the personnel or the working groups; through the authority checking function, when a certain person operates the form, whether the person has the corresponding operation authority can be checked.

It should be noted that, in this embodiment, a user may use permission management of a control element dimension, may also use permission control of a sheet page dimension, and may also flexibly designate a control element included in a block element to perform permission management, and a control that is not in the block element is not controlled by a permission corresponding to the block element.

Step S103, generating an authorization management data table based on the authorization data set, wherein the authorization management data table is used for representing the corresponding relationship between the authorization data and the authorization object set, the authorization object set comprises at least one authorization object, and the authorization object is an object for managing at least one form.

In the above steps, the authorization object may be the entity to which the authority is given, that is, the aforementioned person, and the set of authorization objects is the aforementioned workgroup. As shown in fig. 2, a workgroup may contain multiple people. In this embodiment, the personnel may be authorized, and the work group may also be authorized. Optionally, the authorization data set may be stored by using an authorization data storage structure shown in table 1, so as to generate an authorization management data table.

TABLE 1 authorization data storage structure

Field(s)	Name of field	Type (B)	Remarks for note
				FormID	Form ID	Character string type	Unique identification of forms
SheetID	Sheet ID	Character string type	Unique identification of Sheet page
				BlockID	ID of block	Short shaping type	Unique identification of block elements
ElementID	Control ID	Character string type	Of control elementsUnique identification
				ObjectType	Authorizable object types	Short shaping type	1: person 2: work group
ObjectID	Object ID	Character string type	Unique identification of personnel/work groups
				Permission	Rights content	Character string type	r is read-only w is writable and invisible

Optionally, a data storage structure of the relationship between the work group and the staff, as shown in table 2, may be adopted to store the staff and the work group, so as to generate a table of the relationship between the work group and the staff.

TABLE 2 data storage structure for relation between work group and personnel

Field(s)	Name of field	Type (B)	Remarks to note
				WorkgroupID	Work group ID	Character string type	Unique identification of workgroups
PersonID	Person ID	Character string type	Unique identification of a person

It should be noted that, by adding a workgroup management manner, a workgroup corresponding to one or more forms can be created at any time, and the workgroup is authorized, thereby implementing dynamic authorization management of the forms.

And step S104, under the condition that an operation instruction for managing at least one form by the target object is received, determining the target operation authority of the target object according to the authorization management data table so that the target object manages at least one form according to the target operation authority, wherein the target object is an object in the authorization object set.

In the above steps, the operation right may be read-only, writable, invisible, etc. The target object may be an operation object that is managing the form, for example, when the person a manages the form, a certain operation is performed on the form, and by querying the authorization management data table, the operation authority corresponding to the person a, that is, the target operation authority, may be determined, for example, the operation authority corresponding to the person a is writable, and at this time, the person a may perform operations such as editing and modifying on the form.

Based on the schemes defined in steps S101 to S104, it can be known that, in the embodiment of the present invention, a form authority management manner is adopted through a page dimension, a control element dimension, and a block element dimension, authority configuration data of at least one form is first obtained, then, according to a plurality of target dimensions, target authority configuration data is respectively determined from the authority configuration data, authorization data corresponding to each target dimension is generated, an authorization data set is obtained, then, based on the authorization data set, an authorization management data table is generated, and in a case that an operation instruction for a target object to manage at least one form is received, a target operation authority of the target object is determined according to the authorization management data table, so that the target object manages at least one form according to the target operation authority. The authority configuration data at least comprises page authority configuration data, control authority configuration data and block authority configuration data, and the target dimension is one of the following dimensions: the system comprises a page dimension, a control element dimension and a block element dimension, wherein an authorization management data table is used for representing the corresponding relation between authorization data and an authorization object set, the authorization object set comprises at least one authorization object, the authorization object is an object for managing at least one form, and a target object is an object in the authorization object set.

It is easy to note that, in the above process, by obtaining the authority configuration data of at least one form, a data basis is provided for the subsequent generation of the authorization management data table; target permission configuration data are determined from the permission configuration data through page dimensions, control element dimensions and block element dimensions respectively, so that authorization data corresponding to each target dimension are generated, an authorization data set is obtained, flexible configuration of form permission is achieved, time cost and labor cost are saved, and further the efficiency of form permission management can be improved; under the condition that an operation instruction for managing at least one form by a target object is received, the target operation authority of the target object can be accurately determined through the authorization management data table, the process of matching the operation authority of the target object is realized, and therefore the target object can manage at least one form according to the target operation authority.

In an optional embodiment, in the process of determining target authority configuration data from the authority configuration data according to a plurality of target dimensions and generating authorization data corresponding to each target dimension, first configuration data is obtained from the page authority configuration data according to a page dimension, where the first configuration data at least includes the following four parts: the authorization data corresponding to the page dimension are generated based on the form identification, the page identification, the first authorization object set corresponding to the page and the authority content corresponding to the first authorization object set.

Optionally, as shown in fig. 3, after the user enters the authorization setting function through the interactive page, authorization setting may be performed from three different dimensions, namely a sheet page, a control element, and a block element. And respectively generating authority configuration data corresponding to each dimension in the authorization setting process of the sheet page, the control element and the block element, respectively collecting the configuration data corresponding to each dimension through different mechanisms, and storing the configuration data to an authorization management data table.

Optionally, as shown in fig. 4, in accordance with a sheet page dimension, that is, in a sheet page authorization setting process, first configuration data, that is, a current form ID, a current sheet page ID, a first authorization object set corresponding to the sheet page, that is, an authorized object selected by a user, that is, multiple persons or work groups, and an authorization content corresponding to the first authorization object set, that is, an authorization content specified by the user (read only, writable, or invisible) are obtained from the sheet page authorization configuration data.

Further, based on the data collected in the foregoing, that is, the current form ID, the current sheet ID, the authorized object selected by the user, and the authority content specified by the user, a piece of result data for sheet authorization setting, that is, authorization data corresponding to the sheet page dimension, is generated. Further, the data is stored in an authorization management data table.

In an optional embodiment, in the process of determining target permission configuration data from the permission configuration data according to a plurality of target dimensions and generating authorization data corresponding to each target dimension, when a control element is an independent control element, second configuration data is obtained from the control permission configuration data according to the control element dimension, where the second configuration data at least includes the following five contents: and then generating authorization data corresponding to the dimensionality of the control element based on the form identifier, the page identifier, the identifier of the control element, a second authorization object set corresponding to the control element and the authority content corresponding to the second authorization object set.

Optionally, as shown in fig. 5, in the process of setting authorization for a control element, it is first required to determine whether the control element belongs to a block element, specifically, it is determined whether a superior control ID, that is, a block element ID, exists in permission configuration data of the control element by detecting whether the superior control ID, that is, the block element ID, exists in the permission configuration data of the control element, if the block element ID does not exist in the permission configuration data of the control element, it is determined that the control element is an independent control element, and if the block element ID exists in the permission configuration data of the control element, it is determined that the control element belongs to the block element.

Optionally, when the control element is an independent control element, that is, the control element does not belong to a block element, second configuration data, that is, a current form ID, a current sheet ID, a currently operated control ID, a second authorization object set corresponding to the control element, that is, an authorization object selected by a user, that is, multiple persons or work groups, and an authorization content corresponding to the second authorization object set, that is, an authorization content specified by the user (read-only, writable, or invisible) are obtained from the control authorization configuration data according to the dimension of the control element.

Further, based on the previously collected data, that is, the current form ID, the current sheet ID, the currently operated control ID, the authorized object selected by the user, and the authority content specified by the user, a piece of result data for the authorization setting of the control element, that is, authorization data corresponding to the dimension of the control element is generated. Further, the data is stored in an authorization management data table.

Optionally, as shown in fig. 5, in a case that the control element belongs to the block element, an error is reported, that is, the control in the block element cannot be authorized alone, and the authority of the control is consistent with the authority of the block element.

In an optional embodiment, in the process of respectively determining target authority configuration data from the authority configuration data according to a plurality of target dimensions and generating authorization data corresponding to each target dimension, third configuration data is obtained from the block authority configuration data according to the block element dimension, where the third configuration data at least includes the following five parts: and then generating authorization data corresponding to the dimension of the block element based on the form identifier, the page identifier, the identifier of the block element, the third set of authorization objects corresponding to the block element and the authority content corresponding to the third set of authorization objects.

Optionally, as shown in fig. 6, third configuration data, that is, the current form ID, the current sheet page ID, the current block ID, a third authorization object set corresponding to the block element, that is, an authorization object selected by the user, that is, multiple persons or work groups, and an authorization content corresponding to the third authorization object set, that is, an authorization content specified by the user (read-only, writable, or invisible) are obtained from the block authorization configuration data according to the dimension of the block element, that is, in the process of setting the authorization of the block element.

Further, a piece of result data for setting block element authorization, namely authorization data corresponding to the dimension of the block element, is generated based on the previously collected data, namely the current form ID, the current sheet ID, the current block ID, the authorized object selected by the user and the authority content specified by the user. Further, the data is stored in an authorization management data table. Optionally, the data corresponding to the authorized object selected by the user may be a person ID or a work group ID.

In an optional embodiment, in the process of determining the target operation authority of the target object according to the authorization management data table under the condition of receiving an operation instruction of the target object for managing at least one form, the operation authority of the target object on the page of the at least one form is determined according to the authorization management data table; if the operation authority of the page is the editable authority, determining the operation authority of the target object to the block elements contained in the page according to the authorization management data table; if the operation authority of the block element is editable, determining the operation authority of the target object to the control element according to the authorization management data table; and determining the target operation authority based on the operation authority of the page, the operation authority of the block element and the operation authority of the control element.

Optionally, as shown in fig. 7, in a case that an operation instruction for managing at least one form by a target object is received, that is, in a process that a user opens a form browsing page, it is necessary to perform permission verification on a current user, that is, to determine a target operation permission of the target object. Optionally, the operation authority of the current user may be determined according to the authorization management data table.

Optionally, the authority of the current user is checked and controlled in sequence according to the sequence of the sheet page, the block elements and the control elements. Optionally, if the operation authority of the page, that is, the operation authority of the sheet page, is editable or writable, the operation authority of the current user on the block elements included in the sheet page is determined continuously according to the authorization management data table. Further, if the operation authority of the block element is editable, namely writable, the operation authority of the current user on the control element is determined according to the authorization management data table. Further, based on the operation authority of the sheet page, the operation authority of the block element and the operation authority of the control element, the operation authority of the current user can be determined.

Optionally, if the operation permission of the sheet page is read-only or invisible, permission verification of subsequent block elements and control elements is not required. Optionally, for a control element outside the range of the block element, the authority of the control element is not limited by the block element, and therefore, the authority check needs to be performed on an independent control element.

Further, as shown in fig. 8, 9, and 10, after the authority of the current user is checked, the operation authority of the current user may be correspondingly controlled according to the check result, so as to allow the user to perform related operations.

In an optional embodiment, in the process of determining the operation permission of the target object on the page of the at least one form according to the authorization management data table, the identifier of the current form, the identifier of the target object, and the identifier of the current page are obtained, then, based on the identifier of the current form, the identifier of the current page, and the identifier of the target object, query operation is performed in the authorization management data table in a single authorization object mode to obtain a first operation permission of the target object on the page of the at least one form, then, according to the identifier of the target object, whether the target object belongs to the first authorization object set is determined, if the target object belongs to the first authorization object set, the identifier of the first authorization object set is obtained, and based on the identifier of the current form, the identifier of the current page, and the identifier of the first authorization object set, query operation is performed in the authorization management data table in an authorization object set mode to obtain a second operation permission of the target object on the page of the at least one form, and then, according to the first operation permission and the second operation permission, the operation permission of the target object on the page of the at least one form is determined.

Optionally, as shown in fig. 8, in the process of sheet right verification, that is, determining the operation right of the current user on the sheet, the current form ID, the current sheet ID, and the person ID of the current user are collected, and then, according to the data, query operation is performed in the authorization management data table in a single authorization object manner, so as to obtain the first operation right of the target object on the page of at least one form.

Alternatively, a single authorization object may be obtained by entering ObjectType of 1 in the authorization management data table. Specifically, the data collected in the foregoing process (current form ID, current sheet page ID, and person ID of the current user) is used to input the following parameters in the authorization management data table for retrieval: formID enters the current form ID, sheetID enters the current Sheet ID, blockID and ElementID do not enter data, objectType enters 1, objectID enters the personnel ID of the current user. And further, returning the content, namely the authority content, of the field with the Permission as the retrieval result to obtain the first operation authority.

And further, determining whether the target object belongs to a first authorized object set or not according to the identifier of the target object, if the target object belongs to the first authorized object set, acquiring the identifier of the first authorized object set, and performing query operation in an authorized management data table according to the identifier of the current form, the identifier of the current page and the identifier of the first authorized object set to obtain a second operation permission of the target object to the page of at least one form.

Specifically, the following parameters are input in the relation table of the work group and the staff by using the staff ID of the current user for searching: personID enters the person ID of the current user. Further, the returned search result is the work group ID which is the contents of the WorkgroupID field. Optionally, if the returned search result is null, it indicates that the current user does not belong to the workgroup.

Optionally, under the condition that the working group ID, that is, the identifier of the first authorized object set, is successfully returned, based on the current form ID, the current Sheet ID, and the working group ID, a query operation is performed in the authorization management data table in a manner of an authorized object set, so as to obtain a second operation permission of the target object to the page of the at least one form.

Alternatively, the manner of authorizing the object set may be to input ObjectType (authorizeable object type) of 2 in the authorization management data table. Specifically, the following parameters are input in the authorization management data table for retrieval by using the data (current form ID, current sheet page ID, and work group ID) collected in the foregoing process: formID inputs the current form ID, sheetID inputs the current Sheet ID, blockID and ElementID do not input data, objectType inputs 2, objectID inputs the returned WorkggroupID, the workgroup ID. Further, the content, namely the authority content, of the Permission field is returned as the retrieval result, and the second operation authority is obtained.

And further, determining the operation authority of the target object on the page of at least one form according to the first operation authority and the second operation authority. Specifically, a union of the first operation authority and the second operation authority is taken, that is, the maximum operation authority of the user on the sheet page.

Optionally, in the process of determining the operation authority of the target object on the block elements included in the page according to the authorization management data table, the identifier of the current form, the identifier of the current page, the identifier of each block element, and the identifier of the target object are obtained, then, based on the identifier of the current form, the identifier of the current page, the identifier of each block element, and the identifier of the target object, a query operation is performed in the authorization management data table in a single authorization object manner to obtain a third operation authority of the target object on the block elements included in the page, then, according to the identifier of the target object, whether the target object belongs to the second authorization object set is determined, if the target object belongs to the second authorization object set, the identifier of the second authorization object set is obtained, and, based on the identifier of the current form, the identifier of the current page, the identifier of each block element, and the identifier of the second authorization object set, a query operation is performed in the authorization management data table in an authorization object set manner to obtain a fourth operation authority of the block elements included in the page by the target object, and then, according to the third operation authority and the fourth operation authority, the operation authority to determine that the target object includes the block elements included in the page.

Optionally, as shown in fig. 9, in the process of checking the block element permission, that is, determining the operation permission of the current user on the block elements included in the sheet page, the current form ID, the current sheet page ID, the IDs of the block elements, and the person ID of the current user are collected, and then, according to the above data, a query operation is performed in the authorization management data table in a single authorization object manner, so as to obtain a third operation permission of the target object on the block elements included in the sheet page.

Alternatively, a single authorization object may be obtained by entering ObjectType of 1 in the authorization management data table. Specifically, the data collected in the foregoing process (current form ID, current sheet page ID, block element ID, and person ID of the current user) is used to input the following parameters in the authorization management data table for retrieval: formID enters the current form ID, sheetID enters the current Sheet ID, blockID enters the block element ID, elementID does not enter data, objectType enters 1, objectID enters the person ID of the current user. Further, the content, namely the Permission content, of the Permission field is returned as the retrieval result, and the third operation Permission is obtained.

And further, determining whether the target object belongs to a second authorized object set or not according to the identifier of the target object, if the target object belongs to the second authorized object set, acquiring the identifier of the second authorized object set, and performing query operation in an authorized object set mode in an authorized management data table based on the identifier of the current form, the identifier of the current page, the identifier of each block element and the identifier of the second authorized object set to obtain a fourth operation permission of the target object on the block elements contained in the page.

Optionally, under the condition that the work group ID, that is, the identifier of the second authorized object set, is successfully returned, based on the current form ID, the current Sheet page ID, the block element ID, and the work group ID, query operation is performed in the authorization management data table in a manner of an authorized object set, so as to obtain a fourth operation permission of the target object on the block element included in the Sheet page.

Alternatively, the manner of authorizing the object set may be to input ObjectType (authorizeable object type) of 2 in the authorization management data table. Specifically, the data (current form ID, current Sheet page ID, block element ID, and work group ID) collected in the foregoing process is used to input the following parameters in the authorization management data table for retrieval: formID inputs the current form ID, sheetID inputs the current Sheet ID, blockID inputs the block element ID, elementID does not input data, objectType inputs 2, objectID inputs the returned WorkgroupID, the workgroup ID. Further, the content, namely the authority content, of the Permission field is returned as the retrieval result, and the fourth operation authority is obtained.

And further, determining the operation authority of the target object on the block elements contained in the page according to the third operation authority and the fourth operation authority. Specifically, the union of the third operation right and the fourth operation right is taken, that is, the maximum operation right of the user to the block element.

Optionally, in the process of determining the operation permission of the target object on the control element according to the authorization management data table, the identifier of the current form, the identifier of the control element, and the identifier of the target object are obtained, then, based on the identifier of the current form, the identifier of the current page, the identifier of the control element, and the identifier of the target object, query operation is performed in the authorization management data table according to a single authorization object manner to obtain a fifth operation permission of the target object on the control element, then, according to the identifier of the target object, it is determined whether the target object belongs to a third authorization object set, if the target object belongs to the third authorization object set, the identifier of the third authorization object set is obtained, and, based on the identifier of the current form, the identifier of the current page, the identifier of the control element, and the identifier of the third authorization object set, query operation is performed in the authorization management data table according to the authorization object set manner to obtain a sixth operation permission of the target object on the control element, and then, according to the fifth operation permission and the sixth operation permission of the target object on the control element, the control element is determined.

Optionally, as shown in fig. 10, in the process of determining the operation permission of the target object to the control element through control element permission verification outside the block element range, first, it is determined whether the current control element belongs to the block element, and when the control element does not belong to the block element, that is, the control element is an independent control element, the current form ID, the current sheet page ID, the IDs of the control elements, and the person ID of the current user are collected, and then, according to the above data, query operation is performed in the authorization management data table in a single authorization object manner, so as to obtain a fifth operation permission of the target object to the control element.

Alternatively, the single authorization object may be obtained by entering ObjectType (an authorizeable object type) as 1 in the authorization management data table. Specifically, the data (current form ID, current sheet page ID, control element ID, and current user ID) collected in the foregoing process is used to input the following parameters in the authorization management data table for retrieval: formID enters the current form ID, sheetID enters the current Sheet ID, blockID does not enter data, elementID enters the control element ID, objectType enters 1, objectID enters the person ID of the current user. Further, the content, namely the Permission content, of the Permission field is returned as the retrieval result, and the fifth operation Permission is obtained.

And further, determining whether the target object belongs to a third authorized object set or not according to the identifier of the target object, if the target object belongs to the third authorized object set, acquiring the identifier of the third authorized object set, and performing query operation in an authorized object set mode in the authorization management data table based on the identifier of the current form, the identifier of the current page, the identifier of the control element and the identifier of the third authorized object set to obtain a sixth operation permission of the target object on the control element.

Optionally, under the condition that the workgroup ID, that is, the identifier of the third authorized object set, is successfully returned, based on the current form ID, the current Sheet ID, the control element ID, and the workgroup ID, query operation is performed in the authorization management data table in the manner of the authorized object set, so as to obtain a sixth operation permission of the target object on the control element.

Alternatively, the manner of authorizing the object set may be to input ObjectType (an authorizeable object type) of 2 in the authorization management data table. Specifically, the data (current form ID, current Sheet page ID, control element ID, and workgroup ID) collected in the foregoing process is used to input the following parameters in the authorization management data table for retrieval: formID enters the current form ID, sheetID enters the current Sheet ID, blockID does not enter data, elementID enters the control element ID, objectType enters 2, objectID enters the returned WorkgroupID, the workgroup ID. Further, the content, namely the Permission content, of the Permission field is returned as the retrieval result, and the sixth operation Permission is obtained.

And further, determining the operation authority of the target object on the control element according to the fifth operation authority and the sixth operation authority. Specifically, a union of the fifth operation permission and the sixth operation permission is taken, that is, the maximum operation permission of the user to the control element.

In an optional embodiment, before the permission configuration data of at least one form is obtained, a permission configuration instruction for the at least one form is responded, a page permission configuration option, a control permission configuration option and a block permission configuration option are displayed in a permission configuration area of the at least one form, then an authorization instruction for an authorization object set is responded, page permission configuration, control permission configuration and block permission configuration are respectively carried out on the authorization object set based on the page permission configuration option, the control permission configuration option and the block permission configuration option, then permission configuration data generated in the process of carrying out page permission configuration, control permission configuration and block permission configuration on the authorization object set are obtained, and the permission configuration data of the at least one form are generated.

Optionally, as shown in fig. 3, firstly, in response to the permission configuration instruction for the at least one form, the permission configuration is performed on the at least one form. Optionally, the page permission configuration option, the control permission configuration option, and the block permission configuration option are displayed in the permission configuration area of at least one form, and a user may select the Sheet authorization setting, the control element authorization setting, and the block element authorization setting to perform specific permission configuration respectively. The authorization method comprises the steps of responding to an authorization instruction of an authorization object set, respectively carrying out Sheet right configuration, control right configuration and block right configuration on the authorization object set based on a Sheet right configuration option, a control right configuration option and a block right configuration option, then obtaining right configuration data generated in the process of carrying out the Sheet right configuration, the control right configuration and the block right configuration on the authorization object set, and generating right configuration data of at least one form.

Example 2

According to an embodiment of the present invention, an embodiment of a form authority management apparatus is provided, where fig. 11 is a schematic diagram of an alternative form authority management apparatus according to an embodiment of the present invention, and as shown in fig. 11, the apparatus includes: an obtaining module 1101, configured to obtain permission configuration data of at least one form, where the permission configuration data at least includes page permission configuration data, control permission configuration data, and block permission configuration data; the first determining module 1102 is configured to determine target permission configuration data from the permission configuration data according to a plurality of target dimensions, respectively, generate authorization data corresponding to each target dimension, and obtain an authorization data set, where a target dimension is one of: page dimensions, control element dimensions, block element dimensions; a processing module 1103, configured to generate an authorization management data table based on an authorization data set, where the authorization management data table is used to represent a corresponding relationship between authorization data and an authorization object set, the authorization object set includes at least one authorization object, and the authorization object is an object for managing at least one form; and a second determining module 1104, configured to determine a target operation permission of the target object according to the authorization management data table when an operation instruction that the target object manages the at least one form is received, so that the target object manages the at least one form according to the target operation permission, where the target object is an object in the authorization object set.

It should be noted that the acquiring module 1101, the first determining module 1102, the processing module 1103, and the second determining module 1104 correspond to steps S101 to S104 in the foregoing embodiment, and the four modules are the same as the corresponding steps in the implementation example and application scenario, but are not limited to the disclosure in embodiment 1.

Optionally, the first determining module includes: the first obtaining module is used for obtaining first configuration data from the page authority configuration data according to the page dimension, wherein the first configuration data at least comprises the following four parts: the method comprises the steps of identifying a form, identifying a page, a first authorized object set corresponding to the page and authority content corresponding to the first authorized object set; and the first processing module is used for generating authorization data corresponding to the page dimension based on the form identifier, the page identifier, the first authorization object set and the authority content corresponding to the first authorization object set.

Optionally, the first determining module includes: a second obtaining module, configured to obtain second configuration data from the control permission configuration data according to the dimension of the control element when the control element is an independent control element, where the second configuration data at least includes the following five contents: the method comprises the steps of identifying a form, a page, an identifier of a control element, a second authorized object set corresponding to the control element and authority content corresponding to the second authorized object set; and the second processing module is used for generating authorization data corresponding to the control element dimension based on the form identifier, the page identifier, the identifier of the control element, the second authorization object set and the authority content corresponding to the second authorization object set.

Optionally, the first determining module includes: a third obtaining module, configured to obtain third configuration data from the block authority configuration data according to the dimension of the block element, where the third configuration data at least includes the following five contents: form identification, page identification, identification of block elements, a third authorized object set corresponding to the block elements and authority content corresponding to the third authorized object set; and the third processing module is used for generating authorization data corresponding to the dimension of the block element based on the form identifier, the page identifier, the identifier of the block element, the third authorized object set and the authority content corresponding to the third authorized object set.

Optionally, the second determining module includes: the third determining module is used for determining the operation authority of the target object to the page of at least one form according to the authorization management data table; the fourth determining module is used for determining the operation authority of the target object to the block elements contained in the page according to the authorization management data table if the operation authority of the page is editable; the fifth determining module is used for determining the operation authority of the target object to the control element according to the authorization management data table if the operation authority of the block element is editable; and the sixth determining module is used for determining the target operation authority based on the operation authority of the page, the operation authority of the block element and the operation authority of the control element.

Optionally, the third determining module includes: the fourth obtaining module is used for obtaining the identifier of the current form, the identifier of the current page and the identifier of the target object; the first query module is used for performing query operation in the authorization management data table according to a single authorization object mode based on the identifier of the current form, the identifier of the current page and the identifier of the target object to obtain a first operation authority of the target object to the page of at least one form; a seventh determining module, configured to determine whether the target object belongs to the first authorized object set according to the identifier of the target object; a fifth obtaining module, configured to obtain an identifier of the first authorized object set if the target object belongs to the first authorized object set, and perform query operation in the authorization management data table according to the identifier of the current form, the identifier of the current page, and the identifier of the first authorized object set, to obtain a second operation permission of the target object on the page of the at least one form; and the eighth determining module is used for determining the operation authority of the target object on the page of at least one form according to the first operation authority and the second operation authority.

Optionally, the form right management apparatus further includes: the fourth processing module is used for responding to the permission configuration instruction of at least one form; the fifth processing module is used for displaying a page permission configuration option, a control permission configuration option and a block permission configuration option in a permission configuration area of at least one form; the sixth processing module is used for responding to an authorization instruction for the authorization object set, and respectively performing page authority configuration, control authority configuration and block authority configuration on the authorization object set based on the page authority configuration option, the control authority configuration option and the block authority configuration option; and the seventh processing module is used for acquiring authority configuration data generated in the process of performing page authority configuration, control authority configuration and block authority configuration on the authorization object set and generating the authority configuration data of at least one form.

Example 3

Example 4

Example 5

The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.

In the above embodiments of the present invention, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.

In the embodiments provided in the present application, it should be understood that the disclosed technology can be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units may be a logical division, and in actual implementation, there may be another division, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, units or modules, and may be in an electrical or other form.

The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.

In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.

The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.

The foregoing is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.

Claims

1. A form authority management method is applied to a management information system, the management information system comprises at least one form, and the method comprises the following steps:

acquiring authority configuration data of the at least one form, wherein the authority configuration data at least comprises page authority configuration data, control authority configuration data and block authority configuration data;

according to a plurality of target dimensions, respectively determining target permission configuration data from the permission configuration data, generating authorization data corresponding to each target dimension, and obtaining an authorization data set, wherein the target dimension is one of the following: page dimensions, control element dimensions, block element dimensions;

generating an authorization management data table based on the authorization data set, wherein the authorization management data table is used for representing the corresponding relation between the authorization data and an authorization object set, the authorization object set comprises at least one authorization object, and the authorization object is an object for managing the at least one form;

and under the condition that an operation instruction for managing the at least one form by a target object is received, determining a target operation authority of the target object according to the authorization management data table so that the target object manages the at least one form according to the target operation authority, wherein the target object is an object in the authorization object set.

2. The method of claim 1, wherein determining target permission configuration data from the permission configuration data according to a plurality of target dimensions, and generating authorization data corresponding to each target dimension comprises:

according to the page dimension, first configuration data are obtained from the page authority configuration data, wherein the first configuration data at least comprise the following four parts: the method comprises the steps of identifying a form, identifying a page, a first authorized object set corresponding to the page and authority content corresponding to the first authorized object set;

and generating authorization data corresponding to the page dimension based on the form identifier, the page identifier, the first authorization object set and the authority content corresponding to the first authorization object set.

3. The method of claim 1, wherein determining target permission configuration data from the permission configuration data according to a plurality of target dimensions, and generating authorization data corresponding to each target dimension comprises:

under the condition that the control element is an independent control element, acquiring second configuration data from the control permission configuration data according to the dimension of the control element, wherein the second configuration data at least comprises the following five parts of contents: form identification, page identification, identification of the control element, a second authorized object set corresponding to the control element and authority content corresponding to the second authorized object set;

and generating authorization data corresponding to the control element dimension based on the form identifier, the page identifier, the identifier of the control element, the second authorization object set and the authority content corresponding to the second authorization object set.

4. The method of claim 1, wherein determining target permission configuration data from the permission configuration data according to a plurality of target dimensions, and generating authorization data corresponding to each target dimension comprises:

obtaining third configuration data from the block authority configuration data according to the dimension of the block element, wherein the third configuration data at least comprises the following five parts: form identification, page identification, identification of block elements, a third authorized object set corresponding to the block elements and authority content corresponding to the third authorized object set;

and generating authorization data corresponding to the dimension of the block element based on the form identifier, the page identifier, the identifier of the block element, the third set of authorization objects and the authority content corresponding to the third set of authorization objects.

5. The method of claim 1, wherein in a case where an operation instruction for a target object to manage the at least one form is received, determining a target operation authority of the target object according to the authorization management data table includes:

determining the operation authority of the target object to the page of the at least one form according to the authorization management data table;

if the operation authority of the page is editable authority, determining the operation authority of the target object to the block elements contained in the page according to the authorization management data table;

if the operation authority of the block element is editable authority, determining the operation authority of the target object to the control element according to the authorization management data table;

and determining the target operation authority based on the operation authority of the page, the operation authority of the block element and the operation authority of the control element.

6. The method of claim 5, wherein determining the operation right of the target object to the page of the at least one form according to the authorization management data table comprises:

acquiring an identifier of a current form, an identifier of a current page and an identifier of the target object;

based on the identifier of the current form, the identifier of the current page and the identifier of the target object, performing query operation in the authorization management data table in a single authorization object mode to obtain a first operation permission of the target object to the page of the at least one form;

determining whether the target object belongs to a first authorized object set or not according to the identification of the target object;

if the target object belongs to the first authorized object set, acquiring an identifier of the first authorized object set, and performing query operation in the authorization management data table according to an authorized object set mode based on the identifier of the current form, the identifier of the current page and the identifier of the first authorized object set to obtain a second operation permission of the target object to the page of the at least one form;

and determining the operation authority of the target object to the page of the at least one form according to the first operation authority and the second operation authority.

7. The method of claim 1, wherein prior to obtaining the authorization configuration data for the at least one form, the method further comprises:

responding to the permission configuration instruction of the at least one form;

displaying a page permission configuration option, a control permission configuration option and a block permission configuration option in a permission configuration area of the at least one form;

responding to an authorization instruction of the authorization object set, and respectively performing page authority configuration, control authority configuration and block authority configuration on the authorization object set based on the page authority configuration option, the control authority configuration option and the block authority configuration option;

and acquiring authority configuration data generated in the process of performing the page authority configuration, the control authority configuration and the block authority configuration on the authorization object set to generate the authority configuration data of the at least one form.

8. A form authority management apparatus, comprising:

the system comprises an acquisition module, a storage module and a processing module, wherein the acquisition module is used for acquiring authority configuration data of at least one form, and the authority configuration data at least comprises page authority configuration data, control authority configuration data and block authority configuration data;

a first determining module, configured to determine target permission configuration data from the permission configuration data according to a plurality of target dimensions, respectively, generate authorization data corresponding to each target dimension, and obtain an authorization data set, where the target dimension is one of: page dimensions, control element dimensions, block element dimensions;

the processing module is used for generating an authorization management data table based on the authorization data set, wherein the authorization management data table is used for representing the corresponding relation between the authorization data and an authorization object set, the authorization object set comprises at least one authorization object, and the authorization object is an object for managing the at least one form;

and a second determining module, configured to determine, according to the authorization management data table, a target operation permission of the target object when an operation instruction for managing the at least one form by the target object is received, so that the target object manages the at least one form according to the target operation permission, where the target object is an object in the authorization object set.

9. A computer-readable storage medium, in which a computer program is stored, wherein the computer program is arranged to execute the form right management method of any of claims 1 to 7 when executed.

10. An electronic device, characterized in that the electronic device comprises one or more processors; memory for storing one or more programs which, when executed by the one or more processors, cause the one or more processors to implement a method for running a program, wherein the program is arranged to perform the form right management method of any of claims 1 to 7 when run.