CN116305032A - Method and system for accessing system permission in sharing page application - Google Patents

Method and system for accessing system permission in sharing page application Download PDF

Info

Publication number
CN116305032A
CN116305032A CN202310157793.7A CN202310157793A CN116305032A CN 116305032 A CN116305032 A CN 116305032A CN 202310157793 A CN202310157793 A CN 202310157793A CN 116305032 A CN116305032 A CN 116305032A
Authority
CN
China
Prior art keywords
access address
page application
database
access
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202310157793.7A
Other languages
Chinese (zh)
Other versions
CN116305032B (en
Inventor
杨娟
刘露
邵伯仲
翟士丹
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Haizhi Xingtu Technology Co ltd
Original Assignee
Beijing Haizhi Xingtu Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Haizhi Xingtu Technology Co ltd filed Critical Beijing Haizhi Xingtu Technology Co ltd
Priority to CN202310157793.7A priority Critical patent/CN116305032B/en
Publication of CN116305032A publication Critical patent/CN116305032A/en
Application granted granted Critical
Publication of CN116305032B publication Critical patent/CN116305032B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Automation & Control Theory (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to the technical field of page application access, in particular to a method and a system for accessing system permission in sharing page application. The method and the system for accessing the system permission in the sharing page application comprise the following steps: creating a shared page application and a first access address corresponding to the page application, and adding the first access address into a white list of a database, wherein the first access address of the white list represents an address allowing access to the database; adding a mark to the first access address to form a second access address, wherein the second access address represents the access address with the mark; presetting a service corresponding to the mark in a database; filtering the request of the second access address according to a filter preset in the database; if the filter intercepts the second access address request, giving a service corresponding to the page application of the second access address; content operating in the shared page application is cached at a specified location based on the service to which the tag corresponds.

Description

Method and system for accessing system permission in sharing page application
Technical Field
The invention relates to the technical field of page application access, in particular to a method and a system for accessing system permission in sharing page application.
Background
There is a need in the conventional Web system to share a page without logging in to a foreground (the Web system is divided into a foreground and a background) visitor, for example, a knowledge graph page of an enterprise is shared to staff inside the enterprise or external staff to view, it is obvious that the staff inside and the staff outside can share different rights in the shared knowledge graph, and for different staff, visible data and executable function menus need to be controlled by different rights. In this case, the administrator is used to configure the sharing page in the background, and the links are shared to the relevant personnel. When the related personnel are used as visitors and receive the shared knowledge graph page, the application on the page and the use page can be checked without logging in and authority. At this time, if the visitor wants to modify some parameters on the page or use related functions that the visitor does not have permission, a permission access scheme needs to be provided for each page visitor without affecting the original permission functions.
Therefore, it is necessary to create a login-free page application that can be shared for multiple visitors, and an administrator needs to set the permissions of the visitors on the shared page application for different visitors, so that the visitors can perform corresponding operations on the page application according to the owned permissions, and the actions not only increase the workload of the administrator, but also are not easy to manage the subsequent modification of the page application.
In view of the foregoing, there is a need for a method that can share pages for multiple visitors, and that does not affect the background when the visitor performs a modification operation on the pages.
Disclosure of Invention
The invention aims to provide a method for accessing system permission in a page sharing application, which can share pages for a plurality of visitors and does not influence a background database when the visitors modify the pages;
the first aspect of the present invention provides a method for accessing system permissions in a sharing page application, the method comprising:
creating a shared page application and a first access address corresponding to the page application, and adding the first access address into a white list of a database, wherein the first access address of the white list represents an address allowing access to the database;
adding a mark to the first access address to form a second access address, wherein the second access address represents the access address with the mark;
presetting a service corresponding to a mark in the database;
filtering the request of the second access address according to a preset filter in the database;
if the filter intercepts the second access address request, giving the service corresponding to the page application of the second access address;
and based on the service corresponding to the mark, the content operated in the shared page application is cached in a specified position.
In one implementation manner, the step of creating the shared page application and the first access address corresponding to the page application, and adding the first access address to the white list of the database includes:
and creating a page application with unrestricted access to the service, and configuring the first access address for the page application.
In one manner of implementation, the step of adding a tag to the first access address to form a second access address includes:
adding a request header to the first access address, wherein the request header represents a tag added at the first access address;
and combining the first access address and the request head to form the second access address.
In one implementation manner, the step of presetting the service corresponding to the tag in the database includes:
and creating services by the marking operation of the database according to different marks.
In one implementation manner, the step of filtering the request of the second access address according to a filter preset in the database includes:
creating the filter capable of intercepting the mark;
according to the established filter, intercepting the request with the marked second access address.
In one implementation manner, if the filter intercepts the second access address request, the step of applying a corresponding service to the page with the second access address includes:
if the filter intercepts the second access address request, according to the mark of the second access address, giving the service corresponding to the page application of the second access address;
and giving the service operated by the page application according to the service corresponding to the page application.
In one implementation manner, the step of caching the content operated in the shared page application at a specified location based on the service corresponding to the tag includes:
establishing a cache space and associating the cache space with the shared page application with the tag;
and caching the operation of the shared page application in the cache space.
The second aspect of the present invention provides a knowledge graph data compression and decompression system, including the aforementioned method for accessing system rights in a sharing page application, where the system includes:
the system comprises a creation unit, a storage unit and a storage unit, wherein the creation unit is used for creating a shared page application and a first access address corresponding to the page application, and adding the first access address into a white list of a database, wherein the first access address of the white list represents an address allowing access to the database;
a marking unit, configured to add a mark to the first access address to form a second access address, where the second access address represents an access address with a mark;
the marking service unit is used for presetting a service corresponding to the marking in the database;
the filtering unit is used for filtering the request of the second access address according to a filter preset in the database;
a corresponding unit, configured to, if the filter intercepts the second access address request, assign a service corresponding to the page application of the second access address;
and the caching unit is used for caching the content operated in the shared page application at a specified position based on the service corresponding to the mark.
A third aspect of the present invention provides a computer device comprising a memory storing a computer program and a processor implementing the steps of the aforementioned method of accessing system permissions in a shared page application when the computer program is executed.
A fourth aspect of the present invention is to provide a computer storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the aforementioned method of accessing system permissions in a sharing page application.
The invention has the beneficial effects that:
and creating a shared page application and a first access address corresponding to the page application, and adding the first access address into a white list of the database, wherein the database can be accessed through the white list. And adding a mark to the first access address to form a second access address, presetting a service corresponding to the specific mark access address in a database, filtering a request of the second access address according to a filter preset in the database, endowing the page application with the corresponding service according to the mark of the second access address when the second access address is obtained, operating the page application after receiving the page application with the service by a visitor, and caching the operation content at a designated position. The method has the advantages that the original system is slightly changed, the invasiveness is lower, various access permission modes are supported, the security is ensured by limiting the used role permission, and the respective operations of different page visitors for accessing the same page application are not mutually influenced, so that the complete isolation is realized.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are needed in the description of the embodiments or the prior art will be briefly described, and it is obvious that the drawings in the description below are some embodiments of the present invention, and other drawings can be obtained according to the drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a method for accessing system permissions in a shared page application in accordance with the present invention;
FIG. 2 is a flow chart of steps of a method for accessing system permissions in a shared page application according to the present invention;
FIG. 3 is a flowchart illustrating steps for a visitor to access a service page application in a method for sharing system permissions in the page application according to the present invention;
FIG. 4 is a flowchart illustrating a second access address forming step of a method for accessing system permissions in a sharing page application according to the present invention;
FIG. 5 is a flowchart showing steps for marking a service authority of a database in a method for accessing system authorities in a shared page application;
FIG. 6 is a flowchart showing the steps of finding a corresponding service through a request parameter of a request service code in a method for accessing system permissions in a sharing page application according to the present invention;
FIG. 7 is a flowchart illustrating a method for accessing system permissions in a shared page application for providing services corresponding to a page application with a second access address;
fig. 8 is a flowchart illustrating steps of a method for accessing system permissions in a sharing page application according to the present invention, where operation results are stored in different positions according to different permissions.
Detailed Description
In the description of the embodiments of the present invention, those skilled in the art will appreciate that the embodiments of the present invention may be implemented as a method, an apparatus, an electronic device, and a computer-readable storage medium. Thus, embodiments of the present invention may be embodied in the following forms: complete hardware, complete software (including firmware, resident software, micro-code, etc.), a combination of hardware and software. Furthermore, in some embodiments, embodiments of the invention may also be implemented in the form of a computer program product in one or more computer-readable storage media having computer program code embodied therein.
Any combination of one or more computer-readable storage media may be employed by the computer-readable storage media described above. The computer-readable storage medium includes: an electrical, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination thereof. More specific examples of the computer readable storage medium include the following: portable computer diskette, hard disk, random Access Memory (RAM), read-only Memory (ROM), erasable programmable read-only Memory (EPROM), flash Memory (Flash Memory), optical fiber, compact disc read-only Memory (CD-ROM), optical storage device, magnetic storage device, or any combination thereof. In embodiments of the present invention, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, device.
The computer program code embodied in the computer readable storage medium may be transmitted using any appropriate medium, including: wireless, wire, fiber optic cable, radio Frequency (RF), or any suitable combination thereof.
Computer program code for carrying out operations of embodiments of the present invention may be written in assembly instructions, instruction Set Architecture (ISA) instructions, machine-related instructions, microcode, firmware instructions, state setting data, integrated circuit configuration data, or in one or more programming languages, or combinations thereof, including an object oriented programming language such as: java, smalltalk, C ++, also include conventional procedural programming languages, such as: c language or similar programming language. The computer program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of remote computers, the remote computers may be connected via any sort of network, including: a Local Area Network (LAN) or a Wide Area Network (WAN), which may be connected to the user's computer or to an external computer.
The embodiment of the invention describes a method, a device and electronic equipment through flowcharts and/or block diagrams.
It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer-readable program instructions. These computer-readable program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks.
These computer readable program instructions may also be stored in a computer readable storage medium that can cause a computer or other programmable data processing apparatus to function in a particular manner. Thus, instructions stored in a computer-readable storage medium produce an instruction means which implement the functions/acts specified in the flowchart and/or block diagram block or blocks.
The computer readable program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other devices to cause a series of operational steps to be performed on the computer, other programmable apparatus or other devices to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide processes for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks.
The terms first and second and the like in the description and in the claims of embodiments of the invention, are used for distinguishing between different objects and not necessarily for describing a particular sequential order of objects. For example, the first target object and the second target object, etc., are used to distinguish between different target objects, and are not used to describe a particular order of target objects.
In embodiments of the invention, words such as "exemplary" or "such as" are used to mean serving as an example, instance, or illustration. Any embodiment or design described herein as "exemplary" or "e.g." in an embodiment should not be taken as preferred or advantageous over other embodiments or designs. Rather, the use of words such as "exemplary" or "such as" is intended to present related concepts in a concrete fashion.
In the description of the embodiments of the present invention, unless otherwise indicated, the meaning of "a plurality" means two or more. For example, the plurality of processing units refers to two or more processing units; the plurality of systems means two or more systems.
The terms are explained below.
The foreground and the background are related contents displayed on a webpage opened by a user through a browser. The background is a matched display page developed for managing the display content of the foreground, is usually used by a manager, comprises identity recognition means such as an account, a password and the like, and can be correspondingly called as a front end and a back end.
Code, the Code is to replace one word or phrase with another word, number or sign to hide the original word or phrase, which mainly plays the role of replacement.
As shown in fig. 1 and fig. 2, a first aspect of the present application provides a method for accessing system permissions in a sharing page application, including:
s100: and creating a shared page application and a first access address corresponding to the page application, and adding the first access address into a white list of a database.
Wherein the first access address of the white list represents an address where access to the database is allowed.
Specifically, when a visitor wants to access a page application, such as a Web system, in the foreground, an administrator creates the page application to be accessed by the visitor in the background, and configures a first access address for the page application so as to access the page application through the first access address. And adding the first access address into a white list of the database so as to enable the first access address to smoothly access the database and obtain information in the database.
Incidentally, the page application of the visitor access service includes step S101.
As shown in fig. 3, S101: a page application for unrestricted access to a service is created and a first access address is configured for the page application.
When the number of visitors is plural, since the service content of each visitor is different, a page application of access service which is not limited can be created in advance, for example, a knowledge graph of a query is published as a page application which can be directly accessed, so that the page application of the knowledge graph can be accessed by all visitors, and in addition, a first access address is configured for the page application. The first access address can be smoothly accessed into the database, and data in the database can be acquired.
S200: a tag is added to the first access address to form a second access address.
Wherein the second access address represents an access address with a tag.
Specifically, the second access address is marked on the basis of the first access address, and the mark can be added at the address head of the first access address or at the address tail. When the database is accessed through the second access address, the first access address is utilized for access, and the authority corresponding to the mark is checked.
The formation of the second access address includes steps S201 and S202.
As shown in fig. 4, S201: a request header is added for the first access address.
Wherein the request header represents a tag added at the first access address.
Specifically, the request header adds a header at the first access address, e.g., the request header at the first access address carries an application code. The application page code is imported into the front-end request header so that the application code is attached to the front-end request header and the visitor can open the page application with the request header.
The request header carries corresponding parameters for parsing and checking according to the parameters of the request header. The parameters may represent service content.
S202: the first access address and the request header are combined to form a second access address.
Wherein the request header and the first access address are combined to form a new access address, forming a second access address. The page application is accessed using the second access address. When the page application is accessed using the second access address, the background splits the second access address into the first access address plus the request header and accesses the database in that manner.
S300: and presetting the service corresponding to the mark in the database.
When the mark is filtered, the service corresponding to the mark can be presented to the visitor so that the visitor can realize the corresponding inquiry and other operations.
Specifically, the service authority of the flag setting database includes step S301.
As shown in fig. 5, S301: and creating services by the marking operation of the database according to different marks.
The present application is not limited thereto, and several kinds of flags may be set according to the authority, and then each of the flags corresponds to one access address.
For example, two login modes can be set in the page application, wherein one login mode needs to be clicked to log in, namely, the page application can be logged in only by verification; the other way is to log in without authentication, i.e. the page application can be logged in. Different login modes represent different rights, and a manager creates different data services and functional rights for the different login modes in the background and binds different roles to the user or the created services. That is, different roles through login and no-login are bound into the user or created service. So as to purposefully manage and release rights for different roles of login and login-free.
The two different login modes can be realized by configuring a request head, for example, the access connection with the code of the corresponding service is generated by different roles of corresponding login and no-login. The access connection through different codes has different authorities.
S400: and filtering the request of the second access address according to a filter preset in the database.
Wherein a filter is built in the database for filtering the request header in order to determine the rights that the second access address should have.
Specifically, finding a corresponding service through a request parameter of a request service code includes steps S401 and S402.
As shown in fig. 6, S401: a filter is created that is capable of intercepting the mark.
Wherein, an address filter for accessing the database is created for the database, and the access address can be filtered through the filter so as to perform subsequent operations according to the filtering result.
S402: according to the established filter, a request with a marked second access address is intercepted.
When the database is accessed by the second access address, the operation such as query is performed, the operation is filtered by the created filter, and when the database is accessed by the second access address with the request head, the operation is intercepted by the filter. The filter gives different rights to the second access address having the request header according to a predetermined program.
When the first access address is input in the browser, the filter filters the first access address, analyzes whether the request contains an application code, and when the code is not set in the first access address, the first access address is a white list and directly accesses the database.
S500: and if the filter intercepts the second access address request, applying the corresponding service to the page with the second access address.
When the filter intercepts the second access address, the corresponding service is given according to the service of the request head given the second access address.
Specifically, the service corresponding to the page application given the second access address includes the steps of: s501 to S502.
As shown in fig. 7, S501: if the filter intercepts the second access address request, the service corresponding to the page application of the second access address is given according to the mark of the second access address.
When the filter intercepts the second access address request, the parameter carried by the request head of the second access address is analyzed and checked. So as to access single sign-on or login-free according to the analysis and verification results.
S502: and giving the service operated by the page application according to the service corresponding to the page application.
When the filter intercepts different access address requests, the filter is configured to the service of different page application operations in the database according to the analysis and verification results of different request heads.
Illustratively, when the visitor enters the second access address into the browser, the second access address is first filtered by the filter.
If the request header of the second access address is login-free, acquiring the authority of the login-free role according to the request header, jumping to a corresponding page, simulating user login in the foreground through a user built in the background, and giving corresponding operation service.
If the second access address has the request head which is logged in, the authority of the login role is obtained according to the request head, namely, the visitor single-point login jumps to the single-point login page, and after verification is successful in logging in, the visitor single-point login jumps to the service page so as to execute corresponding operation service through the service page.
The data and function menu of the visitor are filtered according to the role filter, wherein the service used by the login-free party is a service of a pre-bound role (the service content is preset in the background and can be understood as having a certain service limit); single sign-on uses roles owned by the registrar.
S600: content operating in the shared page application is cached at a specified location based on the service to which the tag corresponds.
According to different login modes of login-free and single-point login, rendering pages, rendering corresponding page applications according to different authorities obtained by different login modes, for example, rendering corresponding knowledge-graph pages, and storing operation results at different positions according to different authorities.
Specifically, storing the operation result in different locations according to different rights includes steps S601 and S602.
As shown in fig. 8, S601: a cache space is established and associated with the shared page application having the tag.
Wherein, a buffer space is established in the foreground or the background, and the buffer space is associated with the shared page application, so that the operation performed in the page application can be buffered in the buffer space. If the number of visitors is large in the case of establishing the buffer space in the background, it is necessary to establish a large number of corresponding buffer spaces, and therefore, it is preferable to establish the buffer space in the foreground and store the operation of the visitors in the buffer space in the foreground.
S602: the operation of the shared page application is cached in the cache space.
The visitor without login and single sign-on represents two types of users, and the visitor without login represents anonymous users, namely, unnamed users. The single sign-on user represents a system registered user.
Secondly, aiming at two different visitors, when the shared page application is operated, the login-free user can perform addition, deletion and modification operations on the page application, and the addition, deletion and modification operations are cached at the front end. In this way, the operations among a plurality of login-free visitors are not affected, but the corresponding ground login user is stateless for the background, i.e. the background does not provide services for the login-free operation. In contrast, the single sign-on visitor is a system registration user, and can add, delete and modify the shared page application, and correspondingly adjust the data in the database of the background.
In summary, according to the method for sharing the access system permission in the page application, when a visitor issues any page application without login, the function that the permission is needed to be used can be realized in a page without login. Meanwhile, the original system is less in change and lower in invasiveness, various access permission modes are supported, safety is guaranteed by limiting the used role permission, and the respective operations of different page visitors for accessing the same page application cannot be mutually influenced, so that complete isolation is realized.
In addition, the access address is marked, so that the access address can be used as single sign-on or as login-free, and the marking is used for distinguishing the single sign-on from the login-free. Specifically, the service authority in the database may be set according to the tag, and the service content corresponding to the visitor, such as the data and the function menu, is returned according to the analysis and the verification of the tag, which is not limited in this application.
The second aspect of the present application provides a method for accessing system rights in a sharing page application, including the foregoing method for accessing system rights in a sharing page application, where the system includes:
the system comprises a creation unit, a storage unit and a storage unit, wherein the creation unit is used for creating a shared page application and a first access address corresponding to the page application, and adding the first access address into a white list of a database, wherein the first access address of the white list represents an address allowing access to the database;
a marking unit, configured to add a mark to the first access address to form a second access address, where the second access address represents an access address with a mark;
the marking service unit is used for presetting a service corresponding to the marking in the database;
the filtering unit is used for filtering the request of the second access address according to a filter preset in the database;
a corresponding unit, configured to, if the filter intercepts the second access address request, assign a service corresponding to the page application of the second access address;
and the caching unit is used for caching the content operated in the shared page application at a specified position based on the service corresponding to the mark.
A third aspect of the present application provides a computer device comprising a memory storing a computer program and a processor implementing the steps of the aforementioned method of accessing system permissions in a shared page application when the computer program is executed.
A fourth aspect of the present application provides a computer storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of the aforementioned method of accessing system permissions in a sharing page application.
Finally, it should be noted that: the above embodiments are only for illustrating the technical solution of the present invention, and not for limiting the same; although the invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some or all of the technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit of the invention.

Claims (10)

1. A method for accessing system permissions in a sharing page application, comprising:
creating a shared page application and a first access address corresponding to the page application, and adding the first access address into a white list of a database, wherein the first access address of the white list represents an address allowing access to the database;
adding a mark to the first access address to form a second access address, wherein the second access address represents the access address with the mark;
presetting a service corresponding to a mark in the database;
filtering the request of the second access address according to a preset filter in the database;
if the filter intercepts the second access address request, giving the service corresponding to the page application of the second access address;
and based on the service corresponding to the mark, the content operated in the shared page application is cached in a specified position.
2. The method for accessing system permissions in a shared page application according to claim 1, wherein the creating the shared page application and a first access address corresponding to the page application, and adding the first access address to a white list of a database, includes:
and creating a page application with unrestricted access to the service, and configuring the first access address for the page application.
3. The method for accessing system permissions in a sharing page application of claim 1, wherein the step of adding a tag to the first access address to form a second access address comprises:
adding a request header to the first access address, wherein the request header represents a tag added at the first access address;
and combining the first access address and the request head to form the second access address.
4. The method for accessing system permissions in a sharing page application according to claim 1, wherein the step of presetting a service corresponding to a tag in the database includes:
and creating services by the marking operation of the database according to different marks.
5. The method for accessing system permissions in a sharing page application according to claim 1, wherein the step of filtering the request of the second access address according to a filter preset in the database includes:
creating the filter capable of intercepting the mark;
according to the established filter, intercepting the request with the marked second access address.
6. The method for accessing system permissions in a shared page application according to claim 1, wherein the step of assigning a service corresponding to the page application of the second access address if the filter intercepts the second access address request includes:
if the filter intercepts the second access address request, according to the mark of the second access address, giving the service corresponding to the page application of the second access address;
and giving the service operated by the page application according to the service corresponding to the page application.
7. The method for accessing system permissions in a shared page application according to claim 1, wherein the step of caching content operating in the shared page application at a specified location based on the service corresponding to the tag comprises:
establishing a cache space and associating the cache space with the shared page application with the tag;
and caching the operation of the shared page application in the cache space.
8. A method for accessing system permissions in a sharing page application, comprising the method for accessing system permissions in a sharing page application according to any of claims 1-7, the system comprising:
the system comprises a creation unit, a storage unit and a storage unit, wherein the creation unit is used for creating a shared page application and a first access address corresponding to the page application, and adding the first access address into a white list of a database, wherein the first access address of the white list represents an address allowing access to the database;
a marking unit, configured to add a mark to the first access address to form a second access address, where the second access address represents an access address with a mark;
the marking service unit is used for presetting a service corresponding to the marking in the database;
the filtering unit is used for filtering the request of the second access address according to a filter preset in the database;
a corresponding unit, configured to, if the filter intercepts the second access address request, assign a service corresponding to the page application of the second access address;
and the caching unit is used for caching the content operated in the shared page application at a specified position based on the service corresponding to the mark.
9. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor, when executing the computer program, implements the steps of the method of accessing system permissions in a shared page application of any of claims 1 to 7.
10. A computer storage medium having stored thereon a computer program, which when executed by a processor implements the steps of the method of accessing system permissions in a shared page application of any of claims 1 to 7.
CN202310157793.7A 2023-02-14 2023-02-14 Method and system for accessing system permission in sharing page application Active CN116305032B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310157793.7A CN116305032B (en) 2023-02-14 2023-02-14 Method and system for accessing system permission in sharing page application

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310157793.7A CN116305032B (en) 2023-02-14 2023-02-14 Method and system for accessing system permission in sharing page application

Publications (2)

Publication Number Publication Date
CN116305032A true CN116305032A (en) 2023-06-23
CN116305032B CN116305032B (en) 2023-11-14

Family

ID=86837167

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310157793.7A Active CN116305032B (en) 2023-02-14 2023-02-14 Method and system for accessing system permission in sharing page application

Country Status (1)

Country Link
CN (1) CN116305032B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109409043A (en) * 2018-09-03 2019-03-01 中国平安人寿保险股份有限公司 Login method, terminal device and the medium of application system
CN110287709A (en) * 2019-05-22 2019-09-27 深圳壹账通智能科技有限公司 User's operation authority control method, device, equipment and medium
CN114139190A (en) * 2021-12-08 2022-03-04 兴业银行股份有限公司 Dynamic authority control method and system based on filter
CN114666140A (en) * 2022-03-25 2022-06-24 金蝶软件(中国)有限公司 Method, device, computer equipment and medium for accessing form

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109409043A (en) * 2018-09-03 2019-03-01 中国平安人寿保险股份有限公司 Login method, terminal device and the medium of application system
CN110287709A (en) * 2019-05-22 2019-09-27 深圳壹账通智能科技有限公司 User's operation authority control method, device, equipment and medium
CN114139190A (en) * 2021-12-08 2022-03-04 兴业银行股份有限公司 Dynamic authority control method and system based on filter
CN114666140A (en) * 2022-03-25 2022-06-24 金蝶软件(中国)有限公司 Method, device, computer equipment and medium for accessing form

Also Published As

Publication number Publication date
CN116305032B (en) 2023-11-14

Similar Documents

Publication Publication Date Title
US8955037B2 (en) Access management architecture
EP2569693B1 (en) Methods and systems for forcing an application to store data in a secure storage location
US11303645B2 (en) Online diagnostic platform, and permission management method and permission management system thereof
US10701053B2 (en) Authentication and approval control system for distributed ledger platform
CN108351807B (en) Event management to maintain control of restricted data in a cloud computing environment
US10560435B2 (en) Enforcing restrictions on third-party accounts
KR20150036323A (en) Security and data isolation for tenants in a business data system
JP2008097419A (en) Application operation control system and application operation control method
US8826388B2 (en) Mobile device identify factor for access control policies
US10841342B2 (en) Data driven user interfaces for device management
US20200233699A1 (en) Platform-based change management
CN111352737A (en) Container cloud computing service platform based on resource pool
US20180173886A1 (en) Collaborative Database to Promote Data Sharing, Synchronization, and Access Control
US11711360B2 (en) Expedited authorization and access management
US8819814B1 (en) Secure access infrastructure
US10303343B1 (en) Data driven user interfaces for device management
US11711373B2 (en) Platform-based authentication for external services
CN116305032B (en) Method and system for accessing system permission in sharing page application
JP2003085141A (en) Single sign-on corresponding authenticating device, network system and program
JP2022097380A (en) Method, computer program product, and system (management of shared authentication credentials)
KR102346480B1 (en) A macro-based application account management system
JP7396205B2 (en) Medical information storage program and medical information storage management device
WO2018128605A1 (en) Enhanced online computer access cyber security system
US20220414204A1 (en) Systems for enhanced bilateral machine security
US20240004891A1 (en) System and Method for Generating an Improved User Interface for Data Analytics

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant