CN116738451A - Method, platform, equipment and storage medium for controlling authority of low-code platform - Google Patents

Method, platform, equipment and storage medium for controlling authority of low-code platform Download PDF

Info

Publication number
CN116738451A
CN116738451A CN202310446041.2A CN202310446041A CN116738451A CN 116738451 A CN116738451 A CN 116738451A CN 202310446041 A CN202310446041 A CN 202310446041A CN 116738451 A CN116738451 A CN 116738451A
Authority
CN
China
Prior art keywords
authority
metadata
service
data
scene
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310446041.2A
Other languages
Chinese (zh)
Inventor
请求不公布姓名
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huizhou Haikui Information Technology Co ltd
Original Assignee
Huizhou Haikui Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huizhou Haikui Information Technology Co ltd filed Critical Huizhou Haikui Information Technology Co ltd
Publication of CN116738451A publication Critical patent/CN116738451A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/22Indexing; Data structures therefor; Storage structures
    • G06F16/2282Tablespace storage structures; Management thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Automation & Control Theory (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The application relates to the technical field of low codes, and provides a method, a platform, equipment and a storage medium for controlling authority of a low-code platform. The method includes registering a first business table as a platform metadata table of a low code platform; determining a main key identifier and a table item set in a first service table, generating authority metadata according to the main key identifier, the table item set and the metadata name, generating a metadata authority column according to the authority metadata and user data, and updating the metadata authority column into an authority role mapping list; displaying an authority filtering condition setting interface of a second service table in a service scene to be subjected to authority configuration; the method comprises the steps of carrying out authority configuration on the second service table in the authority filtering condition setting interface to obtain the authority data, and executing the platform, the equipment and the storage medium.

Description

Method, platform, equipment and storage medium for controlling authority of low-code platform
Technical Field
The present application relates to the field of low code technologies, and in particular, to a method, a platform, an apparatus, and a storage medium for controlling authority of a low code platform.
Background
On a low-code platform, service personnel usually manage a service data table and a service management scene in a graphical interface operation mode, and based on the consideration of safety, the service data tables in different service function scenes cannot be directly shared. In practical application, authority setting needs to be performed according to data in different service function scenes, and authority control according to multidimensional service data and multiple users exists in the same service function scene, or authority configuration of data of the same type in a cross-system service function scene exists in the same user. At this time, the method is limited by uncertainty of service data and service data tables in a low-code platform and limitation of incapability of directly sharing data across systems, so that authority setting cannot be preset for the service data in the service data tables in service function scenes under the low-code platform, and further, the problems of large development workload of service personnel and complex authority configuration process under the low-code platform are caused.
Disclosure of Invention
The embodiment of the application mainly aims to provide a method, a platform, equipment and a storage medium for controlling the authority of a low-code platform, aiming at improving the convenience of the authority configuration of the low-code platform.
In a first aspect, a method for controlling authority of a low-code platform according to an embodiment of the present application includes:
registering the first business table as a platform metadata table of the low-code platform; the first service table is used for recording scene metadata which needs to be subjected to authority control;
determining a main key identifier and an item set in the platform metadata table, and generating authority metadata according to the main key identifier, the item set and a metadata name, wherein the item set is a set of second service items except for a first service item corresponding to the main key identifier in the first service table;
generating a metadata authority list according to the authority metadata and the user data, and updating the metadata authority list into an authority role mapping list;
acquiring a second service table under a service scene to be subjected to authority configuration and displaying an authority filtering condition setting interface of the second service table; the second service is used for recording scene service data which need to be subjected to authority control;
In the authority filtering condition setting interface, performing authority configuration on the second service table to obtain authority data so as to control access to the second service table according to the authority data, wherein the authority data comprises first authority mapping data used for representing an authority combination relationship between the second service table and the authority role mapping list and second authority mapping data used for representing an authority combination relationship between the first authority mapping data configured under the same service scene.
In a third aspect, an embodiment of the present application provides a low code platform, including:
the registration module is used for registering the first service table as a platform metadata table of the low-code platform; the first service table is used for recording scene metadata which needs to be subjected to authority control;
the determining module is used for determining a main key identifier and an item set in the platform metadata table and generating authority metadata according to the main key identifier, the item set and a metadata name, wherein the item set is a set of second service items except for a first service item corresponding to the main key identifier in the first service table;
The metadata authority generation module is used for generating metadata authority columns according to the authority metadata and the user data, and updating the metadata authority columns into an authority role mapping list;
the configuration acquisition module is used for acquiring a second service table in a service scene to be subjected to authority configuration and displaying an authority filtering condition setting interface of the second service table; the second service is used for recording scene service data which need to be subjected to authority control;
the configuration processing module is used for carrying out authority configuration on the second service table in the authority filtering condition setting interface to obtain authority data so as to control access to the second service table according to the authority data, wherein the authority data comprises first authority mapping data used for representing an authority combination relationship between the second service table and the authority role mapping list and second authority mapping data used for representing an authority combination relationship between the first authority mapping data configured under the same service scene.
In a third aspect, an embodiment of the present application proposes an electronic device comprising a memory storing a computer program and a processor implementing a method of rights control for a low code platform according to any of the first aspects when the computer program is executed by the processor.
In a fourth aspect, an embodiment of the present application proposes a computer readable storage medium storing a computer program which, when executed by a processor, implements a method for rights control for a low code platform according to any of the first aspects.
The application provides a method, a platform, equipment and a storage medium for controlling authority of a low-code platform, wherein a first service table is registered as a platform metadata table, so that cross-service system call of authority metadata can be realized, at the moment, when in authority configuration in a first stage, the authority metadata corresponding to the platform metadata table is established and associated with user data, and a metadata authority list is generated, so that authority distribution based on data per se can be constructed, and when in authority configuration in a second stage, a second service table and the metadata authority list are configured and associated based on a service scene, and the authority data is obtained. Therefore, the embodiment of the application realizes the authority configuration under the low code platform by performing the authority association on the user data and the scene metadata and then performing the authority configuration of two stages of the association of the cross-system scene service data and the scene metadata. Compared with the related art, the authority configuration of the embodiment of the application only needs to pay attention to the authority of the scene metadata in the first stage, and only needs to pay attention to the relationship between the scene metadata and the scene business data in the second stage, so that the authority configuration of the embodiment of the application is simpler.
Drawings
FIG. 1 is a flow chart of a method for rights control for a low code platform provided by an embodiment of the present application;
FIG. 2 is a flow chart of an example of a method for rights control for a low code platform provided by an embodiment of the present application;
FIG. 3 is a block diagram of a low code platform provided by an embodiment of the present application;
FIG. 4 is another block diagram of a low code platform provided by an embodiment of the present application;
fig. 5 is a schematic diagram of a hardware structure corresponding to a method for controlling authority of a low-code platform according to an embodiment of the present application.
Detailed Description
The present application will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present application more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the application.
It is to be noted that all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs unless defined otherwise. The terminology used herein is for the purpose of describing embodiments of the application only and is not intended to be limiting of the application.
The following is an explanation of the terminology used in the embodiments of the application:
A main key: i.e., primary key, is one or more fields in the data table whose value is used to uniquely identify a record in the table. In the relationship of two tables, a primary key is used to reference a particular record in one table from the other table. The primary key is a unique key, part of the table definition. The primary key of a data table may be composed of a plurality of keys together, and the columns of the primary keys cannot contain null values.
On a low-code platform, service personnel usually manage a service data table and a service management scene in a graphical interface operation mode, and based on the consideration of safety, the service data tables in different service function scenes cannot be directly shared. In practical application, authority setting needs to be performed according to data in different service function scenes, and authority control according to multidimensional service data and multiple users exists in the same service function scene, or authority configuration of data of the same type in a cross-system service function scene exists in the same user. At this time, the method, the platform, the device and the storage medium for controlling the authority of the low-code platform are provided, so that the convenience of the authority configuration of the low-code platform can be improved.
It should be noted that, the data type with the attribute of the platform metadata table is set in the low-code platform so as to provide the data type for cross-system use, and further realize the functional requirements of different service scenarios, such as data in a warehouse, and the data can assist the generation of orders of the order system and also can be used for maintaining and renewing data tracking in parts of the production system.
Referring to fig. 1, the method for controlling the authority of the low-code platform provided by the application comprises the following steps:
step S100, registering the first service table as a platform metadata table of a low-code platform; the first service table is used for recording scene metadata which needs to be subjected to authority control;
step 200, determining a main key identifier and a table item set in a platform metadata table, and generating authority metadata according to the main key identifier, the table item set and a metadata name, wherein the table item set is a set of second service table items except for a first service table item corresponding to the main key identifier in a first service table;
step S300, generating a metadata authority list according to the authority metadata and the user data, and updating the metadata authority list into an authority role mapping list;
step S400, acquiring a second service table in a service scene to be subjected to authority configuration and displaying an authority filtering condition setting interface of the second service table; the second service table is used for recording scene service data which need to be subjected to authority control;
And S500, performing authority configuration on the second service table in the authority filtering condition setting interface to obtain authority data so as to control access to the second service table according to the authority data, wherein the authority data comprises first authority mapping data for representing an authority combination relationship between the second service table and the authority role mapping list and second authority mapping data for representing an authority combination relationship between the first authority mapping data configured under the same service scene.
By registering the first service table as the platform metadata table, cross-service system call can be realized by the authority metadata, at this time, when the authority is configured in the first stage, the authority metadata corresponding to the platform metadata table is established and associated with the user data, and a metadata authority column is generated, so that the authority distribution based on the data itself can be constructed, and when the authority is configured in the second stage, the second service table is configured and associated with the metadata authority column based on the service scene, and the authority data is obtained. Therefore, the embodiment of the application realizes the authority configuration under the low code platform by performing the authority association on the user data and the scene metadata and then performing the authority configuration of two stages of the association of the cross-system scene service data and the scene metadata. Compared with the related art, the authority configuration of the embodiment of the application only needs to pay attention to the authority of the scene metadata in the first stage, and only needs to pay attention to the relationship between the scene metadata and the scene business data in the second stage, so that the authority configuration of the embodiment of the application is simpler.
It should be noted that, in step S100, the scenario metadata indicates that the data may be data of an entry in another system, for example, the first service table records customer information, where the customer information needs to be maintained in the order system and also needs to be maintained in the sales system, and the customer information in the first service table is the scenario metadata. The registration in step S100 only indicates a change of the attribute of the first service table, and notifies the low-code platform that cross-system access can be performed to the rights metadata corresponding to the first service table.
It should be noted that, in step S200, the primary key identifier characterizes the primary key of the scene metadata in the first service table, which has uniqueness, so as to improve the efficiency of searching the scene metadata by the primary key. The main key identification can be set by selecting one of default main keys in the first service table, or can be spliced by all the main keys in the first service table. The metadata name is used to characterize the relationship between the rights metadata and the first service table in step S200. Rights metadata generated based on the same first service table has the same metadata name. The metadata name may be specified by the user, or may be automatically generated by a preset rule, for example, directly using the service table name of the first service table.
It should be noted that, in step S300, the metadata authority column is configured based on the authority metadata and the user data. The embodiment of the application does not describe how the user performs interactive operation on the low-code platform to realize configuration and how the authority metadata and the user data are displayed, and the technical personnel in the art can perform adaptive design according to actual requirements.
The user data is information of a user allowed to be recorded on the low-code platform, and may be information of a single user or user groups.
The first service table is taken as a client table in table 1, wherein the data in table 1 are as follows:
customer identification Customer code Customer name
1 001 Li Sheng
2 002 Wang Sheng
TABLE 1
When the client identifier is set as the primary key identifier and the metadata name is "custmerTable", two rights metadata { metadata table name: "custmerTable", metadata key: '1' are obtained according to step S200; metadataName: "001, li Sheng" }, { metadataTableName: "custmerTable", metadataKey: '2'; metadataName: "002, wang Sheng" }.
The { metadataTableName: "custmerTable", metadataKey: '1' in table 1 above; metadata for rights of "001, li Sheng" } is exemplified, assuming that the user data is as shown in table 2 below:
User identification User name
1 001
2 002
TABLE 2
A metadata authority can be obtained according to the above table 2 and according to step S300 as follows table 3:
TABLE 3 Table 3
In table 3, "rights group identifier" and "rights group name" are names of rights groups obtained by grouping user data, and the rights group identifier is an index of a plurality of rights groups grouped in the user data, and the rights group names are names when the rights groups are displayed externally. The "rights column identifier" is the primary key of the rights role mapping list to quickly retrieve the required metadata rights column in the rights role mapping list. The metadata authority column identified as "1" records information of a user whose authority group is identified as "1000" and whose authority group name is "department 1 authority" composed of a user whose user is identified as 1 and whose user name is 001 and a user whose user is identified as 2 and whose user name is 002, both users having control authority of authority metadata whose metadata name (i.e., metadata table name) is customertable, whose main key identification (i.e., metadata key) is 1 and whose content (metadata name) is "001, li Sheng".
It should be noted that, steps S100 to S300 implement authority configuration in the first stage, and establish an association relationship between the user data and the scene metadata. In the authority configuration process of the stage, only the relation between the user data and the scene metadata is required to be focused, the actual service application scene is not required to be considered, and then the authority of the user data is distributed according to the association relation between the service data of the second service table and the service data of the first service table in the actual service scene and the relation among the plurality of second service tables.
It should be noted that, for step S500, since the rights metadata may be shared across systems, and the user data may also be shared across systems, the metadata rights column may also implement cross-system access; therefore, the metadata authority list can be directly associated with the authority filtering condition setting interface option, and in the configuration process, only the table item in the second service table is concerned with being the controlled table item and the table item is required to be associated with the metadata authority list, so that the authority configuration can be realized, and the configuration is simpler.
Illustratively, with items A, B in the system, the A items are managed by Zhang Gong 1, zhang Gong 2, where Zhang Gong 1 manages asset classes, zhang Gong 2 manages production material classes; project B is managed by Li Gong, li Gong, where Li Gong 1 manages asset classes and Li Gong 2 manages production material classes. When the service scene is: zhang Gong 1 only the material condition of the asset class in the project A can be seen in the project material signboard, zhang Gong only the material condition of the production material class in the project A can be seen in the project material signboard; li Gong 1 only the material conditions of the assets in project B can be seen in the project material bulletin, li Gong only the material conditions of the production materials in project B can be seen in the project material bulletin. The operation at this time is as follows:
Referring to step S100 and step S200, first, a first service table corresponding to an asset class and a production material class is registered as a platform metadata table, and rights metadata is obtained. Then, referring to step S300, a metadata authority list is generated, and at this time, the metadata authority list is established as shown in tables 4 and 5 below:
TABLE 4 Table 4
TABLE 5
At this time, each record in tables 4 and 5 corresponds to one metadata authority column. When the configuration in step 500 is performed, taking the service scenario as an example of "project material bulletin board", the metadata authority column in table 4 is required to be associated with the field related to the asset class in the second service table, so that management and control on projects under different personnel can be realized. Taking a business scene as an example of an item material bulletin board, the metadata authority list in the table 5 is required to be associated with the field related to the item in the second business table, so that the management and control of the assets of different people can be realized.
It should be noted that, in some embodiments, the rights data in step S500 further includes a database execution script, so that the first rights mapping data and the second rights mapping data displayed in text form can be realized, and the database execution script can be directly executed, so that the execution efficiency can be improved, and the user verification is facilitated.
For example, referring to fig. 2, describing a process of a specific configuration of the present application, first, authority metadata corresponding to a first service table is generated, user data is configured as any one or more of a user, a user group, or a role according to service requirements, an association relationship between the authority metadata and the user data is configured on a low-code platform, a metadata authority column is generated, a service scenario is selected, and an association relationship between a third service entry of a second service table and the metadata authority column is selected in the service scenario, so as to obtain authority data, and a database execution script is generated according to the authority data.
It can be understood that in step S500, in the rights filtering condition setting interface, the rights configuration is performed on the second service table to obtain rights data, including:
according to the entry input information of the second service table displayed in the authority filtering condition setting interface, determining a third service table entry from the second service table;
establishing a permission relation between a third service list item and a permission role mapping list to obtain first permission mapping data;
obtaining second authority mapping data according to the selected states of the OR logic and the AND logic of the first authority mapping data;
And combining the first authority mapping data with the first authority mapping data to obtain the authority data.
It should be noted that, in some embodiments, the third service entry is directly input, where the entry input information is the content of the third service entry, in other embodiments, the third service entry is selected and determined in the drop-down list, the entry input information is in its selected state, in other embodiments, the third service entry is generated by dragging, and the entry input information is dragging information.
It should be noted that, in some embodiments, the or logic and the and logic are both one of the pull-down options of the logic option boxes, and each of the authority setting boxes for creating one piece of the first authority data in the authority filtering condition setting interface correspondingly generates one logic option box, and at this time, the logic states of the first authority setting data in the authority setting box and the other first authority setting data are determined to be the and or according to the selected state of the pull-down option of the logic option box. In other embodiments, a text box is provided, and the text box is used for filling the first permission data into the text box in a dragging mode, and generating a combination logic in the text box according to the selected states of the OR logic and the AND logic to obtain the second permission data.
It should be noted that, by setting and logic and or logic, each third service entry can be configured independently, so as to simplify the configuration process.
It should be noted that the second rights mapping data is used to indicate whether the first rights data is or is not related to each other, so that the rights data of the whole second service table can be obtained. For the service scene, a plurality of second service tables may exist, and at this time, authority linkage setting of the plurality of service tables under the same service scene can be achieved through the second authority data.
By way of example, the rights data obtained with reference to the above steps are shown in table 6 below:
scene identification Service table name Third service entry Rights group identification Associative logic
1 orderTable customId 1000 and
2 orderTable customTypeId 2000 or
TABLE 6
Wherein, the 'customId' and the 'customTYpeId' are both the third service table item of the second service table named as 'orderTable', the first authority data is the association between the authority group identifier and the third service table item, and the second authority data is the association logic. Therefore, the authority control of the whole second service table is obtained by configuring each service table item one by one, and the multi-stage split configuration is realized, so that the authority configuration is simplified. It should be noted that, referring to table 6, in some embodiments, when the database execution script is generated, the execution script is as follows for the data of the first line: ordertable.customid in (select metadataKey from metaDataAndUserRelation where groupId =1000 and metadataTableName = 'custmearable' and useridlike '%1,%'); for the data of the second row, its execution script is as follows: ordertable.customtypeidin (select metadataKey from metaDataAndUserRelation where groupId =2000 and metadataTableName = 'orderType' and useridlike '%1,%'). At this time, referring to the above table 6, for the second data table, the database execution script that obtains the authority data is and (select metadataKey from metaDataAndUserRelation where groupId =1000 and metadataTableName = 'custproof' and useridlike '%1,%) or (select metadataKey from metaDataAndUserRelation where groupId =2000 and metadataTableName =' orderlype 'and useridlike'% 1,%).
It can be understood that establishing the authority relationship between the third service entry and the authority role mapping list, to obtain the first authority mapping data includes:
in the authority filtering condition setting interface, selecting a first metadata authority list from the authority role mapping list;
and associating the primary key identifier, the authority group, the metadata name, the scene name of the service scene and the third service table item of the first metadata authority list to obtain first authority mapping data.
It can be understood that associating the primary key identifier, the authority group, the metadata name, the scene name of the service scene and the third service table item of the first metadata authority column to obtain first authority mapping data includes:
generating a database execution script for inquiring the first service table according to the main key identification, the permission group and the third service table item;
taking the database execution script, the primary key identification, the authority group, the metadata name, the scene name of the service scene and the third service table item as field contents of the same detail record to obtain first authority mapping data;
correspondingly, the method further comprises the steps of:
receiving a service operation request, wherein the service operation request comprises a scene name and user information of a service scene to be operated;
Determining a database execution script to be executed according to the scene name of the service scene to be operated;
and performing operation control on the operation user corresponding to the user information according to the database execution script to be executed.
It should be noted that, in some embodiments, all metadata permission columns in the permission role mapping list are displayed in a permission filtering condition setting interface in a list manner, so that selection can be performed. In other embodiments, metadata names of all metadata authority columns in the authority role mapping list are displayed in the authority filtering condition setting interface in a list manner, so that the selection range of configuration can be further reduced through the metadata names, and convenience of configuration is improved.
It should be noted that, the purpose of associating the primary key identifier, the authority group, the metadata name, the scene name of the service scene, and the third service table entry of the first metadata authority list is to establish an authority matching condition, where the matching condition is used to verify whether the primary key identifier and the authority metadata corresponding to the metadata name of the first metadata authority list are matched with the data content in the third service table entry, and an operating user operating the second service table is in the authority group of the first metadata authority list.
It can be understood that in the rights filtering condition setting interface, selecting a first metadata rights column from the rights role mapping list includes:
in the authority filtering condition setting interface, displaying metadata names contained in the authority role mapping list;
determining a first metadata table according to the selected state of the metadata names and displaying metadata authority columns under the first metadata table;
and determining a first metadata authority column according to the selected state of the metadata authority column.
It should be noted that, the metadata name is more convenient for manually identifying the role corresponding to the first service table, so that the operation is simpler by selecting the metadata name and then selecting the metadata authority list.
It should be noted that, in some embodiments, the authority role mapping list may be classified, so that classification information may be selected in the authority filtering condition setting interface, and the authority role mapping list corresponding to the classification may be screened out, so that a search range may be reduced, and configuration may be simplified.
It is understood that generating a metadata authority column from metadata and user data includes:
creating a right name according to a user configuration request;
selecting a user member under a right name from the user data to obtain a right group;
And selecting the authority metadata under the authority group so as to correlate the authority group with the authority metadata, thereby obtaining metadata authority columns.
It can be understood that determining the primary key identifier and the table entry set in the first service table, and generating rights metadata according to the primary key identifier, the table entry set and the metadata name, includes:
according to the metadata configuration request of the user, determining that the data under the first service table item of the first service table is a primary key identification and determining a metadata name;
for each service record in the first service table, splicing the data under the second service table item in the service record according to a preset splicing rule, and taking the spliced result as a first field in a preset metadata structure;
for each service record in the first service table, taking the metadata name as a second field in the metadata structure;
for each service record in the first service table, taking the data under the first service table item in the service record as a third field in the metadata structure;
and obtaining the authority metadata corresponding to the business record according to the first field, the corresponding second field and the corresponding third field.
Illustratively, assume that the metadata structure is { metaatatablename: "custmerTable", metadataKey: '$id$'; the metadata of the first row is { metadata TableName: "currTable", and the metadata Key: '1'; metadataName: "001, li Sheng" }.
Referring to fig. 3, a low code platform according to an embodiment of the present application includes:
a registration module 110, configured to register the first service table as a platform metadata table of the low code platform; the first service table is used for recording scene metadata which needs to be subjected to authority control;
the determining module 120 is configured to determine a primary key identifier and a table entry set in the first service table, and generate authority metadata according to the primary key identifier, the table entry set, and a metadata name, where the table entry set is a set of second service table entries in the first service table except for a first service table entry corresponding to the primary key identifier;
the metadata authority generation module 130 is configured to generate a metadata authority column according to metadata and user data, and update the metadata authority column in the authority role mapping list;
the configuration obtaining module 140 is configured to obtain a second service table in the service scenario to be configured with the authority and display an authority filtering condition setting interface of the second service table; the second service is used for recording scene service data which need to be subjected to authority control;
the configuration processing module 150 is configured to perform authority configuration on the second service table in the authority filtering condition setting interface to obtain authority data, so as to control access to the second service table according to the authority data, where the authority data includes first authority mapping data for characterizing an authority combination relationship between the second service table and the authority role mapping list, and second authority mapping data for characterizing an authority combination relationship between the first authority mapping data configured in the same service scenario.
It should be noted that, referring to fig. 4, in some embodiments, the low code platform includes a first configuration module 200 and a second configuration module 300, where the registration module 110, the determination module 120, and the metadata authority generation module 130 belong to the first configuration module 200, and the configuration acquisition module 140 and the configuration processing module 150 belong to the second configuration module 300. The low code platform further comprises an interaction module 400, wherein the interaction module 400 is connected with the registration module 110, the determination module 120, the metadata authority generation module 130, the configuration acquisition module 140 and the configuration processing module 150; the interaction module 400 provides the operation request of the user to the registration module 110, the determination module 120, the metadata authority generation module 130, the configuration acquisition module 140 and the configuration processing module 150, and displays part of the data in the determination module 120, the metadata authority generation module 130, the configuration acquisition module 140 and the configuration processing module 150 to provide feedback of interface configuration and user configuration results. In this regard, the embodiments of the present application do not describe in any more detail what data needs to be displayed, and those skilled in the art may selectively configure the data according to actual needs.
It can be understood that the electronic device provided according to the embodiment of the present application includes a memory and a processor, where the memory stores a computer program, and the processor implements the method for controlling the authority of the low-code platform when executing the computer program.
The electronic equipment can be any intelligent terminal including a tablet personal computer, a vehicle-mounted computer and the like.
Referring to fig. 5, fig. 5 illustrates a hardware structure of an electronic device according to another embodiment, where the electronic device includes:
the processor 501 may be implemented by a general-purpose CPU (Central Processing Unit ), a microprocessor, an application specific integrated circuit (Application Specific Integrated Circuit, ASIC), or one or more integrated circuits, etc. for executing related programs to implement the technical scheme provided by the embodiments of the present application;
the Memory 502 may be implemented in the form of a Read Only Memory (ROM), a static storage device, a dynamic storage device, or a random access Memory (Random Access Memory, RAM). Memory 502 may store an operating system and other application programs, and when implementing the technical solutions provided in the embodiments of the present disclosure by software or firmware, relevant program codes are stored in memory 502, and the method for performing rights control of the low-code platform of the embodiments of the present disclosure is called by processor 501;
an input/output interface 503 for implementing information input and output;
the communication interface 504 is configured to implement communication interaction between the device and other devices, and may implement communication in a wired manner (e.g. USB, network cable, etc.), or may implement communication in a wireless manner (e.g. mobile network, WIFI, bluetooth, etc.); and, a step of, in the first embodiment,
Bus 505 that transfers information between the various components of the device (e.g., processor 501, memory 502, input/output interface 503, and communication interface 504);
wherein the processor 501, the memory 502, the input/output interface 503 and the communication interface 504 enable a communication connection between each other inside the device via the bus 505.
It can be appreciated that according to the computer readable storage medium provided in the embodiment of the present application, the storage medium stores a computer program, and the computer program is executed by a processor to implement the method for controlling the authority of the low-code platform.
The memory, as a non-transitory computer readable storage medium, may be used to store non-transitory software programs as well as non-transitory computer executable programs. In addition, the memory may include high-speed random access memory, and may also include non-transitory memory, such as at least one magnetic disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, the memory optionally includes memory remotely located relative to the processor, the remote memory being connectable to the processor through a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The embodiments described in the embodiments of the present application are for more clearly describing the technical solutions of the embodiments of the present application, and do not constitute a limitation on the technical solutions provided by the embodiments of the present application, and those skilled in the art can know that, with the evolution of technology and the appearance of new application scenarios, the technical solutions provided by the embodiments of the present application are equally applicable to similar technical problems.
The above described apparatus embodiments are merely illustrative, wherein the units illustrated as separate components may or may not be physically separate, i.e. may be located in one place, or may be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In the embodiments of the present application, when related processing is performed according to user information, user behavior data, user history data, user location information, and other data related to user identity or characteristics, permission or consent of the user is obtained first, and the collection, use, processing, and the like of the data comply with related laws and regulations and standards of related countries and regions. In addition, when the embodiment of the application needs to acquire the sensitive personal information of the user, the independent permission or independent consent of the user is acquired through popup or jump to a confirmation page and the like, and after the independent permission or independent consent of the user is definitely acquired, the necessary relevant data of the user for enabling the embodiment of the application to normally operate is acquired.
Those of ordinary skill in the art will appreciate that all or some of the steps of the methods, systems, functional modules/units in the devices disclosed above may be implemented as software, firmware, hardware, and suitable combinations thereof.
The terms "comprises" and "comprising," along with any variations thereof, in the description of the application and in the above-described figures, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed or inherent to such process, method, article, or apparatus, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
It should be understood that in the present application, "at least one (item)" means one or more, and "a plurality" means two or more. "and/or" for describing the association relationship of the association object, the representation may have three relationships, for example, "a and/or B" may represent: only a, only B and both a and B are present, wherein a, B may be singular or plural. The character "/" generally indicates that the context-dependent object is an "or" relationship. "at least one of" or the like means any combination of these items, including any combination of single item(s) or plural items(s). For example, at least one (one) of a, b or c may represent: a, b, c, "a and b", "a and c", "b and c", or "a and b and c", wherein a, b, c may be single or plural.
In the several embodiments provided by the present application, it should be understood that the disclosed apparatus and method may be implemented in other manners. For example, the above-described apparatus embodiments are merely illustrative, and for example, the above-described division of units is merely a logical function division, and there may be another division manner in actual implementation, for example, a plurality of units or components may be combined or may be integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.
The units described above as separate components may or may not be physically separate, and components shown as units may or may not be physical units, may be located in one place, or may be distributed over a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be embodied in essence or a part contributing to the prior art or all or part of the technical solution in the form of a software product stored in a storage medium, including multiple instructions to cause a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the method of the various embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), a magnetic disk, or an optical disk, or other various media capable of storing a program.
The preferred embodiments of the present application have been described above with reference to the accompanying drawings, and are not thereby limiting the scope of the claims of the embodiments of the present application. Any modifications, equivalent substitutions and improvements made by those skilled in the art without departing from the scope and spirit of the embodiments of the present application shall fall within the scope of the claims of the embodiments of the present application.

Claims (10)

1. A method of rights control for a low code platform, the method comprising:
registering the first business table as a platform metadata table of the low-code platform; the first service table is used for recording scene metadata which needs to be subjected to authority control;
determining a main key identifier and an item set of the platform metadata table, and generating authority metadata according to the main key identifier, the item set and a metadata name, wherein the item set is a set of second service items except for a first service item corresponding to the main key identifier in the first service table;
generating a metadata authority list according to the authority metadata and the user data, and updating the metadata authority list into an authority role mapping list;
acquiring a second service table under a service scene to be subjected to authority configuration and displaying an authority filtering condition setting interface of the second service table; the second service is used for recording scene service data which need to be subjected to authority control;
in the authority filtering condition setting interface, performing authority configuration on the second service table to obtain authority data so as to control access to the second service table according to the authority data, wherein the authority data comprises first authority mapping data used for representing an authority combination relationship between the second service table and the authority role mapping list and second authority mapping data used for representing an authority combination relationship between the first authority mapping data configured under the same service scene.
2. The method for controlling the authority of the low-code platform according to claim 1, wherein in the authority filtering condition setting interface, performing authority configuration on the second service table to obtain authority data, includes:
determining a third service list item from the second service list according to the list item input information of the second service list displayed in the authority filtering condition setting interface;
establishing a permission relation between the third service list item and the permission role mapping list to obtain first permission mapping data;
obtaining second authority mapping data according to the selected states of the OR logic and the AND logic of the first authority mapping data;
and combining the first authority mapping data with the first authority mapping data to obtain authority data.
3. The method for controlling the authority of the low-code platform according to claim 2, wherein the establishing the authority relationship between the third service entry and the authority role mapping list, to obtain the first authority mapping data, includes:
selecting a first metadata authority list from the authority role mapping list in the authority filtering condition setting interface;
And associating the primary key identifier, the permission group and the metadata name of the first metadata permission column, the scene name of the service scene and the third service table item to obtain first permission mapping data.
4. The method for controlling the authority of the low-code platform according to claim 3, wherein associating the primary key identifier, the authority group and the metadata name of the first metadata authority column, the scene name of the service scene and the third service entry to obtain the first authority mapping data includes:
generating a database execution script for inquiring the first service table according to the primary key identifier, the permission group and the third service table item;
taking the database execution script, the primary key identifier, the authority group, the metadata name, the scene name of the service scene and the third service table entry as field contents of the same detail record to obtain first authority mapping data;
correspondingly, the method further comprises the steps of:
receiving a service operation request, wherein the service operation request comprises a scene name and user information of a service scene to be operated;
Determining a database execution script to be executed according to the scene name of the service scene to be operated;
and performing operation control on the operation user corresponding to the user information according to the database execution script to be executed.
5. A method of rights control for a low code platform as in claim 3, wherein said selecting a first metadata rights column from said rights role map list in said rights filter condition settings interface comprises:
displaying metadata names contained in the authority role mapping list in the authority filtering condition setting interface;
determining a first metadata table according to the selected state of the metadata name and displaying a metadata authority column under the first metadata table;
and determining a first metadata authority column according to the selected state of the metadata authority column.
6. The method of claim 1, wherein generating a metadata permission column from the metadata and user data comprises:
creating a right name according to a user configuration request;
selecting user members under the authority names from the user data to obtain an authority group;
And selecting the authority metadata from the authority group to correlate the authority group with the authority metadata so as to obtain a metadata authority column.
7. The method of claim 1, wherein determining the primary key identifier and the table entry set in the first service table, and generating rights metadata according to the primary key identifier, the table entry set, and the metadata name, comprises:
according to the metadata configuration request of the user, determining that the data under the first service table item of the first service table is a primary key identification and determining a metadata name;
for each service record in the first service table, splicing the data under the second service table item in the service record according to a preset splicing rule, and taking a spliced result as a first field in a preset metadata structure;
for each service record in the first service table, taking a metadata name as a second field in the metadata structure;
for each service record in the first service table, taking the data under the first service table item in the service record as a third field in the metadata structure;
And obtaining the authority metadata corresponding to the business record according to the first field, the corresponding second field and the corresponding third field.
8. A low code platform, comprising:
the registration module is used for registering the first service table as a platform metadata table of the low-code platform; the first service table is used for recording scene metadata which needs to be subjected to authority control;
the determining module is used for determining a main key identifier and an item set in the first service table and generating authority metadata according to the main key identifier, the item set and a metadata name, wherein the item set is a set of second service items except for a first service item corresponding to the main key identifier in the first service table;
the metadata authority generation module is used for generating metadata authority columns according to the authority metadata and the user data, and updating the metadata authority columns into an authority role mapping list;
the configuration acquisition module is used for acquiring a second service table in a service scene to be subjected to authority configuration and displaying an authority filtering condition setting interface of the second service table; the second service is used for recording scene service data which need to be subjected to authority control;
The configuration processing module is used for carrying out authority configuration on the second service table in the authority filtering condition setting interface to obtain authority data so as to control access to the second service table according to the authority data, wherein the authority data comprises first authority mapping data used for representing an authority combination relationship between the second service table and the authority role mapping list and second authority mapping data used for representing an authority combination relationship between the first authority mapping data configured under the same service scene.
9. An electronic device comprising a memory storing a computer program and a processor implementing a method of rights control of a low code platform according to any of claims 1 to 7 when the computer program is executed by the processor.
10. A computer readable storage medium storing a computer program, characterized in that the computer program, when executed by a processor, implements the method of rights control of a low code platform according to any of claims 1 to 7.
CN202310446041.2A 2023-03-30 2023-04-14 Method, platform, equipment and storage medium for controlling authority of low-code platform Pending CN116738451A (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202310372015X 2023-03-30
CN202310372015 2023-03-30

Publications (1)

Publication Number Publication Date
CN116738451A true CN116738451A (en) 2023-09-12

Family

ID=87903336

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310446041.2A Pending CN116738451A (en) 2023-03-30 2023-04-14 Method, platform, equipment and storage medium for controlling authority of low-code platform

Country Status (1)

Country Link
CN (1) CN116738451A (en)

Similar Documents

Publication Publication Date Title
CN107798038B (en) Data response method and data response equipment
CN111177214A (en) Event linkage processing method, device and system, electronic equipment and storage medium
CN111506559A (en) Data storage method and device, electronic equipment and storage medium
CN107015987B (en) Method and equipment for updating and searching database
US11423036B2 (en) Systems and methods for selecting datasets
CN111966866A (en) Data asset management method and device
CN109918678B (en) Method and device for identifying field meaning
US20230205755A1 (en) Methods and systems for improved search for data loss prevention
US9652740B2 (en) Fan identity data integration and unification
CN112258244B (en) Method, device, equipment and storage medium for determining task to which target object belongs
CN112348420A (en) Storage position information acquisition method and system, storage medium and electronic equipment
KR101614890B1 (en) Method of creating multi tenancy history, server performing the same and storage media storing the same
CN114416733A (en) Data retrieval processing method and device, electronic equipment and storage medium
CN111427972B (en) Method, device, service searching system and storage medium for searching service data
US11531706B2 (en) Graph search using index vertices
CN115879980B (en) Method and device for guest group ring selection and comparison analysis
KR20130126012A (en) Method and apparatusfor providing report of business intelligence
US10248638B2 (en) Creating forms for hierarchical organizations
CN116186337A (en) Business scene data processing method, system and electronic equipment
CN116738451A (en) Method, platform, equipment and storage medium for controlling authority of low-code platform
CN116127154A (en) Knowledge tag recommendation method and device, electronic equipment and storage medium
CN113761102B (en) Data processing method, device, server, system and storage medium
CN112612817A (en) Data processing method and device, terminal equipment and computer readable storage medium
CN115017185A (en) Data processing method, device and storage medium
JP5250394B2 (en) EDI integrated processing system, EDI integrated processing method, and EDI integrated processing program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination