CN117271843A - Method and equipment for storing and calculating data authority according to bits - Google Patents

Method and equipment for storing and calculating data authority according to bits Download PDF

Info

Publication number
CN117271843A
CN117271843A CN202311272886.0A CN202311272886A CN117271843A CN 117271843 A CN117271843 A CN 117271843A CN 202311272886 A CN202311272886 A CN 202311272886A CN 117271843 A CN117271843 A CN 117271843A
Authority
CN
China
Prior art keywords
authority
rights
user
column
bit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311272886.0A
Other languages
Chinese (zh)
Inventor
吴翔
王夷
张剑
俞楠
戚桂洪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Xinyi Intelligent Technology Co ltd
Original Assignee
Shanghai Xinyi Intelligent Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Xinyi Intelligent Technology Co ltd filed Critical Shanghai Xinyi Intelligent Technology Co ltd
Priority to CN202311272886.0A priority Critical patent/CN117271843A/en
Publication of CN117271843A publication Critical patent/CN117271843A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/901Indexing; Data structures therefor; Storage structures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/903Querying

Landscapes

  • Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Computational Linguistics (AREA)
  • Storage Device Security (AREA)

Abstract

The application aims to provide a method and equipment for storing and calculating data rights according to bits, wherein the rights grade is determined according to service information by determining storage bits corresponding to database types; dynamically expanding the authority field of the user on a resource table according to the storage bit number and the authority level; adding two fields on a user table, wherein the two fields are respectively used for recording the information of the extended column of the resource table and the position sequence of the authority of the user on the extended column; storing the authority of the user according to the bit based on the added field to obtain an authority storage structure; and calculating the data authority based on the requirement of the user on the authority, and updating the authority storage structure. Therefore, the fields can store the rights according to the bits, a correlation table of a large data volume is avoided, and simultaneously, the role and the resource grouping can be bypassed to carry out the fine authorization for each user, thereby realizing the rights fine management under the large-scale data volume.

Description

Method and equipment for storing and calculating data authority according to bits
Technical Field
The present disclosure relates to the field of computers, and in particular, to a method and apparatus for storing and calculating data rights in bits.
Background
The authority essence is the association relation between the users and the resources, so that m users and n resources theoretically generate m x n association relations at most, if the association relation between the users and the resources is stored by using a traditional association table, the data size of the association relation is too large, and the data size is the product of the number of the resources and the number of the users. The conventional solution is to group users and resources, place users with similar rights in the same role or user group, place similar resources in the same resource group, and then record the relationship between the roles (user group) and the resource group, as shown in fig. 1. The data model based on roles and resource grouping can reduce the data volume of the association relationship, but has certain limitation:
1. resource grouping and roles with common properties must be found, which is not beneficial to rights fine management;
2. if the number of resource packets and the number of roles is still large, the amount of association table data will still be large;
3. the storage structure becomes more complex, affecting query efficiency.
Disclosure of Invention
The purpose of the application is to provide a method and equipment for storing and calculating data authority according to bits, which solves the problems that a large amount of data associated table exists, authority cannot be accurately managed and the storage structure is complex in the prior art.
According to one aspect of the present application, there is provided a method of storing and calculating data rights on a bit basis, the method comprising:
determining the storage digit corresponding to the database type, and determining the authority level according to the service information;
dynamically expanding the authority field of the user on a resource table according to the storage bit number and the authority level;
adding two fields on a user table, wherein the two fields are respectively used for recording the information of the extended column of the resource table and the position sequence of the authority of the user on the extended column;
storing the authority of the user according to the bit based on the added field to obtain an authority storage structure;
and calculating the data authority based on the requirement of the user on the authority, and updating the authority storage structure.
Optionally, dynamically expanding the authority field of the user on the resource table according to the storage bit number and the authority level, including:
determining the number n of the authorities of the storage users according to the storage digits and the authority level;
dynamically expanding authority fields of users on a resource table, wherein each authority field stores the authorities of m users, and m=storage bit number/n.
Optionally, the user's requirement for the rights includes rights maintenance including adding users and authorized operations and rights application including checking the rights and querying with the rights.
Optionally, when the newly added user is performed, calculating the data authority based on the requirement of the user for the authority, and updating the authority storage structure, including:
judging whether a user table in the authority storage structure has the authority of a space storage newly added user, and setting a column and a bit index of the new user in the user table based on a judging result;
dynamically expanding a list on a resource table in the authority existence structure;
and inserting the authority of the newly added user.
Optionally, determining whether the user table in the rights storage structure has a space for storing the rights of the newly added user includes:
acquiring a column index x and a bit index y corresponding to the latest user in the authority storage structure;
if y+p is less than or equal to (the storage bit number-p), setting the column of the newly added user as the maximum column x, and setting the index as y+p, wherein p is the authority level;
if y+p > (number of storage bits-p), the column of the newly added user is set to the maximum column x+1, and the index is set to 0.
Optionally, when modifying the rights, calculating the data rights based on the user's requirements for the rights, updating the rights storage structure, including:
reading an authorized user record in the authority storage structure, and determining a corresponding column x and a corresponding column y;
reading the authorized resource record in the authority storage structure, and determining the value L of the x columns in the resource column;
the y-th to y+ (p-1) bits of L are replaced with authorization information, and the updated value is written back into the x columns in the resource column, wherein p is the authority level.
Optionally, when the verification rights are performed, calculating the data rights based on the user's requirements for the rights includes:
reading an authorized user record in the authority storage structure, and determining a corresponding column x and a corresponding column y;
reading the authorized resource record in the authority storage structure, and determining the value L of the x columns in the resource column;
and reading the y-y+ (p-1) bit of the value L, and judging whether the authority verification is successful or not according to the corresponding bit number value, wherein p is the authority level.
Alternatively, when p=4, the y to y+ (p-1) th bits of the read value L include:
the value L is converted into an array, the y bit of the read array is checked, the y+1 bit of the read array is checked, the y+2 bit of the write read array is checked, and the y+3 bit of the delete read array is checked.
Optionally, when the query data with rights is made, calculating the data rights based on the user's demand for rights, updating the rights storage structure, including:
inquiring the authorized user records in the authority storage structure according to the inquiry conditions of the original inquiry statement, and determining a corresponding column x and a corresponding column y;
splicing authority query sentences on the query conditions of the original query sentences;
and executing the spliced query statement, and returning to record the resource data with list authority of the current object. According to yet another aspect of the present application, there is also provided an apparatus for storing and calculating data rights on a bit basis, the apparatus comprising:
one or more processors; and
a memory storing computer readable instructions that, when executed, cause the processor to perform operations of the method as described above.
According to yet another aspect of the present application, there is also provided a computer readable medium having stored thereon computer readable instructions executable by a processor to implement a method as described above.
Compared with the prior art, the method and the device have the advantages that the authority level is determined according to the service information by determining the storage bit number corresponding to the database type; dynamically expanding the authority field of the user on a resource table according to the storage bit number and the authority level; adding two fields on a user table, wherein the two fields are respectively used for recording the information of the extended column of the resource table and the position sequence of the authority of the user on the extended column; storing the authority of the user according to the bit based on the added field to obtain an authority storage structure; and calculating the data authority based on the requirement of the user on the authority, and updating the authority storage structure. Therefore, the fields can store the rights according to the bits, a correlation table of a large data volume is avoided, and simultaneously, the role and the resource grouping can be bypassed to carry out the fine authorization for each user, thereby realizing the rights fine management under the large-scale data volume.
Drawings
Other features, objects and advantages of the present application will become more apparent upon reading of the detailed description of non-limiting embodiments, made with reference to the following drawings, in which:
FIG. 1 is a schematic diagram of a prior art association table for rights storage;
FIG. 2 illustrates a flow diagram of a method of storing and computing data rights on bit provided in accordance with an aspect of the subject application;
FIG. 3 is a schematic flow chart of adding users to the rights storage structure according to an embodiment of the present application;
FIG. 4 is a flow diagram illustrating modification of rights in a rights storage structure in one embodiment of the present application;
FIG. 5 is a flow diagram of querying data with rights in a rights storage structure in one embodiment of the present application;
FIG. 6 illustrates a system framework diagram for storing rights data using a database in one embodiment of the present application;
fig. 7 is a schematic diagram of a data storage structure of rights data in an embodiment of the present application.
The same or similar reference numbers in the drawings refer to the same or similar parts.
Detailed Description
The present application is described in further detail below with reference to the accompanying drawings.
In one typical configuration of the present application, the terminal, the devices of the service network, and the trusted party each include one or more processors (e.g., central processing units (Central Processing Unit, CPU)), input/output interfaces, network interfaces, and memory.
The Memory may include non-volatile Memory in a computer readable medium, random access Memory (Random Access Memory, RAM) and/or non-volatile Memory, etc., such as Read Only Memory (ROM) or flash RAM. Memory is an example of computer-readable media.
Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase-Change RAM (PRAM), static random access Memory (Static Random Access Memory, SRAM), dynamic random access Memory (Dynamic Random Access Memory, DRAM), other types of Random Access Memory (RAM), read-Only Memory (ROM), electrically erasable programmable read-Only Memory (Electrically Erasable Programmable Read-Only Memory, EEPROM), flash Memory or other Memory technology, read-Only optical disk read-Only Memory (Compact Disc Read-Only Memory, CD-ROM), digital versatile disks (Digital Versatile Disk, DVD) or other optical storage, magnetic cassettes, magnetic tape disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by the computing device. Computer readable media, as defined herein, does not include non-transitory computer readable media (transmission media), such as modulated data signals and carrier waves.
FIG. 2 illustrates a flow diagram of a method for storing and computing data rights on a bit basis provided in accordance with an aspect of the present application, the method comprising: step S11 to step S15, wherein,
step S11, determining the storage digit corresponding to the database type, and determining the authority level according to the service information; here, the field types of the database include a long form, a character string, etc., which are described in the present application by an unsigned long form, which is simply referred to as a long form in the following embodiments, and the number of bits of the long form of the database may be 32 bits, 64 bits, 128 bits, etc., which are described in the present application by taking a long form of 32 bits as an example. The authority level is set according to the actual service condition, and from 1 to p authority levels can be set according to the service requirement, wherein p is not more than the number of long integer digits. Such as rights class is divided into 4 classes: list, read content, write, delete; as another example, the video rights for a camera can be divided into: list, real-time video, camera control four levels.
In an embodiment of the present application, in step S11, the number n of rights of the storage user is determined according to the storage bit number and the rights level; and dynamically expanding authority fields of users on a resource table, wherein each authority field stores the authority of m users, and m=storage bit number/n. Here, when the authority fields are dynamically extended on the resource table, each field may store the authority of m users, where m=storage bit number/n, n is determined by a ratio of storage bit number to authority level, for example, when the authority fields of long integer are dynamically extended, the storage bit number is 32, and the authority level is 4, then each authority field of long integer may store the authority of 32/4=8 users.
Step S12, dynamically expanding the authority field of the user on a resource table according to the storage bit number and the authority level; here, when the rights field of the user is dynamically extended on the resource table, the number of user rights that can be stored in each rights field is determined according to the above-mentioned storage bit number (for example, 32 bits) and rights class (4).
Step S13, adding two fields on the user table, wherein the two fields are respectively used for recording the information of the expansion column of the resource table and the position sequence of the authority of the user on the expansion column; here, after the dynamic expansion authority field is performed on the resource table, two fields are added to the associated user table, and the number of expansion columns of the resource table and the position order on the expansion columns of the authority record of the user are recorded respectively.
Step S14, storing the authority of the user according to the bit based on the added field to obtain an authority storage structure; when the database type is long integer, based on the long integer bit storage, for example, the column index corresponding to the user 7 is 0 and the position sequence is 0, the authority of the user is stored in 0 to 3 bits representing the 0 th authority field on the resource table, wherein the 0 th bit represents the list authority, the 1 st bit represents the reading authority, the 2 nd bit represents the modifying authority and the 3 rd bit represents the deleting authority, and the business meaning represented by each bit from 0 to 3 is pre-agreed. The authority storage structure adds two columns of fields for dynamically expanding records in the user table, the mode of expanding the fields in the resource table in the authority storage structure replaces the associated storage authority data, the authority is stored according to bits, and a plurality of users share one column of storage authority data.
And step S15, calculating data rights based on the requirements of the users on the rights, and updating the rights storage structure. The requirements of the user on the rights comprise rights maintenance and rights application, wherein the rights maintenance comprises the addition of the user and the modification of the rights (namely, the authorized operation), and the rights application comprises verification rights and inquiry with rights. The user's demands for rights can be divided into two types, rights maintenance and rights application, and the rights storage structure is updated according to the rights maintenance and rights application in the actual service, such as adding new users, rights verification, resource maintenance, rights verification, rights inquiry, etc., the newly added users, newly added resources and authorization operations are rights maintenance, the rights verification and rights inquiry is rights application, and after each demand is calculated corresponding data rights, the rights storage structure is updated, thereby the role and resource grouping can be bypassed for carrying out refined authorization for each user, and the rights refined management under large-scale data volume is realized.
In an embodiment of the present application, when a new user is added, in step S15, it is determined whether a user table in the rights storage structure has a space for storing rights of the new user, and column and bit indexes of the new user in the user table are set based on a determination result; dynamically expanding a list on a resource table in the authority existence structure; and inserting the authority of the newly added user. When a new user is added, whether a space exists in the existing authority list is judged to store the authority of the current user, if not, a column is required to be dynamically expanded, namely, a column and a bit index of the new user are required to be set according to a judging result, and after setting, an authority record of the new user is inserted.
Specifically, the maximum column index x of the user table in the authority storage structure and the maximum bit sequence index bit y of the maximum column are obtained; if y+p is less than or equal to (the storage bit number-p), setting the column of the newly added user as the maximum column x, and setting the index as y+p, wherein p is the authority level; if y+p > (number of storage bits-p), the column of the newly added user is set to the maximum column x+1, and the index is set to 0. Here, as shown in fig. 3, the newly added user is the current user, the maximum column index x in the user table into which the new user needs to be inserted and the maximum bit index y of the column are obtained, whether y+p is less than or equal to (the storage bit number-p) is judged, for example, when the storage bit number is 32, the authority level is p=4, whether y+4 is less than or equal to 28 is judged, if yes, the column of the newly added user is set as the maximum column x, the bit index is y+4, if not, the column of the current user is set as the maximum column x+1, the index is 0, a column named as C (x+1) is dynamically expanded in the resource table, and the default value of the column is 0; a record of the new user is inserted. Taking 32-bit long integer and 4 authority levels as examples, the specific steps are as follows:
s1: the column index x and the bit index y corresponding to the latest user in the user table are obtained, for example, starting from 0, the first user is x=0, y=0, the authority bit is 0 to 3, the second user is x=0, y=4, the authority bit is 4 to 7 … …, the eighth user is x=0, y=28, the authority bit is 28 to 31, the ninth user is x=1, y=0, and so on. If the maximum bit index y+4 is less than or equal to 28, indicating that the storage space is still free, and executing the step S2B; otherwise, it indicates that the storage space is exhausted, and a column needs to be dynamically expanded to execute the step S2A.
S2A: setting the maximum column x+1 of the newly added user, and setting the index as the maximum index 0;
S2B: setting the maximum column x of the newly added user, and setting the index as the current minimum index y+4;
s3: a column, named C (x+1), is dynamically extended in the resource table, wherein 0 to 3 bits of the column are used for storing the authority data of the newly added user, and the rest bits are reserved, such as 0 to 3 used by the first user, and the later bits are used by the subsequent users. Defaults to a column data of 0, indicating that the current user and subsequently added users default to not have any rights to all resources.
S4: and inserting the permission record of the newly added user.
In an embodiment of the present application, when the modification rights are performed, in step S15, an authorized user record in the rights storage structure is read, and a corresponding column x and a corresponding column y are determined; reading the authorized resource record in the authority storage structure, and determining the value L of the x columns in the resource column; the y-th to y+ (p-1) bits of L are replaced with authorization information, and the updated value is written back into the x columns in the resource column, wherein p is the authority level. Here, since the database does not support writing data by bit, when the right is modified, a column of data needs to be read, the bit data belonging to the current user is modified, the bit data of other users is reserved, and then the data is written back into the database. Specifically, as shown in fig. 4, description is given with authority level p=4, S101: reading an authorized user record and acquiring a corresponding column index x and a corresponding bit index y; s102: reading the authorized resource record, and obtaining the value L of the corresponding resource column C (x); s103: the y-th to y+3 bits of L are replaced by authorization information, the specific operation of the step can use a conversion mode, such as converting the long integer L into a bit array b </SUB > ], modifying b [ y ] to b [ y+3] according to the authority data of the current user to the resource, and converting the bit array b </SUB > ] back into the long integer L; s104: the updated value is written back to the currently recorded C (x) column, i.e. the modified long form L is written back to the corresponding row and column. The modification records are locked in S102 to S104 to avoid that multiple administrators modify the authorization data of the same resource at the same time, resulting in data being overwritten.
In an embodiment of the present application, when the verification rights are performed, in step S15, an authorized user record in the rights storage structure is read, and a corresponding column x and a corresponding column y are determined; reading the authorized resource record in the authority storage structure, and determining the value L of the x columns in the resource column; and reading the y-th to y+ (p-1) bits of the value L, and judging whether the permission verification is successful or not according to the corresponding bit number value. Here, the permission check only verifies whether a certain user has a specified permission, such as list, read, write, delete, for a certain resource. Taking p=4 as an example, the specific steps are as follows, step1: reading an authorized user record and acquiring a corresponding column index x and a corresponding bit index y; step2: reading the authorized resource record, and obtaining the value L of the corresponding resource column C (x); step3: reading the y-th to y+3 bits of L according to the authority type; step4: and returning success or failure according to the corresponding bit value of 1 or 0.
In Step3, when p=4, the value L is converted into an array, the y-th bit of the read array is checked, the y+1-th bit of the read array is checked, the y+2-th bit of the write read array is checked, and the y+3-th bit of the read array is checked. Here, the long integer L may be converted into a bit array b [ ], where when the actual service authority level is 4 (e.g., it is divided into list, read, write, delete), the 0 th bit represents list, the 1 st bit represents read, the 2 nd bit represents write, and the 3 rd bit represents delete, the list authority read b [ y ], the read authority read b [ y+1], the write authority read b [ y+2], and the delete authority read b [ y+3] are predefined.
In an embodiment of the present application, when the query data with authority is performed, in step S15, the authorized user record in the authority storage structure is queried according to the query condition of the original query statement, and a corresponding column x and a corresponding column y are determined; splicing authority query sentences on the query conditions of the original query sentences; and executing the spliced query statement, and returning to record the resource data with list authority of the current object. Here, the user queries a certain resource according to a certain filtering condition, and the record returned by the query should satisfy that the user has list authority for the resource, in this embodiment of the present application, the query with authority is implemented by splicing query sentences, as shown in fig. 5, S201: reading an authorized user record and acquiring a corresponding column index x and a corresponding bit index y; s202: splicing the right inquiry statement on the inquiry condition of the original inquiry statement, if the original inquiry statement has the inquiry condition, the spliced character string is an (c (x)/2^y)% 2>0; if the original query statement has no query condition, the spliced character string is Where (c (x)/2^y)% 2>0; where m% n represents m modulo n, such as 3 modulo 2 is 1,8 modulo 3 is 2, assuming y=0, the concatenated string is c (x)% 2>0, assuming y=4, the concatenated string is (c (x)/16)% 2>0, so that it can be checked whether the value at the y-th bit is equal to 1; s203: and executing the spliced query statement, and returning to record the resource data with list authority of the current object. By expanding the long-integer bit-by-bit storage authority on the resource table, the association table with large data volume can be avoided, and the table association operation can be reduced when the retrieval is carried out with the authority.
In a specific embodiment of the present application, as shown in fig. 6, a system frame diagram of storing rights data by using a database is shown in fig. 7, a data storage structure of the rights data is a long-integer type bit-by-bit storage rights mode, a user maintenance module queries, adds, modifies and deletes users, when a user is added, corresponding operations need to be performed on the rights data, when a user is deleted, user records are deleted, corresponding columns and fields in the resource data are also meaningless, but the system is not recovered; the rest of the operations do not affect the rights data. The resource maintenance module is used for inquiring, adding, modifying and deleting resource data, when a resource record is added, all authority fields of the record are defaulted to be 0, so that all persons do not have any authority, the authority fields of the resource maintenance module are modified according to a prefabrication rule or an authorization operation, when the resource record is deleted, the corresponding authority fields are deleted at the same time, and other operations do not have any influence on the authority. The main function of the authorization module is to set its rights (whether list/read/write/delete is allowed) to a certain resource or resources for a certain user. The permission checking module only verifies whether a certain user has a specified permission (such as list/read/write/delete) for a certain resource. The permission query module is used for querying a certain resource according to a certain filtering condition, and records returned by query should meet the requirement that the user has list permission for the resource, and in the application, the query with the permission is realized by splicing query sentences.
In addition, embodiments of the present application provide a computer readable medium having stored thereon computer readable instructions executable by a processor to implement a method of storing and calculating data rights on bit as described above.
In an embodiment of the present application, there is also provided an apparatus for storing and calculating data rights on a bit basis, the apparatus including:
one or more processors; and
a memory storing computer readable instructions that, when executed, cause the processor to perform operations of the method as described above.
For example, computer-readable instructions, when executed, cause the one or more processors to:
determining the storage digit corresponding to the database type, and determining the authority level according to the service information;
dynamically expanding the authority field of the user on a resource table according to the storage bit number and the authority level;
adding two fields on a user table, wherein the two fields are respectively used for recording the information of the extended column of the resource table and the position sequence of the authority of the user on the extended column;
storing the authority of the user according to the bit based on the added field to obtain an authority storage structure;
and calculating the data authority based on the requirement of the user on the authority, and updating the authority storage structure.
It will be apparent to those skilled in the art that various modifications and variations can be made in the present application without departing from the spirit or scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims and the equivalents thereof, the present application is intended to cover such modifications and variations.
It should be noted that the present application may be implemented in software and/or a combination of software and hardware, for example, using Application Specific Integrated Circuits (ASIC), a general purpose computer or any other similar hardware device. In one embodiment, the software programs of the present application may be executed by a processor to implement the steps or functions as described above. Likewise, the software programs of the present application (including associated data structures) may be stored on a computer readable recording medium, such as RAM memory, magnetic or optical drive or diskette and the like. In addition, some steps or functions of the present application may be implemented in hardware, for example, as circuitry that cooperates with the processor to perform various steps or functions.
Furthermore, portions of the present application may be implemented as a computer program product, such as computer program instructions, which when executed by a computer, may invoke or provide methods and/or techniques in accordance with the present application by way of operation of the computer. Program instructions for invoking the methods of the present application may be stored in fixed or removable recording media and/or transmitted via a data stream in a broadcast or other signal bearing medium and/or stored within a working memory of a computer device operating according to the program instructions. An embodiment according to the present application comprises an apparatus comprising a memory for storing computer program instructions and a processor for executing the program instructions, wherein the computer program instructions, when executed by the processor, trigger the apparatus to operate a method and/or a solution according to the embodiments of the present application as described above.
It will be evident to those skilled in the art that the present application is not limited to the details of the foregoing illustrative embodiments, and that the present application may be embodied in other specific forms without departing from the spirit or essential characteristics thereof. The present embodiments are, therefore, to be considered in all respects as illustrative and not restrictive, the scope of the application being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned. Furthermore, it is evident that the word "comprising" does not exclude other elements or steps, and that the singular does not exclude a plurality. The terms first, second, etc. are used to denote a name, but not any particular order.

Claims (11)

1. A method of storing and calculating data rights on a bit basis, the method comprising:
determining the storage digit corresponding to the database type, and determining the authority level according to the service information;
dynamically expanding the authority field of the user on a resource table according to the storage bit number and the authority level;
adding two fields on a user table, wherein the two fields are respectively used for recording the information of the extended column of the resource table and the position sequence of the authority of the user on the extended column;
storing the authority of the user according to the bit based on the added field to obtain an authority storage structure;
and calculating data rights based on the rights maintenance requirements, and updating the rights storage structure.
2. The method of claim 1, wherein dynamically expanding the user's rights field on the resource table based on the number of storage bits and the rights level comprises:
determining the number n of the authorities of the storage users according to the storage digits and the authority level;
dynamically expanding authority fields of users on a resource table, wherein each authority field stores the authorities of m users, and m=storage bit number/n.
3. The method of claim 1, wherein the user's requirements for rights include rights maintenance including new users and authorized operations and rights applications including check rights and authorized queries.
4. A method according to claim 3, wherein when a new user is added, calculating data rights based on the user's demand for rights, updating the rights storage structure, comprises:
judging whether a user table in the authority storage structure has the authority of a space storage newly added user, and setting a column and a bit index of the new user in the user table based on a judging result;
dynamically expanding a list on a resource table in the authority existence structure;
and inserting the authority of the newly added user.
5. The method of claim 4, wherein determining whether the user table in the rights storage structure has space to store the rights of the newly added user comprises:
acquiring a column index x and a bit index y corresponding to the latest user in the authority storage structure;
if y+p is less than or equal to (the storage bit number-p), setting the column of the newly added user as the maximum column x, and setting the index as y+p, wherein p is the authority level;
if y+p > (number of storage bits-p), the column of the newly added user is set to the maximum column x+1, and the index is set to 0.
6. A method according to claim 3, wherein when modifying rights, calculating data rights based on rights maintenance requirements, updating the rights storage structure, comprises:
reading an authorized user record in the authority storage structure, and determining a corresponding column x and a corresponding column y;
reading the authorized resource record in the authority storage structure, and determining the value L of the x columns in the resource column;
the y-th to y+ (p-1) bits of L are replaced with authorization information, and the updated value is written back into the x columns in the resource column, wherein p is the authority level.
7. A method according to claim 3, wherein when verifying the rights, calculating the data rights based on the user's requirements for the rights comprises:
reading an authorized user record in the authority storage structure, and determining a corresponding column x and a corresponding column y;
reading the authorized resource record in the authority storage structure, and determining the value L of the x columns in the resource column;
and reading the y-y+ (p-1) bit of the value L, and judging whether the authority verification is successful or not according to the corresponding bit number value, wherein p is the authority level.
8. The method of claim 7, wherein reading bits y to y+ (p-1) of the value L when p = 4 comprises:
the value L is converted into an array, the y bit of the read array is checked, the y+1 bit of the read array is checked, the y+2 bit of the write read array is checked, and the y+3 bit of the delete read array is checked.
9. A method according to claim 3, wherein when conducting a query with rights data, calculating data rights based on the user's demand for rights, updating the rights storage structure, comprises:
inquiring the authorized user records in the authority storage structure according to the inquiry conditions of the original inquiry statement, and determining a corresponding column x and a corresponding column y;
splicing authority query sentences on the query conditions of the original query sentences;
and executing the spliced query statement, and returning to record the resource data with list authority of the current object.
10. An apparatus for storing and calculating data rights on a bit basis, the apparatus comprising:
one or more processors; and
a memory storing computer readable instructions that, when executed, cause the processor to perform the operations of the method of any one of claims 1 to 9.
11. A computer readable medium having stored thereon computer readable instructions executable by a processor to implement the method of any of claims 1 to 9.
CN202311272886.0A 2023-09-27 2023-09-27 Method and equipment for storing and calculating data authority according to bits Pending CN117271843A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311272886.0A CN117271843A (en) 2023-09-27 2023-09-27 Method and equipment for storing and calculating data authority according to bits

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311272886.0A CN117271843A (en) 2023-09-27 2023-09-27 Method and equipment for storing and calculating data authority according to bits

Publications (1)

Publication Number Publication Date
CN117271843A true CN117271843A (en) 2023-12-22

Family

ID=89205918

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311272886.0A Pending CN117271843A (en) 2023-09-27 2023-09-27 Method and equipment for storing and calculating data authority according to bits

Country Status (1)

Country Link
CN (1) CN117271843A (en)

Similar Documents

Publication Publication Date Title
CN111352902A (en) Log processing method and device, terminal equipment and storage medium
US20070061542A1 (en) System for a distributed column chunk data store
US7584209B2 (en) Flexible file format for updating an address book
CN111177143B (en) Key value data storage method and device, storage medium and electronic equipment
CN107958079A (en) Aggregate file delet method, system, device and readable storage medium storing program for executing
JP6636647B2 (en) Method and apparatus for generating a random character string
CN110555015A (en) Database entity management method and device, electronic equipment and storage medium
US20220253419A1 (en) Multi-record index structure for key-value stores
CN111324665A (en) Log playback method and device
CN110008743A (en) Data attribute identification method, device and equipment in a kind of piece of chain type account book
CN111459948B (en) Transaction integrity verification method based on centralized block chain type account book
CN114327239A (en) Method, electronic device and computer program product for storing and accessing data
CN115203211A (en) Unique hash sequence number generation method and system
CN115470156A (en) RDMA-based memory use method, system, electronic device and storage medium
US11734432B2 (en) Detecting second-order security vulnerabilities via modelling information flow through persistent storage
CN112948389B (en) MD 5-based database table data comparison method and device
US11500943B2 (en) Method and system for cached early-binding document search
US10691757B1 (en) Method and system for cached document search
CN110049133B (en) Method and device for issuing full amount of DNS zone files
CN110059087B (en) Data attribute identification method, device and equipment in block chain type account book
CN117271843A (en) Method and equipment for storing and calculating data authority according to bits
WO2019228009A1 (en) Lsm tree optimization method and device and computer equipment
CN116185305A (en) Service data storage method, device, computer equipment and storage medium
US11656972B1 (en) Paginating results obtained from separate programmatic interfaces
CN113590623A (en) Method, device and equipment for data deep paging query

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination