WO2018205940A1 - Procédé de génération de diagramme de structure organisationnelle basé sur une correspondance bi-univoque entre des rôles et des utilisateurs, et procédé d'application - Google Patents

Procédé de génération de diagramme de structure organisationnelle basé sur une correspondance bi-univoque entre des rôles et des utilisateurs, et procédé d'application Download PDF

Info

Publication number
WO2018205940A1
WO2018205940A1 PCT/CN2018/086066 CN2018086066W WO2018205940A1 WO 2018205940 A1 WO2018205940 A1 WO 2018205940A1 CN 2018086066 W CN2018086066 W CN 2018086066W WO 2018205940 A1 WO2018205940 A1 WO 2018205940A1
Authority
WO
WIPO (PCT)
Prior art keywords
role
department
user
roles
organization chart
Prior art date
Application number
PCT/CN2018/086066
Other languages
English (en)
Chinese (zh)
Inventor
陈达志
Original Assignee
成都牵牛草信息技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 成都牵牛草信息技术有限公司 filed Critical 成都牵牛草信息技术有限公司
Publication of WO2018205940A1 publication Critical patent/WO2018205940A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/901Indexing; Data structures therefor; Storage structures
    • G06F16/9024Graphs; Linked lists

Definitions

  • the invention relates to a method for generating an organization chart, in particular to a one-to-one organization chart generation and application method based on a role to a user.
  • Role-based access control is one of the most researched and matured database rights management mechanisms in recent years. It is considered to be an ideal candidate to replace traditional mandatory access control (MAC) and autonomous access control (DAC).
  • the basic idea of role-based access control (RBAC) is to divide different roles according to different functional positions in the enterprise organization view, and encapsulate the access rights of database resources in roles. Users are indirectly accessing database resources by being assigned different roles.
  • the role-based permission control mechanism can manage the access rights of the system simply and efficiently, which greatly reduces the burden and cost of the system rights management, and makes the system rights management more in line with the business management specifications of the application system.
  • the traditional role-based user rights management method adopts the "role-to-user one-to-many" association mechanism, and its "role” is group/class nature, that is, one role can simultaneously correspond to/associate multiple users, and the role is similar to the position.
  • the authorization of user rights under this association mechanism is basically divided into the following three forms: 1, as shown in Figure 1, directly authorized to the user, the disadvantage is that the workload is large, the operation is frequent and troublesome; As shown in Figure 2, the role (class/group/position/type of work) is authorized (one role can be associated with multiple users), and the user obtains the permission through the role; 3. As shown in Figure 3, the above two methods are combined. .
  • both 2 and 3 need to authorize the role of the class/group nature, and the way of authorization through the role of class/group/position/work type has the following disadvantages: 1.
  • the above two processing methods not only require a long time for the role authorization in the case of a large number of role permissions, but also are easy to make mistakes, the user is cumbersome and troublesome to operate, and is also prone to errors resulting in loss to the system user.
  • the organizational chart reflects the composition of a company or group, and people can find the corresponding employees through the organizational chart.
  • the existing organizational chart when the user is displayed, only the user's name is usually displayed. When making the selection, only the responsibilities of each employee can be known.
  • the object of the present invention is to overcome the deficiencies of the prior art and provide a one-to-one organization chart generation and application method based on a role to a user.
  • the structure organization chart shows the employee's name and role, because the role is only one employee. Linkages enable a clear understanding of employee responsibilities.
  • a one-to-one organization chart generation method based on a role to a user including:
  • Create a role create a new role, each role is a separate individual, not a group / class; select a department for the new role, then the role belongs to the department, and the role is unique under the department, Authorize the role based on the role of the role;
  • Create a user create an employee, fill in the name of the employee, and generate a unique user for the employee (that is, establish an association relationship between the employee and the user, and create an employee and a user separately, and associate the employee with the user when the association is performed. Or associate the user with the selected employee, and associate one or more roles for the user, wherein one role can only be associated with the unique user during the same period;
  • Generating an organization structure diagram generating an organization structure diagram according to a hierarchical relationship between departments, a relationship between roles and departments, an association relationship between users and roles, and an association relationship between users and employees, the organizational structure
  • the user information shown in the figure includes the user's name and role.
  • the department names of the lower department of the same department are not duplicated, and each department has a unique number in the organization chart; the names of the roles in the same department are not duplicated, and each role has a unique number in the organization chart. .
  • the method further includes the step of setting a supervisor role, which includes: when setting a supervisor role for a department, only one role under the department can be selected as the supervisor role of the department.
  • the supervisor role of each department in the organization chart is displayed in the first position under the department.
  • the factory is not included in the superior department and the lower department of the department.
  • one character is marked as the main role, and the other character other than the main character is the concurrent role.
  • the main structure and the concurrent role are displayed in the organizational chart.
  • the step S3 further includes the step of selecting a corresponding position for the role.
  • the application method of the organization chart as described above displays the organization chart when it is necessary to select a name, a role, or a department, and completes the object selection by clicking a name, a role, or a department in the organization chart.
  • the beneficial effects of the present invention are as follows: (1) The supervisor role of each department in the organization chart is displayed in the first position of the department, the main role of the user, and the concurrent role display, so as to intuitively understand the specific constituent elements of each department and each The main responsibility of the user; at the same time, because the role is only associated with a unique user, it is able to accurately understand the responsibilities of each user, and to make clear and concise selection when using the organizational chart; through the organizational chart, the employees and roles can be known at a glance. , position, easy to judge the approximate work content, help to accurately and quickly judge the choice of objects.
  • the traditional rights management mechanism defines the role as a group, a job type, a class, etc.
  • the role is a one-to-many relationship with the user. In the actual system use process, it is often necessary to perform the user's authority during the operation process. Adjustments, for example, when the employee permissions are changed, the permissions of an employee associated with the role change. We cannot change the permissions of the entire role because of the change of the individual employee permissions, because the role is also associated with other permissions. Staff. So in response to this situation, either create a new role to satisfy the employee whose permissions have changed, or directly authorize (disengage the role) from the employee based on the permission requirements.
  • the above two processing methods not only require a long time for the role authorization in the case of a large number of role permissions, but also are easy to make mistakes, the user is cumbersome and troublesome to operate, and is also prone to errors resulting in loss to the system user.
  • the role since the role is an independent individual, the role permission can be changed to achieve the goal.
  • the method of the present application seems to increase the workload when the system is initialized, it can be made by copying and the like to make the role or authorization more efficient than the traditional group-based role, because the role of the group is not considered.
  • the application scheme will make the permission setting clear and clear; especially after the system is used for a period of time (the user/role authority changes dynamically), the application scheme can greatly improve the system usage for the system user.
  • the efficiency of the rights management makes the dynamic authorization simpler, more convenient, clearer and clearer, and improves the efficiency and reliability of the permission setting.
  • the traditional group-based role authorization method is error-prone, and the method of the present application greatly reduces the probability of authorization errors, because the method of the present application only needs to consider the role as an independent individual, without considering the traditional method to associate the role of the group. What are the commonalities of multiple users? Even if the authorization error occurs, it only affects the user associated with the role, while the traditional group-based role affects all users associated with the role. Even if a permission authorization error occurs, the correction method of the present application is simple and short, and the traditional group-type role needs to consider the commonality of all users associated with the role when correcting the error, and not only the modification when there are many function points. Troublesome, complicated, very error-prone, and in many cases only new roles can be created.
  • the method of the present application is as follows: the transferred user associates several roles.
  • the user When adjusting the post, the user is first unlinked from the role in the original department (the canceled roles can be re-associated to other users), and then Associate users with roles in the new department. The operation is simple and will not go wrong.
  • FIG. 1 is a schematic diagram of a manner in which a system directly authorizes a user in the background art
  • FIG. 2 is a schematic diagram of a manner in which a system authorizes a group/class role in the background art
  • FIG. 3 is a schematic diagram of a manner in which a system directly authorizes a user and authorizes a group/class role role in the background art
  • Figure 5 is a schematic diagram of an existing organizational structure of a company
  • FIG. 6 is a schematic diagram showing the organizational structure of FIG. 5 after the sales of the second part.
  • a one-to-one organization chart generation method based on a role to a user includes: S1. Creating a department: establishing a new department, and if there is an existing department, selecting a higher department for the new department. That is to say, when the newly created department is the first department in the organization chart (the highest department or organization in the organizational structure), the higher department is not selected for the newly created department, otherwise the higher department is selected as the higher department. For example, if there is a general department and a marketing department in the existing department, and a new department is a sales department, the marketing department is selected as the sales department.
  • the department names of the lower-level departments in the same department are not duplicated, and it is guaranteed that there will be no identification difficulties caused by departments with the same name under one department. For example, there are two sales departments under the marketing department, and these two sales departments can be named. In order to sell one and sell two, you can't name both sales departments as sales, otherwise there will be confusion. Each department has a unique number in the organization chart. When there are a large number of departments, it can quickly retrieve the target department by number, which improves the department search speed when using the organization chart.
  • Each department needs to have a role responsible for the department and define the role as the supervisor role.
  • the steps of setting the supervisor role include: When setting the supervisor role for a department, only one role under the department can be selected as the supervisor role of the department. Since only the role of the department itself can be selected as the supervisor role of the department, the role of other departments is avoided to be responsible for the confusion of things in the department. For example, there are role A, role B, and role C under department A, and role D, role E, and role F under department B. You can select any one of role A, role B, and role C as the supervisor role of department A, but not Select role D, role E, and role F as the supervisor roles for department A.
  • the supervisor role of each department can be modified.
  • the specific modification method is: when modifying the supervisor role of a department, only the remaining role of the department can be selected as the new supervisor role. For example, there is role A, role B, and role C under department A, role D, role E, and role F under department B.
  • the current supervisor role of department A is role A. You can select any of role B and role C as the department.
  • the factory is not included in the upper and lower departments of the department.
  • the existing department has a factory, a general manager's office, or a board of directors
  • the general manager's office and the board of directors may be selected as the higher-level department of the newly-built factory, and the existing factory may not be selected as the superior department of the newly-built factory. .
  • Create a role create a new role, each role is a separate individual, not a group / class; select a department for the new role, then the role belongs to the department, and the role is unique under the department, Authorize the role based on the role of the role.
  • Role definition The role does not have the nature of group/class/category/position/position/work type, but a non-collection nature, the role is unique, the role is an independent independent entity; in the enterprise application is equivalent Job No. (The job number here is not a position, a position may have multiple employees at the same time, and one job number can only correspond to one employee at the same time).
  • a company system can create the following roles: general manager, deputy general manager 1, deputy general manager 2, Beijing sales manager, Beijing sales manager, Beijing sales manager, Shanghai sales engineer 1, Shanghai sales Engineer 2, Shanghai Sales Engineer 3, Shanghai Sales Engineer 4, Shanghai Sales Engineer 5...
  • Authorization of roles includes, but is not limited to, authorization of forms, authorization of menus, or authorization of functions.
  • Authorization for the operation of the form includes but is not limited to additions and deletions.
  • Authorization for a role includes, but is not limited to, authorization of a form, authorization of a menu, or authorization of a function.
  • the role belongs to the department, and the role is unique under the department, and the role is authorized according to the work content of the role.
  • Create a user Create an employee, fill in the employee's name, and generate a unique user for the employee, and associate one or more roles for the user, in which one role can only be associated with a unique user.
  • the step S3 also includes the step of selecting a corresponding position for the character.
  • the concept of traditional roles is group/class/position/position/work type, and one role can correspond to multiple users.
  • the concept of "role” in this application is equivalent to the job number/station number, and is similar to the role in the film and television drama: a character can only be played by one actor at the same time (childhood, juvenile, middle-aged%) And an actor may be decorated with multiple angles.
  • the role After the role is created, you can associate the role in the process of creating the user, or you can associate it at any time after the user is created. After the user associates the role, the relationship with the role can be released at any time, and the relationship with other roles can be established at any time.
  • the specific operation process includes: (1) canceling the association between the user and the role in the original department; and (2) associating the user with the role in the new department.
  • Generating an organization structure diagram generating an organization structure diagram according to a hierarchical relationship between departments, a relationship between roles and departments, an association relationship between users and roles, and an association relationship between users and employees, the organizational structure
  • the user information shown in the figure includes the user's name and role.
  • the supervisory role of each department in the organization chart is displayed in the first position under the department.
  • the supervisor role of each department can be quickly found, thereby finding the person in charge of each department and improving the organization chart. View efficiency.
  • a role is marked as the primary role
  • a role other than the primary role is marked as a concurrent role.
  • the organizational structure diagram clearly shows the primary role and the concurrent role. Since one user can associate multiple roles, the organizational structure In the figure, the user's main role and concurrent role are displayed separately. For example, the concurrent role is in italics, which is convenient for quickly finding the user's main role and viewing the user's main responsibilities.
  • the application method of the organization chart as described above displays the organization chart when it is necessary to select a name, a role, or a department, and completes the object selection by clicking a name, a role, or a department in the organization chart.
  • FIG. 5 shows a schematic diagram of the existing organizational structure of a company. It is now necessary to join the sales department under the marketing department of the company.
  • the second part of the sales department is Role 1 (Wang Wu), Role 2 (Wang Liu) and Role 3 (Wang Wu).
  • the new organization chart is generated as follows: Create department : Create a sales department and select the marketing department as the sales department of the second department.
  • Create user Create two employees, one employee's name is set to Wang Wu, and generate a unique user for Wang Wu, and associate role 1 and role 3 for the user, and set role 1 as the main role of Wang Wu, the role will be 2 Set to be the concurrent role of Wang Wu, and set the role 1 to the supervisor role of the sales department 2; the name of the other employee is set to Wang Liu, and a unique user is generated for Wang Liu, and the role 2 is associated with the user.
  • Generating an organizational chart based on the hierarchical relationship between the sales department and the marketing department, the ownership relationship between the three roles and departments, the relationship between the two users and the three roles, and the relationship between the user and the employee Generate an organization chart.
  • the new organizational structure is shown in Figure 6.
  • the role can also be displayed first, and the user or employee corresponding to the character can be displayed later.

Landscapes

  • Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Time Recorders, Dirve Recorders, Access Control (AREA)

Abstract

L'invention concerne un procédé de génération de diagramme de structure organisationnelle basé sur une correspondance bi-univoque entre des rôles et des utilisateurs, et un procédé d'application. Le procédé consiste à : S1, établir de nouveaux départements, et sélectionner des départements supérieurs pour les nouveaux départements en cas d'existence de départements existants ; S2, créer de nouveaux rôles, sélectionner un département pour les nouveaux rôles, et autoriser les rôles en fonction du contenu de travail des rôles ; S3, créer des employés, écrire les noms des employés, générer un utilisateur unique pour chaque employé, et associer chaque utilisateur à un ou plusieurs rôles, un rôle pouvant être associé à un utilisateur unique uniquement dans une même période ; et S4, générer un graphique de structure organisationnelle selon une relation hiérarchique entre des départements, une relation d'appartenance entre les rôles et les départements, une relation d'association entre les utilisateurs et les rôles et une relation d'association entre les utilisateurs et les employés, des informations d'utilisateurs affichées dans le graphique de structure organisationnelle comprenant les noms et les rôles des utilisateurs. Les noms et les rôles des employés sont affichés dans le diagramme de structure organisationnelle ; et étant donné que chaque rôle est associé uniquement à un employé, les responsabilités de chaque employé peuvent être clairement connues.
PCT/CN2018/086066 2017-05-09 2018-05-08 Procédé de génération de diagramme de structure organisationnelle basé sur une correspondance bi-univoque entre des rôles et des utilisateurs, et procédé d'application WO2018205940A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201710323152.9 2017-05-09
CN201710323152.9A CN107169074A (zh) 2017-05-09 2017-05-09 基于角色对用户的一对一的组织结构图生成及应用方法

Publications (1)

Publication Number Publication Date
WO2018205940A1 true WO2018205940A1 (fr) 2018-11-15

Family

ID=59813216

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/086066 WO2018205940A1 (fr) 2017-05-09 2018-05-08 Procédé de génération de diagramme de structure organisationnelle basé sur une correspondance bi-univoque entre des rôles et des utilisateurs, et procédé d'application

Country Status (2)

Country Link
CN (2) CN107169074A (fr)
WO (1) WO2018205940A1 (fr)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107169074A (zh) * 2017-05-09 2017-09-15 成都牵牛草信息技术有限公司 基于角色对用户的一对一的组织结构图生成及应用方法
CN109344302B (zh) * 2018-08-14 2023-11-28 中国平安人寿保险股份有限公司 一种组织架构信息的展示方法、存储介质和服务器
CN109816334A (zh) * 2018-12-28 2019-05-28 武汉职业技术学院 便携高效的移动办公系统
CN112733162A (zh) * 2020-12-31 2021-04-30 北京乐学帮网络技术有限公司 一种资源分配方法、装置、计算机设备和存储介质

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102354356A (zh) * 2011-09-29 2012-02-15 用友软件股份有限公司 数据权限管理装置和方法
CN105404799A (zh) * 2015-10-27 2016-03-16 成都贝发信息技术有限公司 信息系统中的权限管理装置
CN106055967A (zh) * 2016-05-24 2016-10-26 福建星海通信科技有限公司 一种saas平台用户组织权限管理的方法以及系统
CN106528710A (zh) * 2016-10-26 2017-03-22 乐视控股(北京)有限公司 一种后台管理系统的权限控制方法和装置
CN107169074A (zh) * 2017-05-09 2017-09-15 成都牵牛草信息技术有限公司 基于角色对用户的一对一的组织结构图生成及应用方法

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102354356A (zh) * 2011-09-29 2012-02-15 用友软件股份有限公司 数据权限管理装置和方法
CN105404799A (zh) * 2015-10-27 2016-03-16 成都贝发信息技术有限公司 信息系统中的权限管理装置
CN106055967A (zh) * 2016-05-24 2016-10-26 福建星海通信科技有限公司 一种saas平台用户组织权限管理的方法以及系统
CN106528710A (zh) * 2016-10-26 2017-03-22 乐视控股(北京)有限公司 一种后台管理系统的权限控制方法和装置
CN107169074A (zh) * 2017-05-09 2017-09-15 成都牵牛草信息技术有限公司 基于角色对用户的一对一的组织结构图生成及应用方法

Also Published As

Publication number Publication date
CN107169074A (zh) 2017-09-15
CN108629022A (zh) 2018-10-09

Similar Documents

Publication Publication Date Title
US11363026B2 (en) Workflow control method and system based on one-to-one correspondence between roles and users
EP3633567A1 (fr) Procédé de configuration d'un rôle d'approbation en fonction d'un service au moyen d'un noeud d'approbation dans un flux de travail
US11586758B2 (en) Authorization method for form data acquired based on role
WO2018214890A1 (fr) Procédé à base de rôle pour configuration de rôle d'approbation pour nœud d'approbation de flux de travail
CA3068903A1 (fr) Procede d'autorisation de permissions d'exploitation de valeurs de champ de formulaire
CN107103228B (zh) 基于角色对用户的一对一的权限授权方法和系统
US11599656B2 (en) Method for authorizing form data operation authority
JP7318894B2 (ja) 統計列表の操作権限の承認方法
JP7365609B2 (ja) 全てのシステム使用者の最近の権限状態を表示する承認方法
US20200389463A1 (en) Permission granting method and system based on one-to-one correspondence between roles and users
WO2018205940A1 (fr) Procédé de génération de diagramme de structure organisationnelle basé sur une correspondance bi-univoque entre des rôles et des utilisateurs, et procédé d'application
WO2019019981A1 (fr) Procédé de définition d'autorisation d'utilisateur dans une unité d'échange d'informations d'un système
US20200202024A1 (en) Method for setting operating record viewing right based on time period
CN108875391B (zh) 系统中员工登录其账户后的权限显示方法
US11750616B2 (en) Method for authorizing approval processes and approval nodes thereof for user
US20200143068A1 (en) Method for authorizing field value of form field by means of third party field
WO2019011162A1 (fr) Procédé de définition de fonction de raccourci
CN109033861B (zh) 系统中对授权操作者进行授权的方法
WO2019001322A1 (fr) Procédé d'autorisation de menu basé sur un rôle
WO2019007261A1 (fr) Procédé d'obtention d'une valeur de champ d'un champ de propriété de personnage dans un formulaire
OA19306A (en) Workflow control method and system based on one-to-one correspondence between roles and users.

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18798578

Country of ref document: EP

Kind code of ref document: A1

DPE1 Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101)
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18798578

Country of ref document: EP

Kind code of ref document: A1