WO2021254501A1 - Role authorization method and system - Google Patents

Role authorization method and system Download PDF

Info

Publication number
WO2021254501A1
WO2021254501A1 PCT/CN2021/101022 CN2021101022W WO2021254501A1 WO 2021254501 A1 WO2021254501 A1 WO 2021254501A1 CN 2021101022 W CN2021101022 W CN 2021101022W WO 2021254501 A1 WO2021254501 A1 WO 2021254501A1
Authority
WO
WIPO (PCT)
Prior art keywords
resource
allocated
resources
role
path
Prior art date
Application number
PCT/CN2021/101022
Other languages
French (fr)
Chinese (zh)
Inventor
郭鹏霞
Original Assignee
京东方科技集团股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 京东方科技集团股份有限公司 filed Critical 京东方科技集团股份有限公司
Publication of WO2021254501A1 publication Critical patent/WO2021254501A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management
    • G06Q10/103Workflow collaboration or project management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication

Definitions

  • the present disclosure relates to the field of information processing, and in particular to a role authorization method and system.
  • the purpose of the embodiments of the present disclosure is to provide a role authorization method and system.
  • the present disclosure provides a role authorization method, including: obtaining resources to be allocated according to the resource path of each resource in the system; based on role requirements, selecting at least one resource from all the resources to be allocated as the required resource, and The role assigns the right to use the required resource.
  • the obtaining the resource to be allocated according to the resource path of each resource in the system includes: storing the resource corresponding to the resource path in a database according to the resource path of each resource in the system; in the database Obtain the resource to be allocated.
  • the method further includes: displaying all the resources to be allocated.
  • all the resources to be allocated are displayed through at least one of a tree diagram and a list.
  • the displaying all the resources to be allocated includes: determining the attribution relationship between the first resources to be allocated and the second resources to be allocated based on the resource path of the first resources to be allocated, the first The resource to be allocated and the second resource to be allocated are any one of the resources to be allocated, and the first resource to be allocated and the second resource to be allocated are different resources to be allocated; An attribution relationship between the resource to be allocated and the second resource to be allocated, showing all the resources to be allocated.
  • the selecting at least one resource from all the resources to be allocated as the required resource, and assigning the right to use the required resource to the role includes: receiving a configuration instruction from an administrator, the configuration instruction At least one required resource of the role is included in; among all the resources to be allocated, based on the configuration instruction, the role is assigned at least one required resource authority.
  • the resources include at least one of the following: menu resources, page resources, button resources, and file resources.
  • the system is a conference management system.
  • the embodiment of the present disclosure also provides a role authorization system, including: a resource acquisition module, which is used to acquire resources to be allocated according to the resource path of each resource in the system; At least one resource among the resources to be allocated is selected as the required resource, and the role is assigned the right to use the required resource.
  • a resource acquisition module which is used to acquire resources to be allocated according to the resource path of each resource in the system. At least one resource among the resources to be allocated is selected as the required resource, and the role is assigned the right to use the required resource.
  • the resource acquisition module is configured to: store the resource corresponding to the resource path in a database according to the resource path of each resource in the system; and acquire the resource to be allocated from the database.
  • a display module for displaying all the resources to be allocated.
  • all the resources to be allocated are displayed through at least one of a tree diagram and a list.
  • the display module is configured to determine the ownership relationship between the first resource to be allocated and the second resource to be allocated based on the resource path of the first resource to be allocated, the first resource to be allocated and The second resource to be allocated is any one of the resources to be allocated, and the first resource to be allocated and the second resource to be allocated are different resources to be allocated; according to the first resource to be allocated The attribution relationship with the second resource to be allocated shows all the resources to be allocated.
  • the authority allocation module is configured to: receive a configuration instruction from an administrator, where the configuration instruction includes at least one required resource of the role; among all the resources to be allocated, based on the configuration instruction , To assign at least one permission for the required resource to the role.
  • the resources include at least one of the following: menu resources, page resources, button resources, and file resources.
  • the system is a conference management system.
  • the present disclosure also provides a computer device, which includes a processor and a memory;
  • the memory is used to store a computer program
  • the processor is configured to execute the computer program stored in the memory to implement any one of the aforementioned role authorization methods.
  • the present disclosure also provides a computer-readable storage medium in which computer instructions are stored, and when the stored computer instructions are executed by a processor, any one of the aforementioned role authorization methods can be implemented.
  • Fig. 1 shows a flowchart of a role authorization method in the first embodiment of the present disclosure
  • FIG. 2 is a schematic flowchart of a role authorization method provided by an embodiment of the present disclosure
  • Figure 3 shows a schematic structural diagram of a role authorization system in the first embodiment of the present disclosure
  • FIG. 4 shows another schematic diagram of the structure of the role authorization system in the second embodiment of the present disclosure
  • Fig. 5 is a block diagram of a computer device provided by an embodiment of the present disclosure.
  • an embodiment of the present disclosure provides a role authorization method.
  • the flowchart is shown in Fig. 1, and mainly includes steps S1 and S2:
  • the conference management system Take the conference management system as an example.
  • the resources mentioned in this embodiment include at least one of menu resources, page resources, button resources, and file resources.
  • menu resources, page resources, and button resources are all indispensable in the system. resource.
  • Menu resources usually correspond to different system functions. Under the conference management system, the menu resources can at least include "meeting management”, “participant management”, “meeting room management”, “equipment management", "system management”, etc.
  • each menu can also have sub-menus to refine the corresponding functions; page resources are usually based on the menu resources, and the different page resources displayed based on the menu selection , Different content can be displayed on the page, and there are button resources or file resources on the inner page; button resources are usually various function buttons displayed on the page, such as "add, delete, modify, check” or "print”, etc., click the button to call the corresponding
  • the file resources are usually text, pictures, audio or video resources, which can be displayed in the page according to their specific types.
  • the role permissions are assigned by the administrator uniformly.
  • the administrator when the administrator authorizes a role, he first obtains all resources to be allocated for unified management based on the resource path of each resource in the conference management system.
  • the resource path refers to what each resource needs when it is created or used.
  • the retrieved path is the path specified by the conference management system for each resource when it is created.
  • the path is unique and can only represent the resource. According to each resource path in the conference management system, all resources to be allocated can be obtained.
  • the allocated resources can be all resources of the conference management system, or part of the resources that need to be allocated or may be allocated according to actual needs.
  • S2 based on role requirements, select at least one resource from all resources to be allocated as required resources, and assign permissions to use the required resources to the role.
  • the administrator can select at least one resource from all resources to be allocated as the required resource based on the actual needs of the currently allocated role, and assign the permission to use the aforementioned required resource for the role.
  • the resource to be allocated can be any resource in the conference management system. Through the method provided in this embodiment, a unified allocation of resources of the conference management system can be realized. It should be noted that after configuring permissions for a role, all users belonging to the role have corresponding permissions. When the permissions of the user need to be adjusted, the role to which the user belongs can be adjusted accordingly. In actual use, the role can be the original role, and the permissions of the original role can be adjusted through this embodiment, and the role can also be a newly created role. The permissions on the new role can be realized through this embodiment. distribute.
  • the beneficial effects of the embodiments of the present disclosure are: based on the resource ownership and uniqueness of all resources in the conference management system, the integration of resources is realized, which facilitates the realization of the resources required for re-editing and creating roles according to the specific needs of the role, and is separated from the original
  • the system limits resource permissions, realizes unified and flexible authorization of resources, simplifies the way of role authorization, and improves user experience.
  • step S1 includes:
  • the resources corresponding to each resource path can be imported into the database for storage in advance according to each resource path in the conference management system.
  • the resources to be allocated are obtained from all the resources in the database for authorization. Distribution.
  • each resource path can be recorded or stored in the form of a document, and the database automatically reads the resource path in the document to obtain all corresponding resources for storage; in actual operation, the administrator can also manually perform resources in the database Add, modify or delete, and then obtain the resources to be allocated through the database.
  • a database to import and obtain resources is only one implementation of this embodiment.
  • the file is called in the hard disk or memory, and the resource path in the file is read to obtain the corresponding resource to be allocated. That is, the method of acquiring resources in the present disclosure is not fixed, and it can also be manually imported or manually created by oneself to achieve the acquisition of diversified resources.
  • the method may further include:
  • the resources to be allocated are displayed in a preset manner, and the resources that can be allocated are displayed to the administrator in a visual form, which is convenient for the administrator to configure subsequent permissions.
  • the preset mode includes at least a tree diagram or a list, and of course, may also include other display modes, which is not limited in this embodiment.
  • the corresponding display can be performed based on the attribution relationship between the resources, which facilitates the administrator to make more flexible choices when assigning permissions.
  • the attribution relationship between each resource to be allocated and other resources to be allocated can be determined.
  • button resource A its resource path is XYA, where X is a certain A menu resource, Y is the page resource in menu X, and A is the button resource in page Y; usually, the page resource belongs to the menu resource, the button resource belongs to the page resource, and the file resource belongs to the page resource or
  • the representation of the resource path in this embodiment is only a simple example, and the resource path of any resource is based on the actual conference management system. The path shall prevail.
  • Button A is shown in the tree diagram as A child node is represented in the form of a parent node of page Y, and the parent node of page Y is menu X.
  • the node of menu X can also have other child nodes, and nodes of page Y can also exist in addition to Child nodes other than button A's node.
  • the tree diagram can visually display the attribution relationship between various resources, which is convenient for administrators to make more flexible choices when assigning permissions.
  • the attribution relationship between the first resource to be allocated and the second resource to be allocated is determined, and the first resource to be allocated and the second resource to be allocated are any resources to be allocated, And the first resource to be allocated and the second resource to be allocated are different resources to be allocated; according to the ownership relationship between the first resource to be allocated and the second resource to be allocated, all resources to be allocated are displayed.
  • the administrator when assigning the permissions of the corresponding resources to the role based on the role requirements, the administrator will send the corresponding configuration instructions based on the acquired resources to be allocated, combined with the actual needs of the roles that currently need to be assigned permissions. It includes at least one resource required by the role, that is, the resource that the role needs to obtain permissions.
  • Step S2 includes: receiving a configuration instruction from the administrator; based on the specific content of the configuration instruction, allocating the authority of the corresponding required resource in the configuration instruction to the role.
  • an option box can be set for each resource in the display interface.
  • the administrator configures the resource by checking the option box corresponding to each resource. It is equivalent to adding the corresponding resource as the required resource in the configuration instruction.
  • the save button can also be used in the display interface. When the administrator selects all the required resources and clicks the save button, it is equivalent to receiving the configuration instruction sent by the administrator, and then according to The specific content in the configuration instruction is enough to allocate the required resource authority to the role.
  • the above method can simplify the operation of the administrator when configuring the authority, and realize the customized intelligent authorization method according to the demand.
  • This embodiment realizes the integration of resources based on the resource ownership and uniqueness of all resources in the conference management system, which facilitates the realization of resources required for re-editing and creating roles according to the specific needs of the roles, and is free from the original system's restrictions on resource permissions , To achieve unified and flexible authorization of resources, simplify the way of role authorization, and improve the user experience.
  • Fig. 2 is a schematic flowchart of a role authorization method provided by an embodiment of the present disclosure. Referring to Figure 2, after the roles and resources are pulled, resources are allocated to the roles to complete authorization, and the above authorization process can generate logs.
  • authorization can be implemented based on a system, such as system A. After the authorization is completed, the method further includes saving the authorized resource configuration.
  • the method may further include: using the saved resource configuration for authorization of another system, for example, the resource configuration of system A, multiplexing it on system B, so that system B obtains the same resource authorization as system A.
  • this method can shield the system type and authorize the allocation of resource rights to another project, so that it can shield the difference of authorized objects, and realize the authorization method across projects.
  • the user logs in to the corresponding system and can see all the assigned permissions of the changed role.
  • this embodiment mainly describes the role authorization method based on the conference management system.
  • the role authorization method is also applicable to other information management systems, such as financial management systems, human resource management systems, etc., as long as By obtaining corresponding resources based on different resource paths of different resources, the flexible allocation of resource permissions can be realized.
  • the resources of this application can also be other types of resources such as the authority of the server.
  • the embodiment of the present disclosure provides a role authorization system.
  • the role authorization system of this embodiment can be embedded in the conference management system as an independent functional module, or can be used as an independent role authorization system, as long as it can realize the conference.
  • the schematic diagram of the structure of the role authorization system of this embodiment is shown in Fig. 3, which mainly includes a resource acquisition module 10 and a permission distribution module 20 which are coupled with each other. Allocate resources; the permission allocation module 20 is used to select at least one resource from all the resources to be allocated as the required resource based on the role requirement, and assign the permission to use the required resource to the role.
  • the resources mentioned in this embodiment include at least one of menu resources, page resources, button resources, and file resources.
  • menu resources, page resources, and button resources are all indispensable in the system. resource.
  • the resource acquisition module 10 first obtains all the resources to be allocated for unified management based on the resource path of each resource in the conference management system.
  • the resource path refers to each resource path.
  • the path that a resource needs to be called when it is created or used is the path specified by the conference management system for each resource when it is created. This path is unique and can only represent the resource.
  • the resources to be allocated can be all resources of the conference management system, or part of resources that need to be allocated or may be allocated according to actual needs.
  • the resource acquisition module 10 can import the resources corresponding to each resource path into the database for storage in advance according to each resource path in the conference management system.
  • the resource is authorized, all resources in the database Obtain resources to be allocated in order to allocate permissions.
  • each resource path can be recorded or stored in the form of a document, and the database automatically reads the resource path in the document to obtain all corresponding resources for storage; in actual operation, the administrator can also manually perform resources in the database Add, modify or delete, and then obtain the resources to be allocated through the database. It should be understood that the use of the database to import and obtain resources by the resource acquisition module 10 is only one implementation of this embodiment.
  • the acquiring module 10 stores the resource path through a file, and when acquiring the resource to be allocated, the file is called in the hard disk or the memory, and the resource path in the file is read to obtain the corresponding resource to be allocated.
  • FIG. 4 shows another schematic structural diagram of the role authorization system in this embodiment.
  • the role authorization system further includes a display module 30 that is coupled to the resource acquisition module 10 and the authority distribution module 20 respectively.
  • the role authorization system can also display all the resources to be allocated in a preset manner through the display module 30, and intuitively display the resources that can be allocated to the administrator in a visual form. Display to facilitate the administrator to configure subsequent permissions.
  • the preset mode includes at least a tree diagram or a list, and of course, may also include other display modes, which is not limited in this embodiment.
  • the display module 30 may perform corresponding display based on the attribution relationship between the resources, which facilitates the administrator to make more flexible choices when assigning permissions.
  • the attribution relationship between each resource to be allocated and other resources to be allocated can be determined. For example, for button resource A, its resource path is XYA, where X is a certain A menu resource, Y is the page resource in menu X, and A is the button resource in page Y.
  • the display module 30 After the display module 30 determines the attribution relationship between each resource to be allocated and other resources to be allocated, it can display all resources to be allocated in a preset manner according to the attribution relationship, and display in the form of a tree diagram as an example, the button A is represented as a child node in the tree diagram. Its parent node is the node of page Y, and the parent node of page Y is menu X. At the same time, the node of menu X can also have other child nodes. Page The node of Y may also have other child nodes besides the node of button A.
  • the tree diagram can visually display the attribution relationship between various resources, which is convenient for administrators to make more flexible choices when assigning permissions.
  • the display module 30 is configured to determine the attribution relationship between the first resource to be allocated and the second resource to be allocated based on the resource path of the first resource to be allocated, and the first resource to be allocated and the second resource to be allocated are both free A resource to be allocated, and the first resource to be allocated and the second resource to be allocated are different resources to be allocated; according to the ownership relationship between the first resource to be allocated and the second resource to be allocated, all resources to be allocated are displayed.
  • the administrator can select at least one resource from all resources to be allocated as the required resource through the authority allocation module 20 based on the actual needs of the currently allocated role, and allocate the resource for the role. Permission of the above-mentioned required resources.
  • the resource to be allocated can be any resource in the conference management system. Through the method provided in this embodiment, a unified allocation of resources of the conference management system can be realized. It should be noted that after configuring permissions for a role, all users belonging to the role have corresponding permissions. When the permissions of the user need to be adjusted, the role to which the user belongs can be adjusted accordingly. In actual use, the role can be the original role, and the permissions of the original role can be adjusted through this embodiment, and the role can also be a newly created role. The permissions on the new role can be realized through this embodiment. distribute.
  • the administrator when assigning the permissions of the corresponding resources to the role based on the role requirements, the administrator will send the corresponding configuration instructions based on the acquired resources to be allocated, combined with the actual needs of the roles that currently need to be assigned permissions. It includes at least one resource required by the role, that is, the resource that the role needs to obtain permissions; after receiving the configuration instruction from the administrator, the permission allocation module 20 can include all resources to be allocated, based on the specific content of the configuration instruction, as The role assignment configuration instruction corresponds to the authority of the required resource.
  • the display module 30 displays the resource to be allocated in a preset manner, it can set an option box corresponding to each resource in the display interface. When configuring, the administrator can check the corresponding option box of each resource.
  • Resource configuration is equivalent to adding the corresponding resource as the required resource in the configuration instruction.
  • the save button can also be used in the display interface. When the administrator selects all the required resources and clicks the save button, the authority allocation module 20 is equivalent to receiving the administrator The sent configuration instructions can then be assigned to the role the permissions of the required resources according to the specific content in the configuration instructions. The above method can simplify the operation of the administrator when configuring the permissions, and realize a customized intelligent authorization method according to the needs.
  • This embodiment realizes the integration of resources based on the resource ownership and uniqueness of all resources in the conference management system, which facilitates the realization of resources required for re-editing and creating roles according to the specific needs of the roles, and is free from the original system's restrictions on resource permissions , To achieve unified and flexible authorization of resources, simplify the way of role authorization, and improve the user experience.
  • the role authorization system can be a functional system in the conference management system, or it can be used as a separate system to coordinate with the conference management system. Use; At the same time, in actual use, the role authorization system is also applicable to other information management systems, such as financial management systems, human resources management systems, etc. As long as the corresponding resources are obtained based on different resource paths of different resources, the resource authority can be realized Flexible allocation.
  • an embodiment of the present disclosure also provides a computer device 400.
  • the computer device 400 can be used to execute the role authorization methods provided in the foregoing various embodiments.
  • the computer device 400 includes a memory 401, a processor 402, and a display component 403.
  • the structure of the computer device 400 shown in FIG. 5 does not constitute a limitation on the computer device 400. Practical applications may include more or fewer components than those shown in the figure, or a combination of certain components, or different component arrangements. in:
  • the memory 401 may be used to store computer programs and modules.
  • the memory 401 may mainly include a program storage area and a data storage area.
  • the program storage area may store an operating system, an application program required for at least one function, and the like.
  • the memory 401 may include a high-speed random access memory, and may also include a non-volatile memory, such as at least one magnetic disk storage device, a flash memory device, or other volatile solid-state storage devices.
  • the memory 401 may also include a memory controller to provide the processor 402 with access to the memory 401.
  • the processor 402 executes various functional applications and data processing by running software programs and modules stored in the memory 401.
  • the display component 403 is used for displaying images, and the display component 403 may include a display screen, where the pixels in the display screen may be implemented by using micro-inorganic diodes or organic electroluminescent diodes.
  • a computer-readable storage medium is also provided.
  • the computer-readable storage medium is a non-volatile storage medium, and a computer program is stored in the computer-readable storage medium.
  • the computer program in the medium is executed by the processor, it can execute the role authorization method provided by the embodiment of the present disclosure.
  • a computer program product is also provided, and instructions are stored in the computer program product, which when run on a computer, enable the computer to execute the role authorization method provided by the embodiments of the present disclosure.
  • a chip is also provided, the chip includes a programmable logic circuit and/or program instructions, and when the chip is running, the role authorization method provided in the embodiments of the present disclosure can be executed.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Human Resources & Organizations (AREA)
  • Strategic Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • Entrepreneurship & Innovation (AREA)
  • General Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • Tourism & Hospitality (AREA)
  • Quality & Reliability (AREA)
  • Economics (AREA)
  • Operations Research (AREA)
  • Marketing (AREA)
  • Data Mining & Analysis (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

Provided are a role authorization method and system. The method comprises: according to a resource path of each resource in a system, acquiring resources to be allocated; and on the basis of a role requirement, selecting, from among all resources to be allocated, at least one resource as a required resource, and allocating, for a role, the authority to use the required resource. According to the present disclosure, the integration of resources is realized on the basis of the ownership relationship between all resources in a conference management system and the uniqueness of the resources, thereby facilitating the implementation of re-editing and creating resources, required by a role, according to a specific requirement of the role, breaking away from the limitations of an original system regarding the authority of resources, realizing unified and flexible resource authorization, simplifying a role authorization means, and improving the use experience for a user.

Description

角色授权方法及系统Role authorization method and system
本公开要求于2020年6月19日提交的申请号为202010567046.7、发明名称为“一种会议管理系统的角色授权方法及系统”的中国专利申请的优先权,其全部内容通过引用结合在本公开中。This disclosure claims the priority of a Chinese patent application filed on June 19, 2020, with the application number 202010567046.7 and the invention title "A role authorization method and system for a conference management system", the entire content of which is incorporated into this disclosure by reference middle.
技术领域Technical field
本公开涉及信息处理领域,特别涉及一种角色授权方法及系统。The present disclosure relates to the field of information processing, and in particular to a role authorization method and system.
背景技术Background technique
随着经济的发展和信息科学的不断进步,信息的处理量越来越大,也越来越繁杂,计算机技术也被应用到社会的各个领域之中。但随着业务的不断细化,需要对不同的操作员要求不同的操作权限,中间可能伴随着角色权限的调整和新增业务的授权等问题,意识到信息系统安全和保密的重要性,如何提供用户合理的使用权限已成为重要一环。With the development of economy and the continuous progress of information science, the amount of information processing has become larger and more complicated, and computer technology has also been applied to various fields of society. However, as the business continues to refine, different operators need to require different operating permissions, which may be accompanied by issues such as the adjustment of role permissions and the authorization of new services. How to realize the importance of information system security and confidentiality? Providing users with reasonable usage rights has become an important part.
发明内容Summary of the invention
本公开实施例的目的在于提供一种角色授权方法及系统。The purpose of the embodiments of the present disclosure is to provide a role authorization method and system.
本公开提供一种角色授权方法,包括:根据系统中各个资源的资源路径,获取待分配资源;基于角色需求,从所有所述待分配资源中选择至少一项资源作为需求资源,并为所述角色分配使用所述需求资源的权限。The present disclosure provides a role authorization method, including: obtaining resources to be allocated according to the resource path of each resource in the system; based on role requirements, selecting at least one resource from all the resources to be allocated as the required resource, and The role assigns the right to use the required resource.
可选地,所述根据系统中各个资源的资源路径,获取待分配资源,包括:根据所述系统中各个资源的资源路径,将所述资源路径对应的资源存储至数据库;在所述数据库中获取所述待分配资源。Optionally, the obtaining the resource to be allocated according to the resource path of each resource in the system includes: storing the resource corresponding to the resource path in a database according to the resource path of each resource in the system; in the database Obtain the resource to be allocated.
可选地,在所述根据系统中各个资源的资源路径,获取待分配资源之后,还包括:展示所有所述待分配资源。Optionally, after obtaining the resources to be allocated according to the resource path of each resource in the system, the method further includes: displaying all the resources to be allocated.
其中,所有所述待分配资源通过树状图和列表中的至少一种展示。Wherein, all the resources to be allocated are displayed through at least one of a tree diagram and a list.
可选地,所述展示所述所有待分配资源,包括:基于第一待分配资源的资源路径,确定所述第一待分配资源与第二待分配资源之间的归属关系,所述第 一待分配资源和所述第二待分配资源均为任一所述待分配资源,且所述第一待分配资源和所述第二待分配资源为不同的所述待分配资源;根据所述第一待分配资源与第二待分配资源之间的归属关系,展示所有所述待分配资源。Optionally, the displaying all the resources to be allocated includes: determining the attribution relationship between the first resources to be allocated and the second resources to be allocated based on the resource path of the first resources to be allocated, the first The resource to be allocated and the second resource to be allocated are any one of the resources to be allocated, and the first resource to be allocated and the second resource to be allocated are different resources to be allocated; An attribution relationship between the resource to be allocated and the second resource to be allocated, showing all the resources to be allocated.
可选地,所述从所有所述待分配资源中选择至少一项资源作为需求资源,并为所述角色分配使用所述需求资源的权限,包括:接收管理员的配置指令,所述配置指令中至少包括一项所述角色的需求资源;在所有所述待分配资源中,基于所述配置指令,为所述角色分配至少一项需求资源的权限。Optionally, the selecting at least one resource from all the resources to be allocated as the required resource, and assigning the right to use the required resource to the role includes: receiving a configuration instruction from an administrator, the configuration instruction At least one required resource of the role is included in; among all the resources to be allocated, based on the configuration instruction, the role is assigned at least one required resource authority.
可选地,所述资源至少包括以下之一:菜单资源、页面资源、按钮资源、文件资源。Optionally, the resources include at least one of the following: menu resources, page resources, button resources, and file resources.
可选地,所述系统为会议管理系统。Optionally, the system is a conference management system.
本公开的实施例还提供了一种角色授权系统,包括:资源获取模块,用于根据系统中各个资源的资源路径,获取待分配资源;权限分配模块,用于基于角色需求,从所有所述待分配资源中选择至少一项资源作为需求资源,并为所述角色分配使用所述需求资源的权限。The embodiment of the present disclosure also provides a role authorization system, including: a resource acquisition module, which is used to acquire resources to be allocated according to the resource path of each resource in the system; At least one resource among the resources to be allocated is selected as the required resource, and the role is assigned the right to use the required resource.
可选地,所述资源获取模块,用于:根据所述系统中各个资源的资源路径,将所述资源路径对应的资源存储至数据库;在所述数据库中获取所述待分配资源。Optionally, the resource acquisition module is configured to: store the resource corresponding to the resource path in a database according to the resource path of each resource in the system; and acquire the resource to be allocated from the database.
可选地,还包括:展示模块,用于展示所有所述待分配资源。Optionally, it further includes: a display module for displaying all the resources to be allocated.
其中,所有所述待分配资源通过树状图和列表中的至少一种展示。Wherein, all the resources to be allocated are displayed through at least one of a tree diagram and a list.
可选地,所述展示模块,用于:基于第一待分配资源的资源路径,确定所述第一待分配资源与第二待分配资源之间的归属关系,所述第一待分配资源和所述第二待分配资源均为任一所述待分配资源,且所述第一待分配资源和所述第二待分配资源为不同的所述待分配资源;根据所述第一待分配资源与第二待分配资源之间的归属关系,展示所有所述待分配资源。Optionally, the display module is configured to determine the ownership relationship between the first resource to be allocated and the second resource to be allocated based on the resource path of the first resource to be allocated, the first resource to be allocated and The second resource to be allocated is any one of the resources to be allocated, and the first resource to be allocated and the second resource to be allocated are different resources to be allocated; according to the first resource to be allocated The attribution relationship with the second resource to be allocated shows all the resources to be allocated.
可选地,所述权限分配模块,用于:接收管理员的配置指令,所述配置指令中至少包括一项所述角色的需求资源;在所有所述待分配资源中,基于所述配置指令,为所述角色分配至少一项需求资源的权限。Optionally, the authority allocation module is configured to: receive a configuration instruction from an administrator, where the configuration instruction includes at least one required resource of the role; among all the resources to be allocated, based on the configuration instruction , To assign at least one permission for the required resource to the role.
可选地,所述资源至少包括以下之一:菜单资源、页面资源、按钮资源、文件资源。Optionally, the resources include at least one of the following: menu resources, page resources, button resources, and file resources.
可选地,所述系统为会议管理系统。Optionally, the system is a conference management system.
本公开还提供了一种计算机设备,所述计算机设备包括处理器和存储器;The present disclosure also provides a computer device, which includes a processor and a memory;
其中,所述存储器,用于存储计算机程序;Wherein, the memory is used to store a computer program;
所述处理器,用于执行所述存储器中存放的计算机程序,以实现前述任一所述的角色授权方法。The processor is configured to execute the computer program stored in the memory to implement any one of the aforementioned role authorization methods.
本公开还提供了一种计算机可读存储介质,所述计算机可读存储介质中存储有计算机指令,存储的所述计算机指令被处理器执行时能够实现前述任一所述的角色授权方法。The present disclosure also provides a computer-readable storage medium in which computer instructions are stored, and when the stored computer instructions are executed by a processor, any one of the aforementioned role authorization methods can be implemented.
附图说明Description of the drawings
图1示出本公开第一实施例中角色授权方法的流程图;Fig. 1 shows a flowchart of a role authorization method in the first embodiment of the present disclosure;
图2是本公开实施例提供的一种角色授权方法流程示意图;FIG. 2 is a schematic flowchart of a role authorization method provided by an embodiment of the present disclosure;
图3示出本公开第一实施例中角色授权系统的结构示意图;Figure 3 shows a schematic structural diagram of a role authorization system in the first embodiment of the present disclosure;
图4示出本公开第二实施例中角色授权系统的另一种结构示意图;FIG. 4 shows another schematic diagram of the structure of the role authorization system in the second embodiment of the present disclosure;
图5是本公开实施例提供的一种计算机设备的框图。Fig. 5 is a block diagram of a computer device provided by an embodiment of the present disclosure.
具体实施方式detailed description
此处参考附图描述本公开的各种方案以及特征。Various solutions and features of the present disclosure are described here with reference to the accompanying drawings.
应理解的是,可以对此处申请的实施例做出各种修改。因此,上述说明书不应该视为限制,而仅是作为实施例的范例。本领域的技术人员将想到在本公开的范围和精神内的其他修改。It should be understood that various modifications can be made to the embodiments applied herein. Therefore, the above description should not be regarded as a limitation, but merely as an example of an embodiment. Those skilled in the art will think of other modifications within the scope and spirit of this disclosure.
包含在说明书中并构成说明书的一部分的附图示出了本公开的实施例,并且与上面给出的对本公开的大致描述以及下面给出的对实施例的详细描述一起用于解释本公开的原理。The drawings included in the specification and constituting a part of the specification illustrate the embodiments of the present disclosure, and are used to explain the present disclosure together with the general description of the present disclosure given above and the detailed description of the embodiments given below principle.
通过下面参照附图对给定为非限制性实例的实施例的可选形式的描述,本公开的这些和其它特性将会变得显而易见。These and other characteristics of the present disclosure will become apparent from the following description of alternative forms of embodiments given as non-limiting examples with reference to the accompanying drawings.
还应当理解,尽管已经参照一些具体实例对本公开进行了描述,但本领域技术人员能够确定地实现本公开的很多其它等效形式,它们具有如权利要求的特征并因此都位于借此所限定的保护范围内。It should also be understood that although the present disclosure has been described with reference to some specific examples, those skilled in the art can surely implement many other equivalent forms of the present disclosure, which have the characteristics of the claims and are therefore located as defined thereby. Within the scope of protection.
当结合附图时,鉴于以下详细说明,本公开的上述和其他方面、特征和优势将变得更为显而易见。The above and other aspects, features and advantages of the present disclosure will become more apparent in view of the following detailed description when combined with the accompanying drawings.
此后参照附图描述本公开的具体实施例;然而,应当理解,所申请的实施例仅仅是本公开的实例,其可采用多种方式实施。熟知和/或重复的功能和结构 并未详细描述以避免不必要或多余的细节使得本公开模糊不清。因此,本文所申请的具体的结构性和功能性细节并非意在限定,而是仅仅作为权利要求的基础和代表性基础用于教导本领域技术人员以实质上任意合适的详细结构多样地使用本公开。Hereinafter, specific embodiments of the present disclosure will be described with reference to the accompanying drawings; however, it should be understood that the applied embodiments are merely examples of the present disclosure, which can be implemented in various ways. Well-known and/or repeated functions and structures have not been described in detail to avoid unnecessary or redundant details that obscure the present disclosure. Therefore, the specific structural and functional details applied for herein are not intended to be limiting, but merely serve as the basis and representative basis of the claims to teach those skilled in the art to use the present in a variety of ways with substantially any suitable detailed structure. public.
本说明书可使用词组“在一种实施例中”、“在另一个实施例中”、“在又一实施例中”或“在其他实施例中”,其均可指代根据本公开的相同或不同实施例中的一个或多个。This description may use the phrases "in one embodiment," "in another embodiment," "in yet another embodiment," or "in other embodiments," which can all refer to the same according to the present disclosure. Or one or more of the different embodiments.
随着经济的发展和信息科学的不断进步,信息的处理量越来越大,在人们的生产生活过程中,各种各样的信息管理系统的出现简化了信息数据的处理方式,方便用户进行使用,例如会议管理系统、财务管理系统、人力资源系统、办公管理系统、运行维护管理系统等等。以会议管理系统为例,针对一个会议管理系统,其内部存在多种功能模块用以分别对不同种类的信息进行管理,例如会议信息、参会人员信息、会议室信息、会议设备信息等,用户在使用过程中基于不同职能或不同等级对会议管理系统中的不同功能进行使用,由此引发的角色授权问题在实际使用过程中降低了用户的使用体验。With the development of the economy and the continuous progress of information science, the amount of information processing is increasing. In the process of people’s production and life, the emergence of various information management systems has simplified the processing methods of information and data, and is convenient for users. Use, such as conference management system, financial management system, human resource system, office management system, operation and maintenance management system, etc. Take a conference management system as an example. For a conference management system, there are multiple functional modules inside to manage different types of information, such as conference information, participant information, conference room information, conference equipment information, etc. In the use process, different functions in the conference management system are used based on different functions or different levels, and the role authorization problem caused by this reduces the user experience in the actual use process.
相关技术中,在对会议管理系统的用户进行授权时,通常是基于会议管理系统的各个功能下所包含的资源进行单独授权,角色授权过程较为繁琐,尤其是针对角色需求更新进行权限的重新划分时,受系统中各个功能的限制无法实现统一的授权操作。In related technologies, when authorizing users of the conference management system, they are usually authorized separately based on the resources contained in each function of the conference management system. The role authorization process is relatively cumbersome, especially the re-division of permissions for the update of role requirements However, due to the limitations of the various functions in the system, a unified authorization operation cannot be achieved.
为了解决该问题,本公开实施例提供了一种角色授权方法,其流程图如图1所示,主要包括步骤S1和S2:In order to solve this problem, an embodiment of the present disclosure provides a role authorization method. The flowchart is shown in Fig. 1, and mainly includes steps S1 and S2:
S1,根据系统中各个资源的资源路径,获取待分配资源。S1: Obtain the resource to be allocated according to the resource path of each resource in the system.
以会议管理系统为例,会议管理系统中存在各种资源,当用户角色存在对该资源的使用权限时,用户才可以在会议管理系统中使用相应的功能或查看相应的内容。示例性地,本实施例中所提到的资源包括菜单资源、页面资源、按钮资源、文件资源中的至少一种,通常情况下菜单资源、页面资源和按钮资源都是系统中必不可少的资源。菜单资源通常对应不同的系统功能,在会议管理系统下,其菜单资源可以至少包括“会议管理”、“参会人员管理”、“会议室管理”、“设备管理”、“系统管理”等多种不同的功能菜单以实现不同的系统功能,每个菜单下还可以存在子菜单以细化对应功能;页面资源则通常在菜单资源的 基础上,基于对菜单的选择所展示出的不同页面资源,页面内则可展示不同内容,其内页存在按钮资源或文件资源;按钮资源通常为页面内展示的各种功能按钮,例如“增删改查”或“打印”等,点击按钮即可调用对应的功能接口实现增删改查或打印功能;文件资源则通常为文字、图片、音频或视频等资源,按照其具体类型可以在页面内进行展示。Take the conference management system as an example. There are various resources in the conference management system. When the user role has the right to use the resource, the user can use the corresponding function or view the corresponding content in the conference management system. Exemplarily, the resources mentioned in this embodiment include at least one of menu resources, page resources, button resources, and file resources. Generally, menu resources, page resources, and button resources are all indispensable in the system. resource. Menu resources usually correspond to different system functions. Under the conference management system, the menu resources can at least include "meeting management", "participant management", "meeting room management", "equipment management", "system management", etc. Different function menus to achieve different system functions, each menu can also have sub-menus to refine the corresponding functions; page resources are usually based on the menu resources, and the different page resources displayed based on the menu selection , Different content can be displayed on the page, and there are button resources or file resources on the inner page; button resources are usually various function buttons displayed on the page, such as "add, delete, modify, check" or "print", etc., click the button to call the corresponding The functional interface of, realizes the function of adding, deleting, modifying, checking or printing; the file resources are usually text, pictures, audio or video resources, which can be displayed in the page according to their specific types.
用户在使用会议管理系统的过程中,基于其用户账号归属的角色,该用户即具有该角色被分配的权限,即可在操作会议管理系统时使用相应的资源,而为了保证系统的使用安全,角色的权限分配是由管理员统一进行的。本实施例中管理员在进行角色的授权时,首先基于会议管理系统内各个资源的资源路径,获取所有的待分配资源进行统一的管理,资源路径是指每一个资源在创建或使用时所需要调取的路径,是会议管理系统在创建时为每个资源规定好的路径,该路径唯一且仅能代表该资源,根据会议管理系统中各个资源路径,即可获取所有待分配资源,该待分配资源可以是会议管理系统的所有资源,也可以是根据实际需求在所有资源中选择需要进行分配或可能进行分配的部分资源。When a user uses the conference management system, based on the role his user account belongs to, the user has the rights assigned to the role and can use the corresponding resources when operating the conference management system. In order to ensure the safety of the system, The role permissions are assigned by the administrator uniformly. In this embodiment, when the administrator authorizes a role, he first obtains all resources to be allocated for unified management based on the resource path of each resource in the conference management system. The resource path refers to what each resource needs when it is created or used. The retrieved path is the path specified by the conference management system for each resource when it is created. The path is unique and can only represent the resource. According to each resource path in the conference management system, all resources to be allocated can be obtained. The allocated resources can be all resources of the conference management system, or part of the resources that need to be allocated or may be allocated according to actual needs.
S2,基于角色需求,从所有待分配资源中选择至少一项资源作为需求资源,并为角色分配使用需求资源的权限。S2, based on role requirements, select at least one resource from all resources to be allocated as required resources, and assign permissions to use the required resources to the role.
获取全部待分配资源之后,管理员可以基于当前所分配的角色的实际需求,从所有待分配资源中选择至少一项资源作为需求资源,并为该角色分配使用上述需求资源的权限。待分配资源可以为会议管理系统中的任意一种资源,通过本实施例所提供的方法,即可以实现对会议管理系统的资源的统一分配。需要注意的是,在为某一个角色配置好权限之后,归属于该角色下的所有用户均具有相应的权限,在需要对用户的权限进行调整时,对应调整该用户所属的角色即可。实际使用过程中,该角色可以为原有角色,通过本实施例即可实现对原有角色权限的调整,该角色还可以为新创建的角色,通过本实施例即可实现对新角色的权限分配。After obtaining all the resources to be allocated, the administrator can select at least one resource from all resources to be allocated as the required resource based on the actual needs of the currently allocated role, and assign the permission to use the aforementioned required resource for the role. The resource to be allocated can be any resource in the conference management system. Through the method provided in this embodiment, a unified allocation of resources of the conference management system can be realized. It should be noted that after configuring permissions for a role, all users belonging to the role have corresponding permissions. When the permissions of the user need to be adjusted, the role to which the user belongs can be adjusted accordingly. In actual use, the role can be the original role, and the permissions of the original role can be adjusted through this embodiment, and the role can also be a newly created role. The permissions on the new role can be realized through this embodiment. distribute.
本公开实施例的有益效果在于:基于会议管理系统内所有资源的资源间所属关系与其唯一性实现对资源的整合,便于实现根据角色的具体需求重新编辑和创建角色所需要的资源,脱离原有系统对资源权限的限制,实现统一灵活对资源的授权,简化了角色授权的方式,提升了用户的使用体验。The beneficial effects of the embodiments of the present disclosure are: based on the resource ownership and uniqueness of all resources in the conference management system, the integration of resources is realized, which facilitates the realization of the resources required for re-editing and creating roles according to the specific needs of the role, and is separated from the original The system limits resource permissions, realizes unified and flexible authorization of resources, simplifies the way of role authorization, and improves user experience.
示例性地,步骤S1包括:Illustratively, step S1 includes:
在实际使用时,可以预先根据会议管理系统中各个资源路径,将各个资源 路径所对应的资源导入至数据库中进行存储,在进行资源授权时,在数据库的所有资源中获取待分配资源以进行权限的分配。In actual use, the resources corresponding to each resource path can be imported into the database for storage in advance according to each resource path in the conference management system. When the resource is authorized, the resources to be allocated are obtained from all the resources in the database for authorization. Distribution.
其中,各个资源路径可以通过文档的形式进行记录或存储,数据库通过自动读取文档中的资源路径获取所有对应的资源进行存储;实际操作中,管理员还可通过手动的方式在数据库中进行资源的增加、修改或删除,随后再通过数据库获取待分配资源。需要了解的是,使用数据库进行资源的导入和获取仅仅是本实施例的一种实施方式,实际使用过程中还可以通过其他任意方式基于资源路径进行待分配资源的获取,例如通过文件进行资源路径的存储,获取待分配资源时,在硬盘或内存中调用该文件,读取该文件内的资源路径之后获取对应待分配资源。也即,本公开中获取资源的方式不固定,还可以手动导入或者自行手动创建,实现多样化资源的获取。Among them, each resource path can be recorded or stored in the form of a document, and the database automatically reads the resource path in the document to obtain all corresponding resources for storage; in actual operation, the administrator can also manually perform resources in the database Add, modify or delete, and then obtain the resources to be allocated through the database. It should be understood that the use of a database to import and obtain resources is only one implementation of this embodiment. In actual use, it is also possible to obtain resources to be allocated based on the resource path in any other way, such as the resource path through a file. When the resource to be allocated is obtained, the file is called in the hard disk or memory, and the resource path in the file is read to obtain the corresponding resource to be allocated. That is, the method of acquiring resources in the present disclosure is not fixed, and it can also be manually imported or manually created by oneself to achieve the acquisition of diversified resources.
为了方便管理员进行权限分配,在获取待分配资源之后,该方法还可以包括:In order to facilitate the administrator to allocate permissions, after obtaining the resources to be allocated, the method may further include:
通过预设方式展示所有待分配资源,以可视化的形式直观地将可以进行分配的资源向管理员进行展示,方便管理员进行后续权限的配置。其中,预设方式至少包括树状图或列表,当然还可以包括其他展示形式,本实施例不进行限制。All the resources to be allocated are displayed in a preset manner, and the resources that can be allocated are displayed to the administrator in a visual form, which is convenient for the administrator to configure subsequent permissions. Among them, the preset mode includes at least a tree diagram or a list, and of course, may also include other display modes, which is not limited in this embodiment.
示例性地,在进行待分配资源展示时,可基于各个资源之间的归属关系进行相应展示,方便管理员在分配权限时进行更灵活的选择。示例性地,基于每个待分配资源的资源路径,即可确定每个待分配资源与其他待分配资源之间的归属关系,例如,针对按钮资源A,其资源路径为X-Y-A,其中X为某一个菜单资源,Y为菜单X中的页面资源,则A为页面Y中的按钮资源;通常情况下,页面资源归属于菜单资源中,按钮资源归属于页面资源中,文件资源归属于页面资源或菜单资源中,也可以存在其他资源之间的归属关系,本实施例不进行限制;另外,本实施例中关于资源路径的表示仅为简单示例,任意资源的资源路径以实际会议管理系统中的路径为准。确定每个待分配资源与其他待分配资源之间的归属关系后,即可根据该归属关系,展示所有待分配资源,以树状图的形式进行展示为例,按钮A在树状图中以一个子节点的形式表示,其父节点为页面Y的节点,页面Y的父节点则为菜单X,与此同时,菜单X的节点还可以存在其他的子节点,页面Y的节点也可以存在除按钮A的节点以外的其他子节点。通过树状图可以直观地展示各个资源之间的归属关系,方便管理员在分 配权限时进行更灵活的选择。Exemplarily, when displaying the resources to be allocated, the corresponding display can be performed based on the attribution relationship between the resources, which facilitates the administrator to make more flexible choices when assigning permissions. Exemplarily, based on the resource path of each resource to be allocated, the attribution relationship between each resource to be allocated and other resources to be allocated can be determined. For example, for button resource A, its resource path is XYA, where X is a certain A menu resource, Y is the page resource in menu X, and A is the button resource in page Y; usually, the page resource belongs to the menu resource, the button resource belongs to the page resource, and the file resource belongs to the page resource or In the menu resources, there may also be attribution relationships among other resources, which is not limited in this embodiment; in addition, the representation of the resource path in this embodiment is only a simple example, and the resource path of any resource is based on the actual conference management system. The path shall prevail. After determining the attribution relationship between each resource to be allocated and other resources to be allocated, you can display all the resources to be allocated according to the attribution relationship, and display in the form of a tree diagram as an example. Button A is shown in the tree diagram as A child node is represented in the form of a parent node of page Y, and the parent node of page Y is menu X. At the same time, the node of menu X can also have other child nodes, and nodes of page Y can also exist in addition to Child nodes other than button A's node. The tree diagram can visually display the attribution relationship between various resources, which is convenient for administrators to make more flexible choices when assigning permissions.
也即,基于第一待分配资源的资源路径,确定第一待分配资源与第二待分配资源之间的归属关系,第一待分配资源和第二待分配资源均为任一待分配资源,且第一待分配资源和第二待分配资源为不同的待分配资源;根据第一待分配资源与第二待分配资源之间的归属关系,展示所有待分配资源。That is, based on the resource path of the first resource to be allocated, the attribution relationship between the first resource to be allocated and the second resource to be allocated is determined, and the first resource to be allocated and the second resource to be allocated are any resources to be allocated, And the first resource to be allocated and the second resource to be allocated are different resources to be allocated; according to the ownership relationship between the first resource to be allocated and the second resource to be allocated, all resources to be allocated are displayed.
示例性地,在基于角色需求为角色分配相应资源的权限时,管理员会基于获取到的待分配资源,结合当前需要进行权限分配的角色的实际需求,发送相应的配置指令,该配置指令中至少包括一项该角色的需求资源,即该角色所需要获得权限的资源。Exemplarily, when assigning the permissions of the corresponding resources to the role based on the role requirements, the administrator will send the corresponding configuration instructions based on the acquired resources to be allocated, combined with the actual needs of the roles that currently need to be assigned permissions. It includes at least one resource required by the role, that is, the resource that the role needs to obtain permissions.
步骤S2包括:接收到管理员的配置指令;基于配置指令的具体内容,为角色分配配置指令中对应的需求资源的权限。Step S2 includes: receiving a configuration instruction from the administrator; based on the specific content of the configuration instruction, allocating the authority of the corresponding required resource in the configuration instruction to the role.
示例性地,在待分配资源通过预设方式进行展示时,可以在展示界面中为每个资源对应设置选项框,管理员在进行配置时,通过勾选各个资源对应的选项框进行资源配置,相当于在配置指令中增加相应的资源为需求资源,在展示界面中还可以由保存按钮,当管理员选择所有需求资源并点击保存按钮之后,相当于接收到了管理员发送的配置指令,随后根据配置指令内的具体内容为角色分配需求资源的权限即可,通过上述方式可以简化管理员配置权限时的操作,根据需求实现定制化的智能授权方式。Exemplarily, when the resources to be allocated are displayed in a preset manner, an option box can be set for each resource in the display interface. When configuring, the administrator configures the resource by checking the option box corresponding to each resource. It is equivalent to adding the corresponding resource as the required resource in the configuration instruction. The save button can also be used in the display interface. When the administrator selects all the required resources and clicks the save button, it is equivalent to receiving the configuration instruction sent by the administrator, and then according to The specific content in the configuration instruction is enough to allocate the required resource authority to the role. The above method can simplify the operation of the administrator when configuring the authority, and realize the customized intelligent authorization method according to the demand.
本实施例基于会议管理系统内所有资源的资源间所属关系与其唯一性实现对资源的整合,便于实现根据角色的具体需求重新编辑和创建角色所需要的资源,脱离原有系统对资源权限的限制,实现统一灵活对资源的授权,简化了角色授权的方式,提升了用户的使用体验。This embodiment realizes the integration of resources based on the resource ownership and uniqueness of all resources in the conference management system, which facilitates the realization of resources required for re-editing and creating roles according to the specific needs of the roles, and is free from the original system's restrictions on resource permissions , To achieve unified and flexible authorization of resources, simplify the way of role authorization, and improve the user experience.
图2是本公开实施例提供的一种角色授权方法流程示意图。参见图2,在拉取到角色及资源后,为角色分配资源完成授权,上述授权的过程可以生成日志。Fig. 2 is a schematic flowchart of a role authorization method provided by an embodiment of the present disclosure. Referring to Figure 2, after the roles and resources are pulled, resources are allocated to the roles to complete authorization, and the above authorization process can generate logs.
在授权时,可以满足用户特殊的角色功能,实现一个用户下的多角色权限不同的效果。During authorization, it can satisfy the user's special role function, and realize the different effects of multi-role authority under a user.
这里,授权可以基于一个系统实现,例如系统A,在授权完成后,该方法还包括对授权的资源配置进行保存。Here, authorization can be implemented based on a system, such as system A. After the authorization is completed, the method further includes saving the authorized resource configuration.
该方法还可以包括:将保存的资源配置用于另一个系统的授权,例如系统A的资源配置,复用在系统B上,使得系统B得到和系统A相同的资源授权。也即,该方法可以屏蔽系统类型,授权予另一个项目的资源权限分配,使其屏蔽 授权对象的差异性,实现跨项目的授权方式。The method may further include: using the saved resource configuration for authorization of another system, for example, the resource configuration of system A, multiplexing it on system B, so that system B obtains the same resource authorization as system A. In other words, this method can shield the system type and authorize the allocation of resource rights to another project, so that it can shield the difference of authorized objects, and realize the authorization method across projects.
完成授权后,用户登录对应系统,可以看到更改后角色的所有已分配权限。After the authorization is completed, the user logs in to the corresponding system and can see all the assigned permissions of the changed role.
应当了解的是,本实施例主要基于会议管理系统进行了角色授权方法的说明,在实际使用时,该角色授权方法同样适用于其他信息管理系统,如财务管理系统、人力资源管理系统等,只要基于不同资源的不同资源路径获取对应资源,即可实现对资源权限的灵活分配。本申请的资源除了是系统权限资源外,还可以是服务器的权限所属等其他类型的资源。It should be understood that this embodiment mainly describes the role authorization method based on the conference management system. In actual use, the role authorization method is also applicable to other information management systems, such as financial management systems, human resource management systems, etc., as long as By obtaining corresponding resources based on different resource paths of different resources, the flexible allocation of resource permissions can be realized. In addition to system authority resources, the resources of this application can also be other types of resources such as the authority of the server.
本公开实施例提供了一种角色授权系统,实质上,本实施例的角色授权系统可以作为一个独立的功能模块嵌入至会议管理系统,也可以作为一个独立的角色授权系统,只要其可以实现会议管理系统内资源的访问和角色的控制即可。本实施例的角色授权系统的结构示意图如图3所示,主要包括互相耦合的资源获取模块10和权限分配模块20,其中,资源获取模块10用于根据系统中各个资源的资源路径,获取待分配资源;权限分配模块20用于基于角色需求,从所有待分配资源中选择至少一项资源作为需求资源,并为角色分配使用需求资源的权限。The embodiment of the present disclosure provides a role authorization system. In essence, the role authorization system of this embodiment can be embedded in the conference management system as an independent functional module, or can be used as an independent role authorization system, as long as it can realize the conference. Manage access to resources in the system and control of roles. The schematic diagram of the structure of the role authorization system of this embodiment is shown in Fig. 3, which mainly includes a resource acquisition module 10 and a permission distribution module 20 which are coupled with each other. Allocate resources; the permission allocation module 20 is used to select at least one resource from all the resources to be allocated as the required resource based on the role requirement, and assign the permission to use the required resource to the role.
会议管理系统中存在各种资源,当用户角色存在对该资源的使用权限时,用户才可以在会议管理系统中使用相应的功能或查看相应的内容。示例性地,本实施例中所提到的资源包括菜单资源、页面资源、按钮资源、文件资源中的至少一种,通常情况下菜单资源、页面资源和按钮资源都是系统中必不可少的资源。There are various resources in the conference management system. When the user role has the right to use the resource, the user can use the corresponding function or view the corresponding content in the conference management system. Exemplarily, the resources mentioned in this embodiment include at least one of menu resources, page resources, button resources, and file resources. Generally, menu resources, page resources, and button resources are all indispensable in the system. resource.
用户在使用会议管理系统的过程中,基于其用户账号归属的角色,该用户即具有该角色被分配的权限,即可在操作会议管理系统时使用相应的资源,而为了保证系统的使用安全,角色的权限分配是由管理员统一进行的。本实施例中管理员在使用角色授权系统进行角色的授权时,首先由资源获取模块10基于会议管理系统内各个资源的资源路径,获取所有的待分配资源进行统一的管理,资源路径是指每一个资源在创建或使用时所需要调取的路径,是会议管理系统在创建时为每个资源规定好的路径,该路径唯一且仅能代表该资源,根据会议管理系统中各个资源路径,即可获取所有待分配资源,该待分配资源可以是会议管理系统的所有资源,也可以是根据实际需求在所有资源中选择需要进行分配或可能进行分配的部分资源。When a user uses the conference management system, based on the role his user account belongs to, the user has the rights assigned to the role and can use the corresponding resources when operating the conference management system. In order to ensure the safety of the system, The role permissions are assigned by the administrator uniformly. In this embodiment, when the administrator uses the role authorization system for role authorization, the resource acquisition module 10 first obtains all the resources to be allocated for unified management based on the resource path of each resource in the conference management system. The resource path refers to each resource path. The path that a resource needs to be called when it is created or used is the path specified by the conference management system for each resource when it is created. This path is unique and can only represent the resource. According to each resource path in the conference management system, that is All resources to be allocated can be obtained. The resources to be allocated can be all resources of the conference management system, or part of resources that need to be allocated or may be allocated according to actual needs.
示例性地,在实际使用时,资源获取模块10可以预先根据会议管理系统中各个资源路径,将各个资源路径所对应的资源导入至数据库中进行存储,在进行资源授权时,在数据库的所有资源中获取待分配资源以进行权限的分配。其中,各个资源路径可以通过文档的形式进行记录或存储,数据库通过自动读取文档中的资源路径获取所有对应的资源进行存储;实际操作中,管理员还可通过手动的方式在数据库中进行资源的增加、修改或删除,随后再通过数据库获取待分配资源。需要了解的是,资源获取模块10使用数据库进行资源的导入和获取仅仅是本实施例的一种实施方式,实际使用过程中还可以通过其他任意方式基于资源路径进行待分配资源的获取,例如资源获取模块10通过文件进行资源路径的存储,获取待分配资源时,在硬盘或内存中调用该文件,读取该文件内的资源路径之后获取对应待分配资源。Exemplarily, in actual use, the resource acquisition module 10 can import the resources corresponding to each resource path into the database for storage in advance according to each resource path in the conference management system. When the resource is authorized, all resources in the database Obtain resources to be allocated in order to allocate permissions. Among them, each resource path can be recorded or stored in the form of a document, and the database automatically reads the resource path in the document to obtain all corresponding resources for storage; in actual operation, the administrator can also manually perform resources in the database Add, modify or delete, and then obtain the resources to be allocated through the database. It should be understood that the use of the database to import and obtain resources by the resource acquisition module 10 is only one implementation of this embodiment. In actual use, it is also possible to acquire resources to be allocated based on resource paths in any other manner, such as resources. The acquiring module 10 stores the resource path through a file, and when acquiring the resource to be allocated, the file is called in the hard disk or the memory, and the resource path in the file is read to obtain the corresponding resource to be allocated.
图4示出了本实施例中角色授权系统的另一种结构示意图,此时角色授权系统还包括展示模块30,该展示模块30分别与资源获取模块10和权限分配模块20耦合。为了方便管理员进行权限分配,在获取待分配资源之后,角色授权系统还可以通过展示模块30以预设方式展示所有待分配资源,以可视化的形式直观地将可以进行分配的资源向管理员进行展示,方便管理员进行后续权限的配置。其中,预设方式至少包括树状图或列表,当然还可以包括其他展示形式,本实施例不进行限制。FIG. 4 shows another schematic structural diagram of the role authorization system in this embodiment. At this time, the role authorization system further includes a display module 30 that is coupled to the resource acquisition module 10 and the authority distribution module 20 respectively. In order to facilitate the administrator to assign permissions, after obtaining the resources to be allocated, the role authorization system can also display all the resources to be allocated in a preset manner through the display module 30, and intuitively display the resources that can be allocated to the administrator in a visual form. Display to facilitate the administrator to configure subsequent permissions. Among them, the preset mode includes at least a tree diagram or a list, and of course, may also include other display modes, which is not limited in this embodiment.
进一步地,展示模块30在进行待分配资源展示时,可基于各个资源之间的归属关系进行相应展示,方便管理员在分配权限时进行更灵活的选择。示例性地,基于每个待分配资源的资源路径,即可确定每个待分配资源与其他待分配资源之间的归属关系,例如,针对按钮资源A,其资源路径为X-Y-A,其中X为某一个菜单资源,Y为菜单X中的页面资源,则A为页面Y中的按钮资源。展示模块30确定每个待分配资源与其他待分配资源之间的归属关系后,即可根据该归属关系,以预设方式展示所有待分配资源,以树状图的形式进行展示为例,按钮A在树状图中以一个子节点的形式表示,其父节点为页面Y的节点,页面Y的父节点则为菜单X,与此同时,菜单X的节点还可以存在其他的子节点,页面Y的节点也可以存在除按钮A的节点以外的其他子节点。通过树状图可以直观地展示各个资源之间的归属关系,方便管理员在分配权限时进行更灵活的选择。Further, when displaying the resources to be allocated, the display module 30 may perform corresponding display based on the attribution relationship between the resources, which facilitates the administrator to make more flexible choices when assigning permissions. Exemplarily, based on the resource path of each resource to be allocated, the attribution relationship between each resource to be allocated and other resources to be allocated can be determined. For example, for button resource A, its resource path is XYA, where X is a certain A menu resource, Y is the page resource in menu X, and A is the button resource in page Y. After the display module 30 determines the attribution relationship between each resource to be allocated and other resources to be allocated, it can display all resources to be allocated in a preset manner according to the attribution relationship, and display in the form of a tree diagram as an example, the button A is represented as a child node in the tree diagram. Its parent node is the node of page Y, and the parent node of page Y is menu X. At the same time, the node of menu X can also have other child nodes. Page The node of Y may also have other child nodes besides the node of button A. The tree diagram can visually display the attribution relationship between various resources, which is convenient for administrators to make more flexible choices when assigning permissions.
也即,展示模块30用于基于第一待分配资源的资源路径,确定第一待分配 资源与第二待分配资源之间的归属关系,第一待分配资源和第二待分配资源均为任一待分配资源,且第一待分配资源和第二待分配资源为不同的待分配资源;根据第一待分配资源与第二待分配资源之间的归属关系,展示所有待分配资源。That is, the display module 30 is configured to determine the attribution relationship between the first resource to be allocated and the second resource to be allocated based on the resource path of the first resource to be allocated, and the first resource to be allocated and the second resource to be allocated are both free A resource to be allocated, and the first resource to be allocated and the second resource to be allocated are different resources to be allocated; according to the ownership relationship between the first resource to be allocated and the second resource to be allocated, all resources to be allocated are displayed.
资源获取模块10获取全部待分配资源之后,管理员可以基于当前所分配的角色的实际需求,通过权限分配模块20从所有待分配资源中选择至少一项资源作为需求资源,并为该角色分配使用上述需求资源的权限。待分配资源可以为会议管理系统中的任意一种资源,通过本实施例所提供的方法,即可以实现对会议管理系统的资源的统一分配。需要注意的是,在为某一个角色配置好权限之后,归属于该角色下的所有用户均具有相应的权限,在需要对用户的权限进行调整时,对应调整该用户所属的角色即可。实际使用过程中,该角色可以为原有角色,通过本实施例即可实现对原有角色权限的调整,该角色还可以为新创建的角色,通过本实施例即可实现对新角色的权限分配。After the resource acquisition module 10 obtains all the resources to be allocated, the administrator can select at least one resource from all resources to be allocated as the required resource through the authority allocation module 20 based on the actual needs of the currently allocated role, and allocate the resource for the role. Permission of the above-mentioned required resources. The resource to be allocated can be any resource in the conference management system. Through the method provided in this embodiment, a unified allocation of resources of the conference management system can be realized. It should be noted that after configuring permissions for a role, all users belonging to the role have corresponding permissions. When the permissions of the user need to be adjusted, the role to which the user belongs can be adjusted accordingly. In actual use, the role can be the original role, and the permissions of the original role can be adjusted through this embodiment, and the role can also be a newly created role. The permissions on the new role can be realized through this embodiment. distribute.
示例性地,在基于角色需求为角色分配相应资源的权限时,管理员会基于获取到的待分配资源,结合当前需要进行权限分配的角色的实际需求,发送相应的配置指令,该配置指令中至少包括一项该角色的需求资源,即该角色所需要获得权限的资源;权限分配模块20接收到管理员的配置指令后,即可在所有待分配资源中,基于配置指令的具体内容,为角色分配配置指令中对应的需求资源的权限。示例性地,展示模块30在待分配资源通过预设方式进行展示时,可以在展示界面中为每个资源对应设置选项框,管理员在进行配置时,通过勾选各个资源对应的选项框进行资源配置,相当于在配置指令中增加相应的资源为需求资源,在展示界面中还可以由保存按钮,当管理员选择所有需求资源并点击保存按钮之后,权限分配模块20相当于接收到了管理员发送的配置指令,随后根据配置指令内的具体内容为角色分配需求资源的权限即可,通过上述方式可以简化管理员配置权限时的操作,根据需求实现定制化的智能授权方式。Exemplarily, when assigning the permissions of the corresponding resources to the role based on the role requirements, the administrator will send the corresponding configuration instructions based on the acquired resources to be allocated, combined with the actual needs of the roles that currently need to be assigned permissions. It includes at least one resource required by the role, that is, the resource that the role needs to obtain permissions; after receiving the configuration instruction from the administrator, the permission allocation module 20 can include all resources to be allocated, based on the specific content of the configuration instruction, as The role assignment configuration instruction corresponds to the authority of the required resource. Exemplarily, when the display module 30 displays the resource to be allocated in a preset manner, it can set an option box corresponding to each resource in the display interface. When configuring, the administrator can check the corresponding option box of each resource. Resource configuration is equivalent to adding the corresponding resource as the required resource in the configuration instruction. The save button can also be used in the display interface. When the administrator selects all the required resources and clicks the save button, the authority allocation module 20 is equivalent to receiving the administrator The sent configuration instructions can then be assigned to the role the permissions of the required resources according to the specific content in the configuration instructions. The above method can simplify the operation of the administrator when configuring the permissions, and realize a customized intelligent authorization method according to the needs.
本实施例基于会议管理系统内所有资源的资源间所属关系与其唯一性实现对资源的整合,便于实现根据角色的具体需求重新编辑和创建角色所需要的资源,脱离原有系统对资源权限的限制,实现统一灵活对资源的授权,简化了角色授权的方式,提升了用户的使用体验。This embodiment realizes the integration of resources based on the resource ownership and uniqueness of all resources in the conference management system, which facilitates the realization of resources required for re-editing and creating roles according to the specific needs of the roles, and is free from the original system's restrictions on resource permissions , To achieve unified and flexible authorization of resources, simplify the way of role authorization, and improve the user experience.
应当了解的是,本实施例主要基于会议管理系统进行了角色授权系统的适用说明,该角色授权系统可以是会议管理系统中的一个功能系统,也可以作为一个单独的系统与会议管理系统进行协同使用;同时,在实际使用时,该角色 授权系统同样适用于其他信息管理系统,如财务管理系统、人力资源管理系统等,只要基于不同资源的不同资源路径获取对应资源,即可实现对资源权限的灵活分配。It should be understood that this embodiment is mainly based on the conference management system to explain the application of the role authorization system. The role authorization system can be a functional system in the conference management system, or it can be used as a separate system to coordinate with the conference management system. Use; At the same time, in actual use, the role authorization system is also applicable to other information management systems, such as financial management systems, human resources management systems, etc. As long as the corresponding resources are obtained based on different resource paths of different resources, the resource authority can be realized Flexible allocation.
如图5所示,本公开实施例还提供了一种计算机设备400。该计算机设备400可以用于执行上述各个实施例中提供的角色授权方法。参见图5,该计算机设备400包括:存储器401、处理器402和显示组件403,本领域技术人员可以理解,图5中示出的计算机设备400的结构并不构成对计算机设备400的限定,在实际应用中可以包括比图示更多或更少的组件,或者组合某些组件,或者不同的组件布置。其中:As shown in FIG. 5, an embodiment of the present disclosure also provides a computer device 400. The computer device 400 can be used to execute the role authorization methods provided in the foregoing various embodiments. Referring to FIG. 5, the computer device 400 includes a memory 401, a processor 402, and a display component 403. Those skilled in the art can understand that the structure of the computer device 400 shown in FIG. 5 does not constitute a limitation on the computer device 400. Practical applications may include more or fewer components than those shown in the figure, or a combination of certain components, or different component arrangements. in:
存储器401可用于存储计算机程序以及模块,存储器401可主要包括存储程序区和存储数据区,其中,存储程序区可存储操作系统、至少一个功能所需的应用程序等。存储器401可以包括高速随机存取存储器,还可以包括非易失性存储器,例如至少一个磁盘存储器件、闪存器件、或其他易失性固态存储器件。相应地,存储器401还可以包括存储器控制器,以提供处理器402对存储器401的访问。The memory 401 may be used to store computer programs and modules. The memory 401 may mainly include a program storage area and a data storage area. The program storage area may store an operating system, an application program required for at least one function, and the like. The memory 401 may include a high-speed random access memory, and may also include a non-volatile memory, such as at least one magnetic disk storage device, a flash memory device, or other volatile solid-state storage devices. Correspondingly, the memory 401 may also include a memory controller to provide the processor 402 with access to the memory 401.
处理器402通过运行存储在存储器401的软件程序以及模块,从而执行各种功能应用以及数据处理。The processor 402 executes various functional applications and data processing by running software programs and modules stored in the memory 401.
显示组件403用于显示图像,显示组件403可包括显示屏,其中,显示屏中的像素可以采用微型无机二极管或者有机电致发光二极管来实现。The display component 403 is used for displaying images, and the display component 403 may include a display screen, where the pixels in the display screen may be implemented by using micro-inorganic diodes or organic electroluminescent diodes.
在示例性实施例中,还提供了一种计算机可读存储介质,该计算机可读存储介质为非易失性存储介质,该计算机可读存储介质中存储有计算机程序,当该计算机可读存储介质中的计算机程序由处理器执行时,能够执行本公开实施例提供的角色授权方法。In an exemplary embodiment, a computer-readable storage medium is also provided. The computer-readable storage medium is a non-volatile storage medium, and a computer program is stored in the computer-readable storage medium. When the computer program in the medium is executed by the processor, it can execute the role authorization method provided by the embodiment of the present disclosure.
在示例性实施例中,还提供了一种计算机程序产品,该计算机程序产品中存储有指令,当其在计算机上运行时,使得计算机能够执行本公开实施例提供的角色授权方法。In an exemplary embodiment, a computer program product is also provided, and instructions are stored in the computer program product, which when run on a computer, enable the computer to execute the role authorization method provided by the embodiments of the present disclosure.
在示例性的实施例中,还提供了一种芯片,该芯片包括可编程逻辑电路和/ 或程序指令,当该芯片运行时能够执行本公开实施例提供的角色授权方法。In an exemplary embodiment, a chip is also provided, the chip includes a programmable logic circuit and/or program instructions, and when the chip is running, the role authorization method provided in the embodiments of the present disclosure can be executed.
以上对本公开多个实施例进行了详细说明,但本公开不限于这些具体的实施例,本领域技术人员在本公开构思的基础上,能够做出多种变型和修改实施例,这些变型和修改都应落入本公开所要求保护的范围之内。A number of embodiments of the present disclosure have been described in detail above, but the present disclosure is not limited to these specific embodiments. Those skilled in the art can make various variations and modified embodiments based on the concept of the present disclosure. These variations and modifications All should fall within the scope of protection required by the present disclosure.

Claims (18)

  1. 一种角色授权方法,包括:A role authorization method, including:
    根据系统中各个资源的资源路径,获取待分配资源;Obtain resources to be allocated according to the resource path of each resource in the system;
    基于角色需求,从所有所述待分配资源中选择至少一项资源作为需求资源,并为所述角色分配使用所述需求资源的权限。Based on the role requirement, at least one resource is selected from all the resources to be allocated as the required resource, and the role is assigned the right to use the required resource.
  2. 根据权利要求1所述的角色授权方法,其中,所述根据系统中各个资源的资源路径,获取待分配资源,包括:The role authorization method according to claim 1, wherein the obtaining the resource to be allocated according to the resource path of each resource in the system comprises:
    根据所述系统中各个资源的资源路径,将所述资源路径对应的资源存储至数据库;Storing the resource corresponding to the resource path in the database according to the resource path of each resource in the system;
    在所述数据库中获取所述待分配资源。Obtain the resource to be allocated in the database.
  3. 根据权利要求1或2所述的角色授权方法,其中,在所述根据系统中各个资源的资源路径,获取待分配资源之后,还包括:The role authorization method according to claim 1 or 2, wherein, after obtaining the resource to be allocated according to the resource path of each resource in the system, the method further comprises:
    展示所有所述待分配资源。Show all the resources to be allocated.
  4. 根据权利要求3所述的角色授权方法,其中,所有所述待分配资源通过树状图和列表中的至少一种展示。The role authorization method according to claim 3, wherein all the resources to be allocated are displayed through at least one of a tree diagram and a list.
  5. 根据权利要求3或4所述的角色授权方法,其中,所述展示所述所有待分配资源,包括:The role authorization method according to claim 3 or 4, wherein the displaying all the resources to be allocated includes:
    基于第一待分配资源的资源路径,确定所述第一待分配资源与第二待分配资源之间的归属关系,所述第一待分配资源和所述第二待分配资源均为任一所述待分配资源,且所述第一待分配资源和所述第二待分配资源为不同的所述待分配资源;Based on the resource path of the first resource to be allocated, the attribution relationship between the first resource to be allocated and the second resource to be allocated is determined, and the first resource to be allocated and the second resource to be allocated are either The resource to be allocated, and the first resource to be allocated and the second resource to be allocated are different resources to be allocated;
    根据所述第一待分配资源与第二待分配资源之间的归属关系,展示所有所述待分配资源。According to the attribution relationship between the first resource to be allocated and the second resource to be allocated, all the resources to be allocated are displayed.
  6. 根据权利要求1至5任一项所述的角色授权方法,其中,所述从所有所述待分配资源中选择至少一项资源作为需求资源,并为所述角色分配使用所述需求资源的权限,包括:The role authorization method according to any one of claims 1 to 5, wherein the selecting at least one resource from all the resources to be allocated as a required resource, and assigning the role a right to use the required resource ,include:
    接收管理员的配置指令,所述配置指令中至少包括一项所述角色的需求资源;Receiving a configuration instruction from an administrator, where the configuration instruction includes at least one required resource of the role;
    在所有所述待分配资源中,基于所述配置指令,为所述角色分配至少一项需求资源的权限。Among all the resources to be allocated, based on the configuration instruction, the role is allocated with at least one resource requirement.
  7. 根据权利要求1至6中任一项所述的角色授权方法,其中,所述资源至少包括以下之一:菜单资源、页面资源、按钮资源、文件资源。The role authorization method according to any one of claims 1 to 6, wherein the resources include at least one of the following: menu resources, page resources, button resources, and file resources.
  8. 根据权利要求1至7中任一项所述的角色授权方法,其中,所述系统为会议管理系统。The role authorization method according to any one of claims 1 to 7, wherein the system is a conference management system.
  9. 一种角色授权系统,包括:A role authorization system, including:
    资源获取模块,用于根据系统中各个资源的资源路径,获取待分配资源;The resource acquisition module is used to acquire resources to be allocated according to the resource path of each resource in the system;
    权限分配模块,用于基于角色需求,从所有所述待分配资源中选择至少一项资源作为需求资源,并为所述角色分配使用所述需求资源的权限。The permission assignment module is used to select at least one resource from all the resources to be assigned as the required resource based on the role requirement, and assign the permission to use the required resource to the role.
  10. 根据权利要求9所述的角色授权系统,其中,所述资源获取模块,用于:The role authorization system according to claim 9, wherein the resource acquisition module is configured to:
    根据所述系统中各个资源的资源路径,将所述资源路径对应的资源存储至数据库;Storing the resource corresponding to the resource path in the database according to the resource path of each resource in the system;
    在所述数据库中获取所述待分配资源。Obtain the resource to be allocated in the database.
  11. 根据权利要求9或10所述的角色授权系统,其中,还包括:The role authorization system according to claim 9 or 10, further comprising:
    展示模块,用于展示所有所述待分配资源。The display module is used to display all the resources to be allocated.
  12. 根据权利要求11所述的角色授权系统,其中,所有所述待分配资源通过树状图和列表中的至少一种展示。The role authorization system according to claim 11, wherein all the resources to be allocated are displayed by at least one of a tree diagram and a list.
  13. 根据权利要求11或12所述的角色授权系统,其中,所述展示模块,用于:The role authorization system according to claim 11 or 12, wherein the display module is used for:
    基于第一待分配资源的资源路径,确定所述第一待分配资源与第二待分配资源之间的归属关系,所述第一待分配资源和所述第二待分配资源均为任一所述待分配资源,且所述第一待分配资源和所述第二待分配资源为不同的所述待分配资源;Based on the resource path of the first resource to be allocated, the attribution relationship between the first resource to be allocated and the second resource to be allocated is determined, and the first resource to be allocated and the second resource to be allocated are either The resource to be allocated, and the first resource to be allocated and the second resource to be allocated are different resources to be allocated;
    根据所述第一待分配资源与第二待分配资源之间的归属关系,展示所有所述待分配资源。According to the attribution relationship between the first resource to be allocated and the second resource to be allocated, all the resources to be allocated are displayed.
  14. 根据权利要求9至13任一项所述的角色授权系统,其中,所述权限分配模块,用于:The role authorization system according to any one of claims 9 to 13, wherein the authority distribution module is configured to:
    接收管理员的配置指令,所述配置指令中至少包括一项所述角色的需求资源;Receiving a configuration instruction from an administrator, where the configuration instruction includes at least one required resource of the role;
    在所有所述待分配资源中,基于所述配置指令,为所述角色分配至少一项需求资源的权限。Among all the resources to be allocated, based on the configuration instruction, the role is allocated with at least one resource requirement.
  15. 根据权利要求9至14任一项所述的角色授权系统,其中,所述资源至少包括以下之一:菜单资源、页面资源、按钮资源、文件资源。The role authorization system according to any one of claims 9 to 14, wherein the resources include at least one of the following: menu resources, page resources, button resources, and file resources.
  16. 根据权利要求9至15任一项所述的角色授权系统,其中,所述系统为会议管理系统。The role authorization system according to any one of claims 9 to 15, wherein the system is a conference management system.
  17. 一种计算机设备,所述计算机设备包括处理器和存储器;A computer device including a processor and a memory;
    其中,所述存储器,用于存储计算机程序;Wherein, the memory is used to store a computer program;
    所述处理器,用于执行所述存储器中存放的计算机程序,以实现权利要求1至8任一所述的角色授权方法。The processor is configured to execute a computer program stored in the memory to implement the role authorization method according to any one of claims 1 to 8.
  18. 一种计算机可读存储介质,所述计算机可读存储介质中存储有计算机指令,存储的所述计算机指令被处理器执行时能够实现如权利要求1至8任一所述的角色授权方法。A computer-readable storage medium in which computer instructions are stored, and when the stored computer instructions are executed by a processor, the role authorization method according to any one of claims 1 to 8 can be implemented.
PCT/CN2021/101022 2020-06-19 2021-06-18 Role authorization method and system WO2021254501A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202010567046.7 2020-06-19
CN202010567046.7A CN111724134A (en) 2020-06-19 2020-06-19 Role authorization method and system of conference management system

Publications (1)

Publication Number Publication Date
WO2021254501A1 true WO2021254501A1 (en) 2021-12-23

Family

ID=72567797

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/101022 WO2021254501A1 (en) 2020-06-19 2021-06-18 Role authorization method and system

Country Status (2)

Country Link
CN (1) CN111724134A (en)
WO (1) WO2021254501A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2024140916A1 (en) * 2022-12-29 2024-07-04 天翼物联科技有限公司 Internet of things permission matrix model and interaction method thereof

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111724134A (en) * 2020-06-19 2020-09-29 京东方科技集团股份有限公司 Role authorization method and system of conference management system
CN112635034A (en) * 2020-12-30 2021-04-09 微医云(杭州)控股有限公司 Service authority system, authority distribution method, electronic device and storage medium

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101375288A (en) * 2006-02-09 2009-02-25 国际商业机器公司 Extensible role based authorization for manageable resources
US20090094682A1 (en) * 2007-10-05 2009-04-09 Peter Sage Methods and systems for user authorization
CN101478398A (en) * 2009-01-07 2009-07-08 中国人民解放军信息工程大学 Authorization management system oriented to resource management and establishing method
CN106529230A (en) * 2015-09-11 2017-03-22 上海中和软件有限公司 Role-based permission control mechanism
CN107562521A (en) * 2017-09-27 2018-01-09 郑州云海信息技术有限公司 A kind of method for managing resource and device
CN108268782A (en) * 2016-12-30 2018-07-10 优甸网络科技(上海)有限公司 The meeting mechanism of based role permission control
CN109286579A (en) * 2017-07-21 2019-01-29 中兴通讯股份有限公司 A kind of distribution method of user resources, device and computer readable storage medium
CN111724134A (en) * 2020-06-19 2020-09-29 京东方科技集团股份有限公司 Role authorization method and system of conference management system

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103188249A (en) * 2011-12-31 2013-07-03 北京亿阳信通科技有限公司 Concentration permission management system, authorization method and authentication method thereof
CN110363012B (en) * 2019-05-28 2021-09-14 石化盈科信息技术有限责任公司 Method for configuring authority of authority resource, authority system and storage medium

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101375288A (en) * 2006-02-09 2009-02-25 国际商业机器公司 Extensible role based authorization for manageable resources
US20090094682A1 (en) * 2007-10-05 2009-04-09 Peter Sage Methods and systems for user authorization
CN101478398A (en) * 2009-01-07 2009-07-08 中国人民解放军信息工程大学 Authorization management system oriented to resource management and establishing method
CN106529230A (en) * 2015-09-11 2017-03-22 上海中和软件有限公司 Role-based permission control mechanism
CN108268782A (en) * 2016-12-30 2018-07-10 优甸网络科技(上海)有限公司 The meeting mechanism of based role permission control
CN109286579A (en) * 2017-07-21 2019-01-29 中兴通讯股份有限公司 A kind of distribution method of user resources, device and computer readable storage medium
CN107562521A (en) * 2017-09-27 2018-01-09 郑州云海信息技术有限公司 A kind of method for managing resource and device
CN111724134A (en) * 2020-06-19 2020-09-29 京东方科技集团股份有限公司 Role authorization method and system of conference management system

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2024140916A1 (en) * 2022-12-29 2024-07-04 天翼物联科技有限公司 Internet of things permission matrix model and interaction method thereof

Also Published As

Publication number Publication date
CN111724134A (en) 2020-09-29

Similar Documents

Publication Publication Date Title
WO2021254501A1 (en) Role authorization method and system
US10652235B1 (en) Assigning policies for accessing multiple computing resource services
US10447737B2 (en) Delegating administration rights using application containers
US8539575B2 (en) Techniques to manage access to organizational information of an entity
US9804747B2 (en) Techniques to manage access to organizational information of an entity
CN112182619A (en) Service processing method and system based on user permission, electronic device and medium
US11252563B2 (en) Management of hosted channel membership in a communication platform
WO2022052682A1 (en) Medical system and permission management method therefor
US8555055B2 (en) Delegation model for role-based access control administration
KR20150032070A (en) Method for managing control right, client device thereof, and master device thereof
US10956868B1 (en) Virtual reality collaborative workspace that is dynamically generated from a digital asset management workflow
US11621961B2 (en) Method for managing a cloud computing system
US11778539B2 (en) Role-based access control system
WO2016173303A1 (en) Shared file processing method and device
CN103778379B (en) Application in management equipment performs and data access
US20220067092A1 (en) Integration of video conferencing applications with on-demand database services
JP7486677B2 (en) Joint management of links through link platforms and partner services
JP6516675B2 (en) Method and apparatus for transmitting and receiving media information in multimedia communication system
CA2830880A1 (en) Managing permission settings applied to applications
US20120159611A1 (en) Central Administration and Abstraction of Licensed Software Features
KR20070076342A (en) User Group Role / Permission Management System and Access Control Methods in a Grid Environment
CN110348184B (en) Industrial cloud-based permission resource configuration method, system and storage medium
JP2015121906A (en) Access control system, access control rule generation method, access control rule generation program, information processing device, and control method and control program thereof
US10289854B1 (en) Apparatus, computer program, and method for generating an intermediate entitlement specification for controlling access to service or content
Madani et al. Access control in a collaborative session in multi tenant environment

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21825751

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21825751

Country of ref document: EP

Kind code of ref document: A1