CN102402652B - Method, system and terminal for controlling authority - Google Patents
Method, system and terminal for controlling authority Download PDFInfo
- Publication number
- CN102402652B CN102402652B CN201010283434.9A CN201010283434A CN102402652B CN 102402652 B CN102402652 B CN 102402652B CN 201010283434 A CN201010283434 A CN 201010283434A CN 102402652 B CN102402652 B CN 102402652B
- Authority
- CN
- China
- Prior art keywords
- authority
- user
- tree structure
- node
- back end
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 33
- 238000012216 screening Methods 0.000 claims abstract description 6
- 230000005540 biological transmission Effects 0.000 description 5
- 238000001914 filtration Methods 0.000 description 5
- 230000000694 effects Effects 0.000 description 2
- 238000004883 computer application Methods 0.000 description 1
- 238000007405 data analysis Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000000717 retained effect Effects 0.000 description 1
Landscapes
- Storage Device Security (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention provides a method, a system and a terminal for controlling authority. The method comprises the following steps of: receiving a data acquisition request which is sent by a user; acquiring tree structure information and the data authority information of the user, and screening out data nodes having the authority from the tree structure information according to the data authority information; traversing father nodes of the data nodes having the authority, and identifying the father nodes without the authority; and according to the pre-stored tree structure information, displaying the data nodes having the authority and the father nodes of the data nodes, allowing the operation of the data nodes having the authority, and limiting the operation of the father nodes which are identified. In the embodiment of the invention, by setting the nodes having the authority as user-visible and operable nodes and setting the nodes without the authority as user-visible but inoperable nodes, the hierarchical relation of a tree structure is completely shown during accurate control of the user authority of the tree structure, so that the showing data of the tree structure can be more safely, accurately and clearly utilized.
Description
Technical field
The invention belongs to computer application field, relate in particular to a kind of method, system and terminal of control of authority.
Background technology
User, when carrying out data analysis, shows data to be analyzed by tree structure conventionally, and shows the operating right of user to data by tree structure.When user only has the operating right of partial data node in tree structure, how to adopt tree structure to show that user has become problem in the urgent need to address to the operating right of data.
Prior art provides a kind of and has shown the authority control method of user to the operating right of data by tree structure, be summarized as follows: when user to tree structure in certain back end while thering is operating right, give user the operating right to the father node of this back end simultaneously, and show data to be analyzed and the operating right of user to data by tree structure.Although this authority control method has retained the hierarchical relationship of original tree structure, but due to when user to tree structure in certain back end while thering is operating right, no matter whether this user has authority to the father node of this back end, this user is given in capital the operating right to the father node of this back end, cause accurately controlling the operating right of user to data, thereby data security can not get ensureing.
Prior art provides another by tree structure, to show the authority control method of user to the operating right of data, be summarized as follows: by tree structure display data and user, during to the operating right of data, only exporting user to thering is the back end of operating right in tree structure.Although this authority control method can guarantee the security of data, owing to only exporting user to thering is the back end of operating right in tree structure, cause the hierarchical relationship of tree structure to be broken, cause the misunderstanding of user to data.
Summary of the invention
The invention provides and a kind ofly can not only accurately control the authority of user to tree structure, and can keep the authority control method of original tree structure hierarchical relationship.
The present invention is achieved in that a kind of authority control method, and described method comprises the steps:
Receive the data acquisition request that user sends;
The data acquisition request sending according to user is obtained tree structure information and user's data permission information, and according to described data permission information, from described tree structure information, filters out the back end of authority;
The father node that has the back end of authority described in traversal, and to not having the father node of authority to identify;
According to the tree structure information of pre-stored, show back end and the father node thereof of authority, have the operation of the back end of authority described in permission, and restriction there is the operation of the father node of sign;
The adjacent node that has the back end of authority described in traversal, and to not having the adjacent node of authority to identify;
Described in showing according to the tree structure information of pre-stored, there is the adjacent node of the back end of authority, and described in restriction, have the operation of the adjacent node of sign.
Another object of the present invention is to provide a kind of authority control system, described system comprises:
Request reception unit, the data acquisition request sending for receiving user;
Node screening unit, obtains tree structure information and user's data permission information for the data acquisition request sending according to user, and according to described data permission information, from described tree structure information, filters out the back end of authority;
Node identification unit, for traveling through all father nodes that have the back end of authority, and to not having the father node of authority to identify;
Node output unit, shows back end and the father node thereof of authority for the tree structure information according to pre-stored, have the operation of the back end of authority described in permission, and restriction has the operation of the father node of sign;
Described node identification unit is also for there being the adjacent node of the back end of authority described in traveling through, and to not having the adjacent node of authority to identify;
Described node output unit has the adjacent node of the back end of authority described in also showing for the tree structure information according to pre-stored, and described in restriction, has the operation of the adjacent node of sign.
Another object of the present invention is to provide a kind of terminal that comprises above-mentioned authority control system.
The present invention by by the Node configuration that has an authority for user is visible and can operate, by the Node configuration that there is no an authority for user visible but can not operate, thereby the hierarchical relationship of complete displaying tree structure, makes to utilize tree structure demonstrating data safer, accurate, clear when realizing the user right of accurately controlling tree structure.
Accompanying drawing explanation
Fig. 1 is the realization flow figure of the authority control method that provides of first embodiment of the invention;
Fig. 2 is the realization flow figure of the authority control method that provides of second embodiment of the invention;
Fig. 3 is the structural drawing of the authority control system that provides of third embodiment of the invention;
Fig. 4 a is the schematic diagram of a kind of tree structure information of the present invention;
The control of authority display effect figure that Fig. 4 b provides for an embodiment of the present invention;
The control of authority display effect figure that Fig. 4 c provides for the another kind of embodiment of the present invention.
Embodiment
In order to make object of the present invention, technical scheme and advantage clearer, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein, only in order to explain the present invention, is not intended to limit the present invention.
In embodiments of the present invention, by by the Node configuration that has an authority for user is visible and can operate, by the Node configuration that there is no an authority for user visible but can not operate, thereby the hierarchical relationship of complete displaying tree structure, makes to utilize tree structure demonstrating data safer, accurate, clear when realizing the user right of accurately controlling tree structure.
The invention provides a kind of method, system and terminal of control of authority:
Described method comprises:
Receive the data acquisition request that user sends;
The data acquisition request sending according to user is obtained tree structure information and user's data permission information, and according to described data permission information, from described tree structure information, filters out the back end of authority;
The father node that has the back end of authority described in traversal, and to not having the father node of authority to identify;
According to the tree structure information of pre-stored, show back end and the father node thereof of authority, have the operation of the back end of authority described in permission, and restriction there is the operation of the father node of sign.
Described system comprises:
Request reception unit, the data acquisition request sending for receiving user;
Node screening unit, obtains tree structure information and user's data permission information for the data acquisition request sending according to user, and according to described data permission information, from described tree structure information, filters out the back end of authority;
Node identification unit, for traveling through all father nodes that have the back end of authority, and to not having the father node of authority to identify;
Node output unit, shows back end and the father node thereof of authority for the tree structure information according to pre-stored, have the operation of the back end of authority described in permission, and restriction has the operation of the father node of sign.
Described terminal comprises above-mentioned authority control system.
For technical solutions according to the invention are described, below by specific embodiment, describe.
Embodiment mono-:
Fig. 1 shows the realization flow of the authority control method that the embodiment of the present invention provides, this authority control method by user right information by the Node configuration that has an authority for user is visible and can operate, by the Node configuration that there is no an authority for user visible but can not operate, thereby when realizing the user right of accurately controlling tree structure the hierarchical relationship of complete displaying tree structure.The method detailed step is as described below:
In step S101, receive the data acquisition request that user sends.
In embodiments of the present invention, when user need to operate the data in tree structure, can input data acquisition request, with the back end information of asking to need.Because data message is shown by tree structure, be that various data messages correspond to the back end in tree structure, therefore,, while receiving the data acquisition request of user's transmission, namely receive the obtain request of user to back end in tree structure.
In embodiments of the present invention, when sending data acquisition request, can acquisition request tree structure in the information of one or more back end.Illustrate as follows:
Refer to Fig. 4 a, the exemplary plot of the tree structure providing for the embodiment of the present invention.When user sends data acquisition request, can ask the information of a back end in this tree structure, as the information of the back end in Fig. 4 a " group ", also can ask the information of a plurality of back end in this tree structure, as the information of the back end in Fig. 4 a " group " and " department of general headquarters ", or the information of back end " group ", " department of general headquarters " and " branch office ".
In another embodiment of the present invention, before the step of data acquisition request that receives user's transmission, the method also comprises the steps:
Arrange and store user's data permission information, this user's data permission information refers to the authority information of user to each back end in tree structure.In embodiments of the present invention, can adopt the user's of tables of client authority information storage setting data permission information.Table 1 shows one of them example of the tables of client authority information that the embodiment of the present invention provides, but with this example, is not limited.
Table 1
| Customs Assigned Number | User profile | Nodal information | Authority information |
| 1 | User one | General headquarters, department of general headquarters, department of branch office one | Have |
| 2 | User two | Group, branch office | Have |
| … | … | … | … |
As shown in table 1, user's data permission information includes but not limited to user profile, nodal information and authority information.Wherein user profile can adopt the user ID for unique identification user, as address name, identification card number, job number etc.Nodal information can directly adopt unique identifications such as the title of each back end in tree structure or numbering etc.Authority information can be set to, and represents that user has authority to back end included in nodal information, and the back end that nodal information is not comprised does not have authority.In tables of client authority information shown in table 1, a pair of back end of user " general headquarters ", " department of general headquarters " and " department of branch office one " have authority, and two pairs of back end of user " group ", " branch office " have authority.
In other embodiment of the present invention, authority information can be set to not have, and represent that user does not have authority to back end included in nodal information, but the back end that nodal information is not comprised has authority.
In embodiments of the present invention, the generative process of tree structure is as follows:
A, setting are also stored tree structure information, and this tree structure information has been specified the set membership between each back end.The tree structure information that in embodiments of the present invention, can adopt the storage of tree structure information table to arrange.Table 2 shows one of them example of the tree structure information table that the embodiment of the present invention provides, but with this example, is not limited:
Table 2
| Nodal information | Nodename | Father node |
| 001 | Group | 000 |
| 002 | General headquarters | 001 |
| 003 | Branch office | 001 |
| 004 | Department of general headquarters | 002 |
| 005 | Department of branch office one | 003 |
| 006 | Department of branch office two | 003 |
| 007 | Department of branch office three | 003 |
In above-mentioned tree structure information table, the nodename of node 001 is group, it does not have father node, its nodename of node 002(is general headquarters) and its nodename of node 003(be branch office) father node be node 001, the nodename of node 004 is department of general headquarters, its father node is node 002, and its nodename of node 005(is department of branch office one), its nodename of node 006(is department of branch office two) and its nodename of node 007(be department of branch office three) father node be node 003.
B, according to the tree structure information arranging, adopt multiway tree generating algorithm to generate tree structure.
Tree structure information table as shown according to table 2, adopts multiway tree generating algorithm can generate the tree structure shown in Fig. 4 a.
In step S102, the data acquisition request sending according to user is obtained tree structure information and user's data permission information, and according to data permission information, from tree structure information, filters out the back end of authority.
In embodiments of the present invention, after receiving the data acquisition request of user's transmission, obtain the tree structure information that sets in advance and user's data permission information, and according to data permission information, from tree structure information, filter out the back end that this user has authority.Illustrate as follows, but with this, do not illustrate and be limited.
After receiving the data acquisition request of user's transmission, obtain user's data permission information.The authority information table of user as shown according to table 1 can obtain, and user one data permission information is: a pair of back end of user " general headquarters ", " department of general headquarters " and " department of branch office one " have authority.
According to user's data permission information, from tree structure information, filter out the back end that user has authority again.For example: the user one who filters out has the back end of authority to comprise " general headquarters ", " department of general headquarters " and " department of branch office one ".
In step S103, there is the father node of the back end of authority described in traversal, and to not having the father node of authority to identify.
In embodiments of the present invention, after filtering out the back end of authority, described in recurrence travels through, there is the father node of the back end of authority, judge whether user has authority to described father node.If user, to there being the father node of the back end of authority not have authority, identifies this father node, and continue to judge whether the upper level father node of this father node has authority; If user does not have authority to the upper level father node of this father node, the upper level father node of this father node is identified; Circulation is carried out, until traversal is extremely without father node.Illustrate as follows:
The back end that has authority filtering out from tree structure information according to user one data permission information table comprises " general headquarters ", " department of general headquarters " and " department of branch office one ", all father nodes of traversal " general headquarters ", " department of general headquarters " and " department of branch office one ".For example: the process that all father nodes of back end " department of general headquarters " are traveled through, judged of take describes as example.As shown in Fig. 4 a, the father node of back end " department of general headquarters " is " general headquarters ", from table 1, can obtain, and user's a pair of " department of general headquarters " father node " general headquarters " has authority, therefore without father node " general headquarters " is identified; Continue the father node of traversal father node " general headquarters ", i.e. father node " group "; From table 1, can obtain, a pair of father node of user " group " does not have authority, therefore adopts identifier to identify the father node of " general headquarters " " group "; Because father node " group " is without father node, back end " department of general headquarters " traversal finishes.And for example: the process that all father nodes of back end " department of branch office one " are traveled through, judged of take describes as example.As shown in Fig. 4 a, the father node " branch office " of back end " department of branch office one ", from table 1, can obtain, user's a pair of " department of branch office one " father node " branch office " does not have authority, therefore adopts identifier to identify father node " branch office "; Continue the father node of traversal father node " branch office ", i.e. father node " group ", from table 1, can obtain a pair of father node of user " group " does not have authority, therefore adopts identifier to identify father node " group "; Because father node " group " is without father node, so the traversal of back end " department of branch office one " is finished.Certainly, in embodiments of the present invention, for the father node that judged in traversal once, upper, while once traveling through, can not need to repeat judgement, to improve system execution efficiency.
As a further improvement on the present invention, described in also traveling through, there is the adjacent node of the back end of authority in step S103, and to not having the adjacent node of authority to identify.In the present embodiment, after filtering out the back end of authority, described in recurrence travels through, there is the adjacent node of the back end of authority, judge whether user has authority to described adjacent node.If user, to there being the adjacent node of the back end of authority not have authority, identifies described adjacent node; Circulation is carried out, until travel through all back end that have authority.Certainly, in embodiments of the present invention, for the adjacent node that judged in traversal once, upper, while once traveling through, can not need to repeat judgement, to improve system execution efficiency.
In step S104, according to the tree structure information of pre-stored, show back end and the father node thereof of authority, have the operation of the back end of authority described in permission, and restriction there is the operation of the father node of sign.
In embodiments of the present invention, after carrying out above-mentioned processing, according to tree structure information and user's data permission information, re-construct tree structure and show, in the tree structure re-constructing, show back end and the father node thereof of authority, and allowing user to there being the operation of the back end of authority, limited subscriber is to there being the operation of the father node of sign simultaneously.
In the present embodiment, by showing back end and the father node thereof of authority, and allow user to there being the operation of the back end of authority, the operation of limited subscriber to the father node of lack of competence simultaneously, thereby not only can accurately control the authority of user to data by tree structure, and can show and the hierarchical information of tree structure make to utilize tree structure demonstrating data safer, accurate, clear.
As a further improvement on the present invention, also according to the tree structure information of pre-stored, show the adjacent node of the back end of authority in step S104, restriction simultaneously has the operation of the adjacent node of sign.As shown in Fig. 4 c, by further showing the adjacent node of the back end of authority, the operation of limited subscriber to the adjacent node of lack of competence simultaneously, thus the hierarchical information of further complete displaying tree structure makes to utilize tree structure demonstrating data safer, accurate, clear.
Embodiment bis-:
Fig. 2 shows the realization flow of the authority control method that another enforcement of the present invention provides, the present embodiment has increased step S204 on the basis of the first embodiment, by the data after processing are carried out to identifier judgement, realization is visible and can operate to there being the node users of authority, and the node users that there is no an authority is visible but can not operate.Details are as follows for the method:
In step S201, receive the data acquisition request that user sends.Its detailed process as mentioned above, is not repeated herein.
In step S202, the data acquisition request sending according to user is obtained tree structure information and user's data permission information, and according to data permission information, from tree structure information, filters out the back end of authority.Its detailed process as mentioned above, is not repeated herein.
In step S203, there is the father node of the back end of authority described in traversal, and to not having the father node of authority to identify.Its detailed process as mentioned above, is not repeated herein.
In step S204, whether decision node has sign, if so, performs step S205, if not, performs step S206.
In embodiments of the present invention, server adds that by the node data that has authority return-list data send client together to, client is received after the node data information of server transmission, node data is re-constructed into tree, and judge whether described node data has identifier, if had, when showing the father node of sign, user is to there being the father node of sign there is no operating right in prompting, and wherein the mode of prompting includes but not limited to variable color demonstration, strikethrough demonstration etc.If not, normally show the back end of authority and have the father node of authority, and allowing the operation of its correspondence.
In step S205, show the back end of authority and have the father node of authority, and allowing the operation of its correspondence.
In step S206, to there being the father node of sign to be different from the demonstration (as variable color shows, identifies strikethrough etc.) of authority back end, and limit the operation of its correspondence.Wherein, the mode of demonstration includes but not limited to variable color demonstration, strikethrough etc.
Embodiment tri-:
Fig. 3 shows the structure of the authority control system that the embodiment of the present invention provides, for convenience of explanation, in figure, only show the part relevant to the embodiment of the present invention, this authority control system can be for being built in software unit, hardware cell or the software and hardware combining unit of terminal.Wherein terminal can be terminal, mobile terminal etc.
This authority control system by the receiver module in system, processing module and output module by the Node configuration that has an authority for user is visible and can operate, by the Node configuration that there is no an authority for user visible but can not operate, thereby the hierarchical relationship of complete displaying tree structure when realizing the user right of accurately controlling tree structure, wherein:
Request reception unit 301 receives the data acquisition request that user sends.The back end information of this data acquisition request for asking to need.This data acquisition request can acquisition request tree structure in the information of one or more back end.
The data acquisition request that node screening unit 302 sends according to user is obtained the tree structure information of pre-stored and user's data permission information, and according to data permission information, from tree structure information, filters out the back end of authority.
The all father nodes that have the back end of authority of node identification unit 303 traversal, and to not having the father node of authority to identify.
In embodiments of the present invention, after filtering out the back end of authority, described in recurrence travels through, there is the father node of the back end of authority, judge whether user has authority to described father node.If user, to there being the father node of the back end of authority not have authority, identifies this father node, and continue to judge whether the upper level father node of this father node has authority; If user does not have authority to the upper level father node of this father node, the upper level father node of this father node is identified; Circulation is carried out, until traversal is extremely without father node.
As a further improvement on the present invention, when the father node of all back end that have an authority of traversal, also comprise the adjacent node that has the back end of authority described in traversal, and to not having the adjacent node of authority to identify.In the present embodiment, after filtering out the back end of authority, described in recurrence travels through, there is the adjacent node of the back end of authority, judge whether user has authority to described adjacent node.If user, to there being the adjacent node of the back end of authority not have authority, identifies described adjacent node; Circulation is carried out, until travel through all back end that have authority.Certainly, in embodiments of the present invention, for the adjacent node that judged in traversal once, upper, while once traveling through, can not need to repeat judgement, to improve system execution efficiency.
Node output unit 304 shows back end and the father node thereof of authority according to the tree structure information of pre-stored, have the operation of the back end of authority described in permission, and restriction has the operation of the father node of sign.
In embodiments of the present invention, after carrying out above-mentioned processing, according to tree structure information and user's data permission information, re-construct tree structure and show, in the tree structure re-constructing, to having the back end of authority and having the father node of authority to show completely, and allow the back end of authority and have the respective operations of the father node of authority.When showing the father node of sign, user is to there being the father node of sign there is no operating right in prompting, and wherein the mode of prompting includes but not limited to variable color demonstration, strikethrough etc.
As a further improvement on the present invention, when the tree structure information according to pre-stored shows the back end of authority, also comprise the adjacent node of the back end that shows authority, restriction simultaneously has the operation of the adjacent node of sign.As shown in Fig. 4 c, by further showing the adjacent node of the back end of authority, the operation of limited subscriber to the adjacent node of lack of competence simultaneously, thus the hierarchical information of further complete displaying tree structure makes to utilize tree structure demonstrating data safer, accurate, clear.
In another embodiment of the present invention, this authority control system also comprises authority setting unit 305.This authority setting unit 305 arranges and stores user's data permission information, and this user's data permission information refers to the authority information of user to each back end in tree structure.
Wherein user's data permission information includes but not limited to user profile, nodal information and authority information.Wherein user profile can adopt the user ID for unique identification user, as address name, identification card number, job number etc.Nodal information can directly adopt unique identifications such as the title of each back end in tree structure or numbering etc.Authority information can be for visible or invisible.
In another embodiment of the present invention, this authority control system also comprises tree structure information setting unit 306.This tree structure information setting unit 306 arranges and preserves tree structure information, and this tree structure information has been specified the set membership between each back end.
The tree structure information arranging according to tree structure information setting unit 306, adopts multiway tree generating algorithm to generate and can generate tree structure.
The principle of the authority control system by a concrete example, the embodiment of the present invention being provided is below elaborated, but with this example, is not limited:
Request reception unit 301 receives the data acquisition request that user one sends, and this data acquisition request is used for obtaining the information of back end " branch office ", " department of general headquarters " and " department of branch office one ".
This data acquisition request that node screening unit 302 sends according to this user, mate with the tree structure information of database storage, obtain the tree structure information shown in table 2, obtain the authority information table information shown in table 1 simultaneously, according to the authority of user's one correspondence in authority information table, filter out the back end of authority, comprise " group ", " department of general headquarters " and " department of branch office one ".
All father nodes of back end " department of general headquarters " are searched in node identification unit 303, as shown in Fig. 4 a, can obtain, the father node of back end " department of general headquarters " is " general headquarters ", now, judge whether a pair of this father node of user " general headquarters " has authority, from table 1, can obtain, the a pair of father node of user " general headquarters " has authority, therefore continue to search all father nodes of " general headquarters ", comprise father node " group ", from table 1, can obtain, the a pair of father node of user " group " has authority, continue traversal, because node " group " does not have father node, so this time traversal finishes.Then search again all father nodes of back end " department of branch office one ", comprise father node " branch office ", from table 1, can obtain, the a pair of father node of user " branch office " does not have authority, therefore adopt identifier to identify father node " branch office ", continue the father node of traversal father node " branch office ", comprise father node " group ", from table 1, can obtain a pair of father node of user " group " and have authority, continue traversal, because node " group " is without father node, this time traversal finishes.
When the father node of all back end that have an authority of traversal, also comprise the adjacent node that has the back end of authority described in traversal, and to not having the adjacent node of authority to identify.As shown in Fig. 4 a, " group " and " department of general headquarters " all do not have adjacent node.The adjacent node of " department of branch office one " is " department of branch office two ", from table 1, can obtain, " department of branch office two " do not have authority, therefore adopt identifier to identify adjacent node " department of branch office two ", continue the adjacent node of traversal " department of branch office two ", comprise " department of branch office three ", from table 1, can obtain, " department of branch office three " do not have authority, therefore adopt identifier to identify adjacent node " department of branch office three ", continue traversal, because " department of branch office three " do not have adjacent node, so this time traversal finishes.
Node output unit 304 shows the node of authority according to the tree structure information of pre-stored and has the father node of sign, restriction simultaneously has the operation corresponding to father node of sign, be about to the back end of authority and have the father node " general headquarters " of authority, " department of general headquarters " and " department of branch office one " to show completely, and allowing the operation to it.When showing the father node of sign " group ", " branch office ", adopt the modes such as variable color demonstration or strikethrough demonstration to point out user to it is not had to operating right.
When the tree structure information according to pre-stored shows the back end of authority, also comprise the adjacent node of the back end that shows authority, limited subscriber is to there being the operation of the adjacent node of sign simultaneously.As shown in Fig. 4 c, when showing adjacent node " department of branch office two ", " department of branch office three ", adopt the modes such as variable color demonstration or strikethrough demonstration to point out user there is no operating right to it.
One of ordinary skill in the art will appreciate that, the all or part of step realizing in above-described embodiment method is to come the hardware that instruction is relevant to complete by program, described program can be in being stored in a computer read/write memory medium, described storage medium, as ROM/RAM, disk, CD etc.
In embodiments of the present invention, by by the Node configuration that has an authority for user is visible and can operate, by the Node configuration that there is no an authority for user visible but can not operate, thereby the hierarchical relationship of complete displaying tree structure information, makes to utilize tree structure information demonstrating data safer, accurate, clear when realizing the user right of accurately controlling tree structure information.
The foregoing is only preferred embodiment of the present invention, not in order to limit the present invention, all any modifications of doing within the spirit and principles in the present invention, be equal to and replace and improvement etc., within all should being included in protection scope of the present invention.
Claims (6)
1. a method for control of authority, is characterized in that, said method comprising the steps of:
Receive the data acquisition request that user sends;
The data acquisition request sending according to user is obtained tree structure information and user's data permission information, and according to described data permission information, from described tree structure information, filters out the back end of authority;
The father node that has the back end of authority described in traversal, and to not having the father node of authority to identify;
The back end and the father node thereof that described in showing according to the tree structure information of pre-stored, have authority, have the operation of the back end of authority described in permission, and restriction has the operation of the father node of sign;
The adjacent node that has the back end of authority described in traversal, and to not having the adjacent node of authority to identify;
Described in showing according to the tree structure information of pre-stored, there is the adjacent node of the back end of authority, and described in restriction, have the operation of the adjacent node of sign.
2. the method for claim 1, is characterized in that, before the step of the data acquisition request sending described reception user, further comprising the steps:
Arrange and preserve described tree structure information and user's data permission information.
3. the method for claim 1, is characterized in that, described in show sign father node also comprise:
To described, there is the father node of sign to carry out variable color demonstration or strikethrough demonstration.
4. an authority control system, is characterized in that, described system comprises:
Request reception unit, the data acquisition request sending for receiving user;
Node screening unit, obtains tree structure information and user's data permission information for the data acquisition request sending according to user, and according to described data permission information, from described tree structure information, filters out the back end of authority;
Node identification unit, for traveling through all father nodes that have the back end of authority, and to not having the father node of authority to identify;
Node output unit, shows back end and the father node thereof of authority for the tree structure information according to pre-stored, have the operation of the back end of authority described in permission, and described in restriction, have the operation of the father node of sign;
Described node identification unit is also for there being the adjacent node of the back end of authority described in traveling through, and to not having the adjacent node of authority to identify;
Described node output unit has the adjacent node of the back end of authority described in also showing for the tree structure information according to pre-stored, and described in restriction, has the operation of the adjacent node of sign.
5. system as claimed in claim 4, is characterized in that, described system also comprises:
Tree structure information setting unit, for arranging and preserve tree structure information;
User data authority setting unit, for arranging and preserve user's data permission information.
6. system as claimed in claim 4, is characterized in that, described in show sign father node also comprise:
To described, there is the father node of sign to carry out variable color demonstration or strikethrough demonstration.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010283434.9A CN102402652B (en) | 2010-09-16 | 2010-09-16 | Method, system and terminal for controlling authority |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010283434.9A CN102402652B (en) | 2010-09-16 | 2010-09-16 | Method, system and terminal for controlling authority |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102402652A CN102402652A (en) | 2012-04-04 |
| CN102402652B true CN102402652B (en) | 2014-12-10 |
Family
ID=45884850
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010283434.9A Active CN102402652B (en) | 2010-09-16 | 2010-09-16 | Method, system and terminal for controlling authority |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102402652B (en) |
Families Citing this family (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103020273B (en) * | 2012-12-27 | 2016-08-17 | 福建榕基软件股份有限公司 | The method and apparatus that the displaying of tree structure data and relative index table generate |
| CN105677651A (en) * | 2014-11-18 | 2016-06-15 | 方正国际软件(北京)有限公司 | Permission tree generation method and device |
| CN105763522B (en) * | 2014-12-18 | 2020-02-14 | 中兴通讯股份有限公司 | Authorization processing method and device |
| CN106845175B (en) * | 2015-12-04 | 2021-03-30 | 方正国际软件(北京)有限公司 | Method and device for setting data authority |
| CN105653982A (en) * | 2015-12-31 | 2016-06-08 | 中国建设银行股份有限公司 | Method and system used for data permission control |
| CN107204964B (en) * | 2016-03-16 | 2020-07-07 | 腾讯科技(深圳)有限公司 | Authority management method, device and system |
| CN106126977B (en) * | 2016-06-26 | 2019-01-11 | 厦门天锐科技股份有限公司 | A kind of efficient electronic document permission inheritance and transmission method |
| CN108288001B (en) * | 2017-01-10 | 2022-11-08 | 中兴通讯股份有限公司 | Method and device for constructing organization architecture |
| CN107679065A (en) * | 2017-08-04 | 2018-02-09 | 平安科技(深圳)有限公司 | Method for exhibiting data, device and computer-readable recording medium |
| CN107506416B (en) * | 2017-08-15 | 2020-04-14 | 厦门天锐科技股份有限公司 | Permission cache minimization method based on boundary |
| CN108052526B (en) * | 2017-11-07 | 2020-06-16 | 深圳云天励飞技术有限公司 | Monitoring area authority management method and device and storage medium |
| CN108280367B (en) * | 2018-01-22 | 2023-12-15 | 腾讯科技(深圳)有限公司 | Data operation authority management method and device, computing equipment and storage medium |
| CN109684793A (en) * | 2018-12-29 | 2019-04-26 | 北京神舟航天软件技术有限公司 | A method of data permission management is carried out based on permission domain structure tree |
| CN110297626B (en) * | 2019-05-23 | 2023-04-18 | 唐山钢铁集团有限责任公司 | Tree display method based on SAP system |
| CN111241526B (en) * | 2019-12-31 | 2022-11-22 | 深圳云天励飞技术有限公司 | Data permission matching method and device, electronic equipment and storage medium |
| CN113190550B (en) * | 2021-03-31 | 2022-03-22 | 郑州信大捷安信息技术股份有限公司 | Organization structure authority distribution method based on tree structure |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1848022A (en) * | 2005-04-13 | 2006-10-18 | 华为技术有限公司 | A permission control method based on access control list |
| CN101408895A (en) * | 2008-11-03 | 2009-04-15 | 金蝶软件(中国)有限公司 | Method, apparatus and system for constructing node relation tree according to node aggregation |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP4109874B2 (en) * | 2002-02-05 | 2008-07-02 | キヤノン株式会社 | Information processing apparatus, control method therefor, program, and recording medium |
-
2010
- 2010-09-16 CN CN201010283434.9A patent/CN102402652B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1848022A (en) * | 2005-04-13 | 2006-10-18 | 华为技术有限公司 | A permission control method based on access control list |
| CN101408895A (en) * | 2008-11-03 | 2009-04-15 | 金蝶软件(中国)有限公司 | Method, apparatus and system for constructing node relation tree according to node aggregation |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102402652A (en) | 2012-04-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102402652B (en) | Method, system and terminal for controlling authority | |
| CN103995879B (en) | Data query method, apparatus and system based on OLAP system | |
| CN111008521B (en) | Method, device and computer storage medium for generating wide table | |
| Khan et al. | Virtual community detection through the association between prime nodes in online social networks and its application to ranking algorithms | |
| CN106557307B (en) | Service data processing method and system | |
| CN114138787B (en) | A barcode recognition method, device and medium | |
| CN105871998A (en) | Data displaying method and device | |
| Dornhöfer et al. | A data-driven smart city transformation model utilizing the green knowledge management cube | |
| CN106649602A (en) | Business object data processing method, device and server | |
| CN116108233A (en) | Data processing method, device, equipment and storage medium | |
| CN106548385A (en) | A kind of order resource allocation methods and device | |
| CN116521945A (en) | Method for constructing fund association diagram for block chain encrypted currency transaction traceability and control system | |
| CN114448726B (en) | Authority management method and device based on multiple identities | |
| CN114418120B (en) | Data processing method, device, equipment and storage medium of federated tree model | |
| CN110675519A (en) | Attendance checking method, device, equipment, system and computer storage medium | |
| CN109753501A (en) | A kind of data display method of off-line state, device, equipment and storage medium | |
| CN117873691B (en) | Data processing method, device, equipment and readable storage medium | |
| KR101310420B1 (en) | User-definable Process-based Management System for Urban Planning and Recording Media for the Same | |
| CN106406837A (en) | Application program push method and device | |
| KR20110137525A (en) | Methods and systems for providing welfare information through community networks | |
| CN106372121A (en) | Server and data processing method | |
| CN105900405A (en) | Lesson booking method and system based on Internet | |
| CN113111223B (en) | Method and device for generating XML string by message | |
| CN116136981B (en) | Community-based management method and system | |
| CN112187492A (en) | Smart city system structure and construction method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |