CN112580079A

Movatterモバイル変換

Info

Publication number: CN112580079A
Application number: CN202011563003.8A
Authority: CN
Inventors: 陈培建; 李海平
Original assignee: Ping An Bank Co Ltd
Current assignee: Ping An Bank Co Ltd
Priority date: 2020-12-25
Filing date: 2020-12-25
Publication date: 2021-03-30

Abstract

The invention relates to a process optimization technology, and discloses a permission configuration method, which comprises the following steps: acquiring a target code file according to the permission configuration request, and performing interface extraction on the target code file to obtain an interface set to be configured; carrying out interface combination and interface calling data combination on the interface set to be configured to obtain a standard interface set to be configured; extracting user role information in the permission configuration request, and performing role permission configuration on the user role information and all interfaces in a standard interface set to be configured according to a preset role permission table to obtain an interface permission configuration total set; and constructing an interface access page according to the access request and the interface authority configuration aggregate, and pushing the interface access page to the terminal equipment corresponding to the access request initiator. The invention also relates to a block chain technology, and the interface authority configuration aggregate can be stored in the block chain. The invention also provides an authority configuration device, an electronic device and a computer readable storage medium. The invention can improve the efficiency of authority configuration.

Description

Authority configuration method and device, electronic equipment and readable storage medium

Technical Field

The present invention relates to the field of process optimization technologies, and in particular, to a method and an apparatus for configuring permissions, an electronic device, and a readable storage medium.

Background

With the rapid development of internet technology, various company service lines are more and more, so that more and more service data are generated, the calling of the service data is more and more frequent, and for the data security of the newly added service data, different data interfaces of the service data need to be limited to different users for access, so that the data interfaces of the service data need to be configured with authority.

However, when configuring the authority of the data interface, it is necessary to configure each data interface separately, and the service data corresponding to each interface with the same authority can only be accessed and called separately through the corresponding interface, and cannot be called and managed in a centralized manner, so that the efficiency of configuring the authority of the interface is low.

Disclosure of Invention

The invention provides a permission configuration method, a permission configuration device, electronic equipment and a computer readable storage medium, and mainly aims to improve permission configuration efficiency.

In order to achieve the above object, the present invention provides a method for configuring permissions, comprising:

responding to a permission configuration request, acquiring a target code file according to the permission configuration request, and performing interface extraction on the target code file to obtain an interface set to be configured;

performing interface calling data combination and interface combination on all interfaces in the interface set to be configured according to the interface authority of each interface in the interface set to be configured to obtain a standard interface set to be configured;

extracting user role information in the permission configuration request, and performing role permission configuration on each interface in the standard interface set to be configured according to a preset role permission table and the user role information to obtain an interface permission configuration total set;

receiving an access request, constructing an interface access page according to the access request and the interface authority configuration aggregate, and pushing the interface access page to terminal equipment corresponding to an access request initiator.

Optionally, the obtaining an object code file according to the permission configuration request, and performing interface extraction on the object code file to obtain an interface set to be configured includes:

extracting a code path in the permission configuration request, and acquiring a corresponding code file in a preset code library according to the code path to obtain the target code file;

and reading all interfaces in the target code file to obtain the interface set to be configured.

Optionally, the performing interface call data merging and interface merging on all interfaces in the interface set to be configured according to the interface authority of each interface included in the interface set to be configured to obtain a standard interface set to be configured includes:

extracting the interfaces with the same interface authority in the interface set to be configured to obtain a corresponding interface subset;

merging all interfaces in the interface subset to obtain a standard interface;

and summarizing all the standard interfaces to obtain the standard interface set to be configured.

Optionally, the merging all interfaces in the interface subset to obtain a standard interface includes:

acquiring corresponding interface calling data according to an interface path contained in each interface in the interface subset;

merging all the interface calling data to obtain target data, storing the target data in a preset database and generating a storage path;

and randomly selecting one interface from the interface subset to determine as an initial interface, and replacing an interface path contained in the initial interface with the storage path to obtain the standard interface.

Optionally, the performing role authority configuration on each interface in the standard interface set to be configured according to a preset role authority table and the user role information to obtain an interface authority configuration aggregate, including:

extracting all roles in the user role information and performing duplicate removal processing to obtain a role set;

marking the interface authority corresponding to each role in the role set according to the preset role authority table to obtain a standard role set;

acquiring a corresponding interface in the standard interface set to be configured according to the interface authority of each role in the standard role set to obtain a corresponding role interface set;

associating each user in the user role information with the role interface set of the corresponding role to obtain a user role interface set;

and summarizing all the user role interface sets to obtain the interface authority configuration total set.

Optionally, constructing an interface access page according to the access request and the interface authority configuration aggregate, including:

constructing a user role keyword according to the user login information in the access request;

screening a user role interface set corresponding to the interface authority configuration total set by using the user role keywords;

and constructing the interface access page by using all the screened interfaces in the user role interface set.

Optionally, the aggregating all the standard interfaces to obtain the standard interface set to be configured includes:

converting all data contained in each standard interface into json format to obtain a corresponding target interface;

and summarizing all the target interfaces to obtain the standard interface set to be configured.

In order to solve the above problem, the present invention also provides an authority configuration apparatus, including:

the interface configuration module is used for responding to the authority configuration request, acquiring a target code file according to the authority configuration request, and performing interface extraction on the target code file to obtain an interface set to be configured; performing interface calling data combination and interface combination on all interfaces in the interface set to be configured according to the interface authority of each interface in the interface set to be configured to obtain a standard interface set to be configured;

the authority configuration module is used for extracting user role information in the authority configuration request, and performing role authority configuration on each interface in the standard interface set to be configured according to a preset role authority table and the user role information to obtain an interface authority configuration total set;

and the authority interface pushing module is used for constructing an interface access page according to the access request and the interface authority configuration aggregate and pushing the interface access page to the terminal equipment corresponding to the access request initiator.

In order to solve the above problem, the present invention also provides an electronic device, including:

a memory storing at least one computer program; and

and the processor executes the computer program stored in the memory to realize the authority configuration method.

In order to solve the above problem, the present invention also provides a computer-readable storage medium, in which at least one computer program is stored, and the at least one computer program is executed by a processor in an electronic device to implement the rights configuration method described above.

Drawings

Fig. 1 is a schematic flowchart of a permission configuration method according to an embodiment of the present invention;

fig. 2 is a block diagram of a privilege configuration apparatus according to an embodiment of the present invention;

fig. 3 is a schematic internal structural diagram of an electronic device implementing a permission configuration method according to an embodiment of the present invention;

the implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.

Detailed Description

It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.

The embodiment of the invention provides a permission configuration method. The execution subject of the authority configuration method includes, but is not limited to, at least one of electronic devices such as a server and a terminal, which can be configured to execute the method provided by the embodiments of the present application. In other words, the authority configuration method may be performed by software or hardware installed in the terminal device or the server device, and the software may be a block chain platform. The server includes but is not limited to: a single server, a server cluster, a cloud server or a cloud server cluster, and the like.

Referring to fig. 1, a flowchart of a permission configuration method according to an embodiment of the present invention is shown, where in the embodiment of the present invention, the permission configuration method includes:

s1, responding to the authority configuration request, acquiring a target code file according to the authority configuration request, and performing interface extraction on the target code file to obtain an interface set to be configured;

in the embodiment of the present invention, the permission configuration request is permission configuration request information of a newly added service of a certain company, and includes: the method comprises the steps of code path and user role information, wherein the code path is a hosting path of an object code file of a newly added service in a preset code library, the object code file is an access calling code of service data of the newly added service, the user role information is role information of each user in the newly added service, and the same user can have different roles, such as that a user A is a project principal or a general manager.

Further, in order to configure information that different user roles in the user role information can access, in the embodiment of the present invention, an object code file is obtained according to the permission configuration request, and all interfaces of the object code file are extracted to obtain an interface set to be configured.

In detail, in the embodiment of the present invention, the obtaining an object code file according to the permission configuration request, and extracting all interfaces of the object code file to obtain an interface set to be configured includes: extracting a code path in the permission configuration request, and acquiring a corresponding code file in a preset code library according to the code path to obtain the target code file; and reading all interfaces in the target code file to obtain an interface set to be configured. The interface comprises an interface type, an interface path and an interface authority, and further the interface authority is the interface authority as follows: and the interface path is a storage path of data which can be called by the interface.

S2, performing interface calling data merging and interface merging on all interfaces in the interface set to be configured according to the interface authority of each interface contained in the interface set to be configured to obtain a standard interface set to be configured;

in the embodiment of the invention, in order to improve the calling efficiency of the interfaces, interface calling data merging and interface merging are carried out on all the interfaces in the interface set to be configured according to the interface authority of each interface in the interface set to be configured, so that a standard interface set to be configured is obtained.

In detail, in the embodiment of the present invention, the performing interface call data merging and interface merging on all interfaces in the interface set to be configured according to the interface permission of each interface included in the interface set to be configured to obtain the standard interface set to be configured includes: extracting the interfaces with the same interface authority in the interface set to be configured to obtain a corresponding interface subset, such as: the interface to be configured is a class A interface and a class B interface, all class A interfaces in the interface set to be configured are extracted to obtain a class A interface subset, and all class B interfaces in the interface set to be configured are extracted to obtain a class B interface subset; merging all interfaces in the interface subset to obtain a standard interface; and summarizing all the standard interfaces to obtain the standard interface set to be configured.

Further, in this embodiment of the present invention, the merging all interfaces in the interface subset to obtain a standard interface includes: acquiring corresponding interface calling data according to an interface path contained in each interface in the interface subset, wherein the interface calling data are data which can be acquired by calling each interface through the interface path; merging all the interface calling data to obtain target data, realizing centralized calling management of data corresponding to interfaces with the same interface authority, storing the target data in a preset database and generating a storage path; and randomly selecting one interface from the interface subset to determine as an initial interface, and replacing an interface path contained in the initial interface with the storage path to obtain the standard interface. Further, in order to facilitate the call of the interfaces, all data included in each standard interface is converted into a json format to obtain a corresponding target interface, and all the target interfaces are summarized to obtain the standard interface set to be configured.

The plurality of interfaces are combined into one interface, so that the authority configuration of the plurality of interfaces can be converted into the authority configuration of one interface, and the efficiency of the authority configuration is improved.

S3, extracting user role information in the permission configuration request, and performing role permission configuration on each interface in the standard interface set to be configured according to a preset role permission table and the user role information to obtain an interface permission configuration total set;

in this embodiment of the present invention, the performing role authority configuration on each interface in the standard interface set to be configured according to a preset role authority table and the user role information to obtain an authority configuration interface set includes: extracting all roles in the user role information and performing duplicate removal processing to obtain a role set; marking the interface authority corresponding to each role in the role set according to the preset role authority table to obtain a standard role set, avoiding repeated matching of the same roles of different users, and improving matching efficiency, wherein the preset role authority table contains the interface authorities corresponding to different roles, such as: the role is an engineer, the interface authorities corresponding to the engineer are A level and B level, and then the engineer can access the A level interface and the B level interface; acquiring a corresponding interface in the standard interface set to be configured according to the interface authority of each role in the standard role set to obtain a corresponding role interface set, such as: if the interface authority of the engineer role is A level and B level, acquiring an A level interface and a B level interface in the standard interface set to be configured to obtain a role interface set corresponding to the engineer role; associating each user in the user role information with the role interface set of the corresponding role to obtain a user role interface set, if the role of the user A is an engineer and a project group leader, associating the user A with the engineer role interface set to obtain a user A engineer role interface set, and associating the user A with the project group leader role interface set to obtain a user A project group leader role interface set; and summarizing all user role interface sets to obtain an interface authority configuration total set. The embodiment of the invention can reduce the influence of the permission configuration caused by the change of the user role by respectively corresponding different user role interface sets to different roles of the same user, and only needs to add or delete the corresponding user role interface sets when the role of the user is changed, thereby improving the efficiency of the permission configuration.

In another embodiment of the present invention, in order to ensure the privacy of data, the interface authority configuration aggregate may be stored in a block link point.

S4, receiving an access request, constructing an interface access page according to the access request and the interface authority configuration aggregate, and pushing the interface access page to the terminal equipment corresponding to the access request initiator.

In the embodiment of the present invention, the access request is user login information subjected to login authentication, where the user login information includes user information and role information, for example: the login information of the user is the user information A, the role information is the engineer, further, in the embodiment of the invention, the user role key words are constructed according to the user login information in the access request, and the user role key words are utilized to screen the user role interface set corresponding to the interface authority configuration aggregate, such as: the login information of a user is user information A, the role information is an engineer, the constructed user role key word is a user A engineer, a user A engineer role interface set in the interface authority configuration total set is screened, an interface access page is constructed by utilizing all interfaces in the screened user role interface set, and in detail, a blank interface component page is created by all the interfaces in the screened user role interface set; binding each interface in the screened user role interface set with a corresponding component in the interface component page to obtain the interface access page, wherein the interface access page comprises the following steps: and then creating an interface component page comprising a blank A interface component and a blank B interface component, then binding the blank A interface component with the A interface, and binding the blank B interface component with the B interface to obtain the interface access page, and further pushing the interface access page to the terminal equipment of the access request initiator, wherein the interface access page is a front-end page capable of accessing all the interfaces in the user role interface set.

Fig. 2 is a functional block diagram of the right configuration apparatus according to the present invention.

The authority configuration apparatus 100 of the present invention may be installed in an electronic device. According to the implemented functions, the authority configuration device may include an interface configuration module 101, an authority configuration module 102, and an authority interface pushing module 103, which may also be referred to as a unit, and refers to a series of computer program segments that can be executed by a processor of an electronic device and can perform fixed functions, and are stored in a memory of the electronic device.

In the present embodiment, the functions regarding the respective modules/units are as follows:

the interface configuration module 101 is configured to respond to a permission configuration request, obtain an object code file according to the permission configuration request, and perform interface extraction on the object code file to obtain an interface set to be configured; and carrying out interface calling data combination and interface combination on all the interfaces in the interface set to be configured according to the interface authority of each interface in the interface set to be configured to obtain a standard interface set to be configured.

Further, in order to configure information that different user roles in the user role information can access, in the embodiment of the present invention, the interface configuration module 101 obtains an object code file according to the permission configuration request, extracts all interfaces of the object code file, and obtains an interface set to be configured.

In detail, in the embodiment of the present invention, the interface configuration module 101 extracts all interfaces of the object code file by using the following means to obtain an interface set to be configured, including: extracting a code path in the permission configuration request, and acquiring a corresponding code file in a preset code library according to the code path to obtain the target code file; and reading all interfaces in the target code file to obtain an interface set to be configured. The interface comprises an interface type, an interface path and an interface authority, and further the interface authority is the interface authority as follows: and the interface path is a storage path of data which can be called by the interface.

In detail, in this embodiment of the present invention, the interface configuration module 101 performs interface call data merging and interface merging on all interfaces in the interface set to be configured according to the interface right of each interface included in the interface set to be configured by using the following means, so as to obtain the standard interface set to be configured, including: extracting the interfaces with the same interface authority in the interface set to be configured to obtain a corresponding interface subset, such as: the interface to be configured is a class A interface and a class B interface, all class A interfaces in the interface set to be configured are extracted to obtain a class A interface subset, and all class B interfaces in the interface set to be configured are extracted to obtain a class B interface subset; merging all interfaces in the interface subset to obtain a standard interface; and summarizing all the standard interfaces to obtain the standard interface set to be configured.

Further, in this embodiment of the present invention, the merging, by the interface configuration module 101, all interfaces in the interface subset by using the following means to obtain a standard interface includes: acquiring corresponding interface calling data according to an interface path contained in each interface in the interface subset, wherein the interface calling data are data which can be acquired by each interface through interface path access; merging all the interface calling data to obtain target data, storing the target data in a preset database and generating a storage path; and randomly selecting one interface from the interface subset to determine as an initial interface, and replacing an interface path contained in the initial interface with the storage path to obtain the standard interface. Further, in order to facilitate the invocation of the interfaces, all data included in each standard interface is converted into a json format to obtain a corresponding target interface, all the target interfaces are summarized to obtain the standard interface set to be configured, and preferably, the preset interface format in the embodiment of the present invention is the json format.

The permission configuration module 102 is configured to extract user role information in the permission configuration request, and perform role permission configuration on each interface in the standard interface set to be configured according to a preset role permission table and the user role information to obtain an interface permission configuration total set.

In this embodiment of the present invention, the authority configuration module 102 performs role authority association between the user role information and all interfaces in the standard interface set to be configured by using the following means to obtain an authority configuration interface set, including: extracting all roles in the user role information and performing duplicate removal processing to obtain a role set; marking the interface authority corresponding to each role in the role set according to the preset role authority table to obtain a standard role set, avoiding repeated matching of the same roles of different users, and improving matching efficiency, wherein the preset role authority table contains the interface authorities corresponding to different roles, such as: the role is an engineer, the interface authorities corresponding to the engineer are A level and B level, and then the engineer can access the A level interface and the B level interface; acquiring a corresponding interface in the standard interface set to be configured according to the interface authority of each role in the standard role set to obtain a corresponding role interface set, such as: if the interface authority of the engineer role is A level and B level, acquiring an A level interface and a B level interface in the standard interface set to be configured to obtain a role interface set corresponding to the engineer role; associating each user in the user role information with the role interface set of the corresponding role to obtain a user role interface set, if the role of the user A is an engineer and a project group leader, associating the user A with the engineer role interface set to obtain a user A engineer role interface set, and associating the user A with the project group leader role interface set to obtain a user A project group leader role interface set; and summarizing all user role interface sets to obtain an interface authority configuration total set. The embodiment of the invention can reduce the influence of the permission configuration caused by the change of the user role by respectively corresponding different user role interface sets to different roles of the same user, and only needs to add or delete the corresponding user role interface sets when the role of the user is changed, thereby improving the efficiency of the permission configuration.

The authority interface pushing module 103 is configured to construct an interface access page according to the access request and the interface authority configuration aggregate, and push the interface access page to the terminal device corresponding to the access request initiator.

In the embodiment of the present invention, the access request is user login information subjected to login authentication, where the user login information includes user information and role information, for example: further, in the embodiment of the present invention, the authority interface pushing module 103 constructs a user role keyword according to the user login information in the access request, and screens a user role interface set corresponding to the interface authority configuration total set by using the user role keyword, where the login information of the user is a user a, and the role information is an engineer, and if: the login information of the user is user information A, the role information is an engineer, the constructed user role key word is a user A engineer, and a user A engineer role interface set in the interface authority configuration total set is screened; the permission interface pushing module 103 constructs an interface access page by using all the interfaces in the user role interface set which are screened, and in detail, the permission interface pushing module 103 creates a blank interface component page for all the interfaces in the user role interface set which are screened according to the embodiment of the present invention; binding each interface in the screened user role interface set with a corresponding component in the interface component page to obtain the interface access page, wherein the interface access page comprises the following steps: and then creating an interface component page comprising a blank A interface component and a blank B interface component, then binding the blank A interface component with the A interface, and binding the blank B interface component with the B interface to obtain the interface access page, and further pushing the interface access page to the terminal equipment of the access request initiator, wherein the interface access page is a front-end page capable of accessing all the interfaces in the user role interface set.

Fig. 3 is a schematic structural diagram of an electronic device implementing the permission configuration method according to the present invention.

The electronic device 1 may comprise a processor 10, a memory 11 and a bus, and may further comprise a computer program, such as a rights configuration program 12, stored in the memory 11 and executable on the processor 10.

The memory 11 includes at least one type of readable storage medium, which includes flash memory, removable hard disk, multimedia card, card-type memory (e.g., SD or DX memory, etc.), magnetic memory, magnetic disk, optical disk, etc. The memory 11 may in some embodiments be an internal storage unit of the electronic device 1, such as a removable hard disk of the electronic device 1. The memory 11 may also be an external storage device of the electronic device 1 in other embodiments, such as a plug-in mobile hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like, which are provided on the electronic device 1. Further, the memory 11 may also include both an internal storage unit and an external storage device of the electronic device 1. The memory 11 may be used not only to store application software installed in the electronic device 1 and various types of data, such as codes of a rights configuration program, but also to temporarily store data that has been output or is to be output.

The processor 10 may be composed of an integrated circuit in some embodiments, for example, a single packaged integrated circuit, or may be composed of a plurality of integrated circuits packaged with the same or different functions, including one or more Central Processing Units (CPUs), microprocessors, digital Processing chips, graphics processors, and combinations of various control chips. The processor 10 is a Control Unit (Control Unit) of the electronic device, connects various components of the electronic device by using various interfaces and lines, and executes various functions and processes data of the electronic device 1 by running or executing programs or modules (such as a permission configuration program) stored in the memory 11 and calling data stored in the memory 11.

The bus may be a Peripheral Component Interconnect (PCI) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. The bus is arranged to enable connection communication between the memory 11 and at least one processor 10 or the like.

Fig. 3 shows only an electronic device with components, and it will be understood by those skilled in the art that the structure shown in fig. 3 does not constitute a limitation of the electronic device 1, and may comprise fewer or more components than those shown, or some components may be combined, or a different arrangement of components.

For example, although not shown, the electronic device 1 may further include a power supply (such as a battery) for supplying power to each component, and preferably, the power supply may be logically connected to the at least one processor 10 through a power management device, so as to implement functions of charge management, discharge management, power consumption management, and the like through the power management device. The power supply may also include any component of one or more dc or ac power sources, recharging devices, power failure detection circuitry, power converters or inverters, power status indicators, and the like. The electronic device 1 may further include various sensors, a bluetooth module, a Wi-Fi module, and the like, which are not described herein again.

Further, the electronic device 1 may further include a network interface, and optionally, the network interface may include a wired interface and/or a wireless interface (such as a WI-FI interface, a bluetooth interface, etc.), which are generally used for establishing a communication connection between the electronic device 1 and other electronic devices.

Optionally, the electronic device 1 may further comprise a user interface, which may be a Display (Display), an input unit (such as a Keyboard), and optionally a standard wired interface, a wireless interface. Alternatively, in some embodiments, the display may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, an OLED (Organic Light-Emitting Diode) touch device, or the like. The display, which may also be referred to as a display screen or display unit, is suitable for displaying information processed in the electronic device 1 and for displaying a visualized user interface, among other things.

It is to be understood that the described embodiments are for purposes of illustration only and that the scope of the appended claims is not limited to such structures.

The rights configuration program 12 stored in the memory 11 of the electronic device 1 is a combination of a plurality of computer programs which, when run in the processor 10, enable:

Specifically, the processor 10 may refer to the description of the relevant steps in the embodiment corresponding to fig. 1 for a specific implementation method of the computer program, which is not described herein again.

Further, the integrated modules/units of the electronic device 1, if implemented in the form of software functional units and sold or used as separate products, may be stored in a computer readable storage medium. The computer readable medium may be non-volatile or volatile. The computer-readable medium may include: any entity or device capable of carrying said computer program code, recording medium, U-disk, removable hard disk, magnetic disk, optical disk, computer Memory, Read-Only Memory (ROM).

Further, the computer usable storage medium may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function, and the like; the storage data area may store data created according to the use of the blockchain node, and the like.

In the embodiments provided in the present invention, it should be understood that the disclosed apparatus, device and method can be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the modules is only one logical functional division, and other divisions may be realized in practice.

The modules described as separate parts may or may not be physically separate, and parts displayed as modules may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment.

In addition, functional modules in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional module.

It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof.

The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference signs in the claims shall not be construed as limiting the claim concerned.

The block chain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism, an encryption algorithm and the like. A block chain (Blockchain), which is essentially a decentralized database, is a series of data blocks associated by using a cryptographic method, and each data block contains information of a batch of network transactions, so as to verify the validity (anti-counterfeiting) of the information and generate a next block. The blockchain may include a blockchain underlying platform, a platform product service layer, an application service layer, and the like.

Furthermore, it is obvious that the word "comprising" does not exclude other elements or steps, and the singular does not exclude the plural. A plurality of units or means recited in the system claims may also be implemented by one unit or means in software or hardware. The terms second, etc. are used to denote names, but not any particular order.

Finally, it should be noted that the above embodiments are only for illustrating the technical solutions of the present invention and not for limiting, and although the present invention is described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications or equivalent substitutions may be made on the technical solutions of the present invention without departing from the spirit and scope of the technical solutions of the present invention.

Claims

Translated fromChinese

1.一种权限配置方法，其特征在于，所述方法包括：1. A rights configuration method, characterized in that the method comprises:

响应权限配置请求，根据所述权限配置请求获取目标代码文件，对所述目标代码文件进行接口提取，得到待配置接口集；Responding to the permission configuration request, obtaining a target code file according to the permission configuration request, and performing interface extraction on the target code file to obtain a to-be-configured interface set;

根据所述待配置接口集中包含的每个接口的接口权限对所述待配置接口集中的所有接口进行接口调用数据合并及接口合并，得到标准待配置接口集；Perform interface call data merging and interface merging for all interfaces in the to-be-configured interface set according to the interface authority of each interface included in the to-be-configured interface set, to obtain a standard to-be-configured interface set;

提取所述权限配置请求中的用户角色信息，根据预设角色权限表与所述用户角色信息将所述标准待配置接口集中的每个接口进行角色权限配置，得到接口权限配置总集；extracting the user role information in the permission configuration request, and performing role permission configuration on each interface in the standard to-be-configured interface set according to a preset role permission table and the user role information, to obtain a total interface permission configuration set;

接收访问请求，根据所述访问请求及所述接口权限配置总集构建接口访问页面，将所述接口访问页面推送至所述访问请求发起人员对应的终端设备。An access request is received, an interface access page is constructed according to the access request and the interface permission configuration set, and the interface access page is pushed to the terminal device corresponding to the person initiating the access request.

2.如权利要求1所述的权限配置方法，其特征在于，所述根据所述权限配置请求获取目标代码文件，对所述目标代码文件进行接口提取，得到待配置接口集，包括：2. The authority configuration method according to claim 1, wherein the obtaining a target code file according to the authority configuration request, and performing interface extraction on the target code file to obtain an interface set to be configured, comprising:

提取所述权限配置请求中的代码路径，根据所述代码路径在预设的代码库中获取对应的代码文件，得到所述目标代码文件；Extracting the code path in the permission configuration request, obtaining the corresponding code file in the preset code base according to the code path, and obtaining the target code file;

读取所述目标代码文件中所有接口，得到所述待配置接口集。Read all interfaces in the target code file to obtain the to-be-configured interface set.

3.如权利要求2所述的权限配置方法，其特征在于，所述根据所述待配置接口集中包含的每个接口的接口权限对所述待配置接口集中的所有接口进行接口调用数据合并及接口合并，得到标准待配置接口集，包括：3 . The authority configuration method according to claim 2 , wherein, according to the interface authority of each interface included in the to-be-configured interface set, all interfaces in the to-be-configured interface set are combined with interface call data and combined. The interfaces are merged to obtain a standard set of interfaces to be configured, including:

提取所述待配置接口集中同一接口权限的接口，得到对应的接口子集；Extracting the interfaces of the same interface authority in the to-be-configured interface set to obtain a corresponding interface subset;

对所述接口子集中的所有接口进行合并，得到标准接口；Merging all the interfaces in the interface subset to obtain a standard interface;

汇总所有的所述标准接口，得到所述标准待配置接口集。Summarize all the standard interfaces to obtain the standard interface set to be configured.

4.如权利要求3所述的权限配置方法，其特征在于，所述对所述接口子集中的所有接口进行合并，得到标准接口，包括：4. The authority configuration method according to claim 3, wherein the combining all interfaces in the interface subset to obtain a standard interface, comprising:

根据所述接口子集中的每个接口包含的接口路径获取对应的接口调用数据；Acquire corresponding interface invocation data according to the interface path included in each interface in the interface subset;

合并所有的接口调用数据得到目标数据，将所述目标数据存储在预设的数据库中并生成存储路径；Merge all the interface calling data to obtain target data, store the target data in a preset database and generate a storage path;

随机从所述所述接口子集中选取一个接口确定为初始接口，将所述初始接口包含的接口路径替换为所述存储路径，得到所述标准接口。An interface is randomly selected from the interface subset and determined as the initial interface, and the interface path included in the initial interface is replaced with the storage path to obtain the standard interface.

5.如权利要求4所述的权限配置方法，其特征在于，所述根据预设角色权限表与所述用户角色信息将所述标准待配置接口集中的每个接口进行角色权限配置，得到接口权限配置总集，包括：5 . The authority configuration method according to claim 4 , wherein, according to the preset role authority table and the user role information, the role authority configuration is performed on each interface in the standard to-be-configured interface set to obtain the interface. 6 . A collection of permissions configuration, including:

提取所述用户角色信息中的所有角色并进行去重处理，得到角色集；Extract all roles in the user role information and perform deduplication processing to obtain a role set;

根据所述预设角色权限表标记所述角色集中每种角色对应的接口权限，得到标准角色集；Mark the interface permissions corresponding to each role in the role set according to the preset role permission table to obtain a standard role set;

根据所述标准角色集中每种角色的接口权限获取所述标准待配置接口集中对应的接口，得到对应的角色接口集；Obtain the corresponding interface in the standard to-be-configured interface set according to the interface authority of each role in the standard role set, and obtain the corresponding role interface set;

将所述用户角色信息中的每个用户与对应角色的所述角色接口集进行关联，得到用户角色接口集；Associating each user in the user role information with the role interface set of the corresponding role to obtain a user role interface set;

汇总所有的所述用户角色接口集，得到所述接口权限配置总集。Summarize all the user role interface sets to obtain the interface authority configuration set.

6.如权利要求5所述的权限配置方法，其特征在于，所述根据所述访问请求及所述接口权限配置总集构建接口访问页面，包括：6. The permission configuration method according to claim 5, wherein the building an interface access page according to the access request and the interface permission configuration collection comprises:

根据所述访问请求中用户登录信息构建用户角色关键词；Build user role keywords according to the user login information in the access request;

利用所述用户角色关键词筛选所述接口权限配置总集中对应的用户角色接口集；Use the user role keyword to filter the corresponding user role interface set in the interface authority configuration master set;

利用筛选的所述用户角色接口集中的所有接口构建所述接口访问页面。The interface access page is constructed using all the interfaces in the filtered user role interface set.

7.如权利要求3所述的权限配置方法，其特征在于，所述汇总所有的所述标准接口，得到所述标准待配置接口集，包括：7. The rights configuration method according to claim 3, wherein the summarizing all the standard interfaces to obtain the standard interface set to be configured comprises:

将每个所述标准接口中包含的所有数据转换为json格式，得到对应的目标接口；Convert all data contained in each of the standard interfaces into json format to obtain the corresponding target interface;

汇总所有的所述目标接口，得到所述标准待配置接口集。Summarize all the target interfaces to obtain the standard interface set to be configured.

8.一种权限配置装置，其特征在于，包括：8. An authority configuration device, comprising:

接口配置模块，用于响应权限配置请求，根据所述权限配置请求获取目标代码文件，对所述目标代码文件进行接口提取，得到待配置接口集；根据所述待配置接口集中包含的每个接口的接口权限对所述待配置接口集中的所有接口进行接口调用数据合并及接口合并，得到标准待配置接口集；an interface configuration module, configured to respond to a permission configuration request, obtain a target code file according to the permission configuration request, perform interface extraction on the target code file, and obtain a set of interfaces to be configured; according to each interface included in the set of interfaces to be configured The interface authority performs interface calling data merging and interface merging on all interfaces in the to-be-configured interface set to obtain a standard to-be-configured interface set;

权限配置模块，用于提取所述权限配置请求中的用户角色信息，根据预设角色权限表与所述用户角色信息将所述标准待配置接口集中的每个接口进行角色权限配置，得到接口权限配置总集；A rights configuration module, configured to extract the user role information in the rights configuration request, and configure the role rights for each interface in the standard to-be-configured interface set according to the preset role rights table and the user role information to obtain interface rights configuration set;

权限接口推送模块，用于根据所述访问请求及所述接口权限配置总集构建接口访问页面，将所述接口访问页面推送至所述访问请求发起人员对应的终端设备。A permission interface push module is configured to construct an interface access page according to the access request and the interface permission configuration set, and push the interface access page to the terminal device corresponding to the person who initiates the access request.

9.一种电子设备，其特征在于，所述电子设备包括：9. An electronic device, characterized in that the electronic device comprises:

至少一个处理器；以及，at least one processor; and,

与所述至少一个处理器通信连接的存储器；其中，a memory communicatively coupled to the at least one processor; wherein,

所述存储器存储有可被所述至少一个处理器执行的计算机程序指令，所述计算机程序指令被所述至少一个处理器执行，以使所述至少一个处理器能够执行如权利要求1至7中任一所述的权限配置方法。The memory stores computer program instructions executable by the at least one processor, the computer program instructions being executed by the at least one processor to enable the at least one processor to perform the functions of claims 1 to 7 Any of the described permission configuration methods.

10.一种计算机可读存储介质，存储有计算机程序，其特征在于，所述计算机程序被处理器执行时实现如权利要求1至7中任一所述的权限配置方法。10 . A computer-readable storage medium storing a computer program, wherein when the computer program is executed by a processor, the rights configuration method according to any one of claims 1 to 7 is implemented. 11 .