Disclosure of Invention
An object of the present invention is to provide a service role-based route management method, a storage medium, and a program product, for reducing the workload of updating the routing authority of a user and improving the working efficiency of a network system.
In a first aspect, the present invention provides a routing authority management method based on service roles, including:
acquiring a plurality of types of service roles, and configuring routing authority of each service role;
Acquiring authority setting information of a target user and at least one corresponding service role, and acquiring an overall routing rule of the target user according to the authority setting information and routing authority of the service role corresponding to the target user;
And controlling the access of the target user to the system resource according to the overall routing rule of the target user.
Further, the step of acquiring a plurality of types of service roles includes:
acquiring functions and rights of a plurality of preset users, and acquiring service similarity among the preset users according to the functions and rights;
Classifying a plurality of preset users according to the service similarity to obtain a plurality of preset user sets, and obtaining the service roles respectively corresponding to the preset user sets.
Further, the step of obtaining the overall routing rule of the target user at least according to the authority setting information and the routing authority of the service role corresponding to the target user includes:
Judging whether the target user has a route jump request to pass through a route guard for the first time;
if yes, acquiring a first dynamic route and a personalized route of the route jump request according to the authority setting information, and acquiring a second dynamic route according to the route authority of the service role corresponding to the target user;
Adding the first dynamic route, the second dynamic route, and the personalized route to the overall routing rule.
Further, after the step of adding the first dynamic route, the second dynamic route, and the personalized route to the overall routing rule, the method further comprises:
And storing the whole routing rule into a local cache.
Further, after the step of storing the dynamic route and the personalized route of the page hop request in the overall routing rule, the method further comprises:
Detecting whether the overall routing rule has a dynamic routing authority which is repeated with the personalized routing;
And if so, deleting the dynamic routing authority which is repeated with the personalized routing.
Further, the routing authority management method further comprises the following steps:
After detecting configuration of the authority setting information or after acquiring a service role corresponding to the target user, storing the authority setting information or the service role corresponding to the target user into a database;
the step of obtaining the authority setting information of the target user and the corresponding at least one service role comprises the following steps:
and reading the authority setting information and the service roles corresponding to the target user from the database.
Further, the step of controlling the access of the target user to the system resource according to the overall routing rule of the target user includes:
After receiving a page jump request of the target user, acquiring a uniform resource locator of a browsing address bar of the target user;
detecting whether the uniform resource locator is matched with the whole routing rule;
if so, jumping to the page corresponding to the uniform resource locator.
Further, before the step of acquiring the plurality of types of service roles, the method further includes:
and obtaining a routing rule file, and configuring and registering a routing manager according to the routing rule file.
In a second aspect, the present invention also provides a computer readable storage medium having stored thereon a computer program which when executed by a processor implements the steps of the traffic role based routing right management method as described in any of the above.
In a third aspect, the present invention also provides a computer program product comprising a computer program, characterized in that the computer program, when executed by a processor, implements the steps of the traffic role based routing right management method as described in any of the above.
The technical scheme provided by the invention can configure the overall routing rule of the target user by setting the authority setting information and the service role of the target user so as to control the access of the target user to the system resource according to the overall routing rule, thereby improving the convenience of configuring the routing authority of the target user, reducing the workload of configuring the routing authority of the target user and achieving the purpose of improving the working efficiency of the network system.
The above, as well as additional objectives, advantages, and features of the present invention will become apparent to those skilled in the art from the following detailed description of a specific embodiment of the present invention when read in conjunction with the accompanying drawings.
Detailed Description
A traffic role-based route management method, a storage medium, and a program product according to embodiments of the present invention are described below with reference to fig. 1 to 7. In the description of the present embodiment, it should be understood that the terms "first" and "second" are used for descriptive purposes only and are not to be construed as indicating or implying a relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include at least one such feature, i.e. one or more such features. In the description of the present invention, the meaning of "plurality" means at least two, for example, two, three, etc., unless specifically defined otherwise. When a feature "comprises or includes" a feature or some of its coverage, this indicates that other features are not excluded and may further include other features, unless expressly stated otherwise.
Referring to fig. 1, fig. 1 is a schematic flow chart of a routing management method based on service roles according to an embodiment of the present invention, where routing permissions can be loaded on different service roles, and the routing permissions are allocated to users by setting the service roles of the users, so as to improve the convenience of updating the routing permission configuration of the users.
As shown in fig. 1, the routing management method based on service roles of the present embodiment may generally include:
S101, acquiring a plurality of types of service roles and configuring routing authorities of the service roles;
Step S102, obtaining authority setting information of a target user and at least one service role corresponding to the target user;
Step 103, obtaining the overall routing rule of the target user according to the authority setting information of the target user and the routing authority of the service role corresponding to the target user;
and step S104, controlling the access of the target user to the system resource according to the overall routing rule of the target user.
In the step S101, a plurality of preset users may be obtained first, then the plurality of preset users are classified according to the service similarity between the preset users, and then each type is respectively corresponding to one service role, so as to obtain a plurality of types of service roles. Because the service types of the preset users in the same type have higher service similarity, the service types can be used as the routing authority of the corresponding service roles according to the routing authority shared by the preset users of various types.
In this embodiment, the routing authority of the service role refers to that the service role has the authority of using a route, and after the service role has the authority of a certain route, the service role can jump to a corresponding page according to the route so as to perform service processing on the system resource of the page.
In the step S102, the authority setting information of the target user is the routing authority information of the user configured in the background by the manager according to the authority and function of the target user, and after the authority setting information of the target user is configured by the manager, the authority setting information can be stored, and the authority setting information of the target user is obtained by reading the stored data in the using process.
In this embodiment, the service roles corresponding to the target user may be obtained according to the service types handled by the target user, and since the target user may handle multiple types of services, the target user may correspond to multiple service roles.
In the step S103, each service role has its corresponding routing authority, and in this embodiment, the routing authority of the target user with authority may be obtained according to the routing authorities of all the service roles corresponding to the target user and the routing authorities in the authority setting information of the target user, and the routing is added to the overall routing rule of the target user.
In the step S104, in the process that the target user requests to jump to access the page, the page requested to access is verified according to the overall routing rule of the target user, and after the verification is passed, the target user is allowed to jump to the page, otherwise, the user is not allowed to jump to the page, thereby realizing control of the access of the target user to the system resource and improving the security of the system resource.
According to the above, the technical solution of the present embodiment can configure the overall routing rule of the target user by setting the authority setting information of the target user and the service role, so as to control the access of the target user to the system resource according to the overall routing rule, thereby improving the convenience of configuring the routing authority of the target user, reducing the workload of configuring the routing authority of the target user, and achieving the purpose of improving the working efficiency of the network system.
In some embodiments of the present invention, the method for acquiring multiple types of service roles in the step S101 is shown in fig. 2, and includes the following steps:
Step S201, acquiring functions and rights of a plurality of preset users, and calculating service similarity among the preset users according to the functions and rights;
Step S202, classifying each preset user according to the business similarity among the preset users to obtain a plurality of preset user sets;
step 203, respectively obtaining service roles corresponding to each preset user set, thereby obtaining a plurality of types of service roles.
In the step S201, the service similarity between the preset users may be calculated according to the number of shared functions and the number of shared rights between the preset users, and the greater the number of shared functions and the number of shared rights between the two preset users, the greater the service similarity between the two preset users.
Assuming that the first preset user and the second preset user both have N functions and M rights, and the number of functions shared by the first preset user and the second preset user is N and the number of rights shared by the first preset user and the second preset user is M, the similarity P between the first preset user and the second preset user can be calculated by the following calculation formula:
where α is a function weight value, is a β authority weight value, and α+β=1.
In the step S202, the preset users with the service similarity greater than the preset similarity threshold may be classified into the same preset user set, so that each preset user is classified into different preset user sets to obtain a plurality of preset user sets.
In the step S203, the service roles corresponding to the preset user sets may be obtained according to the functions and rights of the preset users in the preset user sets. For example, if all preset users in one preset user set have the authority for resource management, setting the service role corresponding to the preset user set as an administrator, if all preset users in one preset user set have the browsing authority for resources, setting the service role corresponding to the preset user set as a common user, and if all preset users in one preset user set have the browsing authority for specific resources, setting the service role corresponding to the preset user set as tourists.
Through the technical scheme of the embodiment, the preset users can be classified according to the functions and the authorities of the preset users to obtain a plurality of types of service roles, so that the types of the service roles can cover all the preset users, and the reliability and the accuracy of the routing authority configuration of the target users are improved.
In some embodiments of the present invention, each route hop request of the target user needs to go through the route guard, and each route hop request stores the dynamic route and the personalized route information corresponding to the route hop request into the overall route rule of the target user in the process of going through the route guard for the first time.
Based on the above principle, in step S103, the method for obtaining the overall routing rule of the target user according to the authority setting information of the target user and the routing authority of the service role corresponding to the target user is shown in fig. 3, and includes the following steps:
Step 301, after detecting a route jump request of a target user, judging whether the route jump request passes through a route guard for the first time;
If yes, go to step S302;
Step S302, a first dynamic route and a personalized route of the route jump request are obtained according to authority setting information of a target user, and a second dynamic route of the route jump request is obtained according to the route authority of a service role corresponding to the target user;
Step S303, adding the first dynamic route, the second dynamic route and the personalized route of the route jump request into the whole route rule of the target user.
In this embodiment, the dynamic route includes a route corresponding to the service processing page, and the target user may perform page skipping according to the dynamic route, so as to access the corresponding page. The personalized route is a route which a target user has authority to process, for example, if some special pages can only be checked by a user, the route of the special pages can be used as the personalized route of the user. Or the route corresponding to some function buttons on the specific page, the manager can determine whether the target user has the use authority of the route by configuring the personalized route of the target user.
According to the technical scheme of the embodiment, the first dynamic route, the second dynamic route and the personalized route related to the route jump can be obtained according to the authority setting information of the target user and the route authority of the corresponding service role in the process that the route jump of the target user passes through the route guard for the first time, so that the whole route rule of the target user can reflect the route used by the target user, and the reliability of configuring the route authority of the target user is improved. In this embodiment, the personalized route is also set in the overall routing rule of the target user, and the personalized route is configured in a personalized way according to the authority of the target user, so that the flexibility of configuring the routing authority of the target user is improved.
In some embodiments of the present invention, after adding the first dynamic route, the second dynamic route, and the personalized route of the route jump request of the target user to the overall routing rule of the target user in the step S303, the method further includes:
step S304, storing the whole routing rule of the target user into a local cache.
According to the technical scheme, after the overall routing rule of the target user is stored in the local cache, the overall routing rule can be directly read from the local cache in the next routing jump process of the target user, so that the route of the target user is prevented from being repeatedly acquired, and the working efficiency of data processing is improved.
In some embodiments of the present invention, as shown in fig. 4, after adding the first dynamic route, the second dynamic route, and the personalized route of the route jump request of the target user to the overall routing rule of the target user in step S303, the method further includes:
Step S311, detecting whether a dynamic route which is repeated with the personalized route exists in the overall route rule of the target user;
If yes, executing step S312, and if not, executing step S304;
Step S312, deleting the dynamic route which is repeated with the personalized route in the overall route rule of the target user, and then executing step S304.
In this embodiment, after the dynamic route repeated with the personalized route in the overall routing rule of the user is deleted, in the process of controlling the access of the target user to the system resource by adopting the overall routing rule, the personalized route can be used as the jump of the main control page, so as to improve the reliability of the access control to the target user.
In some embodiments of the present invention, the service role-based routing authority management method of the present invention further includes the following steps:
Detecting whether authority setting information of a target user configured by a manager is received or not, if yes, storing the authority setting information into a database;
And obtaining the service role corresponding to the target user according to the service type related to the target user, and storing the service role in a database.
Accordingly, in the step S102, the authority setting information of the target user and the service role corresponding to the target user may be obtained by querying the database.
By means of the technical scheme of the embodiment, the authority setting information of the target user and the corresponding service roles can be stored in the database, so that the authority setting information of the target user and the corresponding service roles can be obtained by inquiring the database, and the purpose of improving convenience of the routing authority management method is achieved.
In some embodiments of the present invention, the method for controlling the access of the target user to the system resource according to the overall routing rule of the target user in the step S103 is shown in fig. 5, and includes the following steps:
step S321, detecting whether a page jump request of a target user is received;
If yes, go to step S322;
Step S322, obtaining a uniform resource locator of a target user browser address bar, and detecting whether the uniform resource locator is matched with the overall routing rule of the target user;
if yes, go to step S323, otherwise go to step S324;
Step S323, jumping to a page corresponding to the uniform resource locator of the browsing address bar of the target user;
step S324, jump to 404 page.
In the step S321, after the target user operates the option on the page, a page skip request may be sent according to the selection of the target user, so as to skip the page. Therefore, when the operation of the target user on the page is detected, it is determined whether a page jump request of the target user is received.
In the step S322, the information in the address bar of the target user browser may be read, and the url is extracted from the information, then the route corresponding to the url in the browser address bar is obtained, and whether the route exists in the overall routing rule of the target user is detected, if so, it is determined that the url in the target user browser address bar matches the overall routing rule of the target user.
In the step S323, the target user may browse the route corresponding to the url of the address bar, and jump to the corresponding page according to the route, so as to access the page by the target user.
After jumping to the 404 page in step S324 described above, the target user can learn that there is no access right to the requested page.
Through the technical scheme of the embodiment, after the page jump request of the target user is detected, the unified resource locator of the browser address bar is verified by adopting the overall routing rule of the target user, so that the access of the target user to the system resource is controlled, and the security of the network system is improved.
In some embodiments of the present invention, before the step S101, the method further includes:
And obtaining a routing rule file, and configuring and registering a routing manager according to the routing rule file.
In this embodiment, the routing rule file includes a generic routing array and a dynamic routing array, where the generic routing array includes basic pages such as a login page and a 404 page, and the dynamic routing array includes various service processing pages, and configures a registration item route based on the generic routing array.
In this embodiment, vue-router may be installed in the vue.js entry first, and the obtained routing rule file named index.js or index.ts placed under the src/router directory of the entry, then the route is introduced and used in the Vue instance, and finally < router-link > in the Vue component creates navigation links that will correspond to the paths defined in the routing rule file.
The flowcharts provided by this embodiment are not intended to indicate that the operations of the method are to be performed in any particular order, or that all of the operations of the method are included in all of each case. Further, the method may include additional operations. Additional variations may be made to the above-described methods within the scope of the technical ideas provided by the methods of the present embodiments.
It is to be understood that in some embodiments, portions may be implemented in hardware, software, firmware, or a combination thereof. In the above-described embodiments, the various steps or methods may be implemented in software or firmware stored in a memory and executed by a suitable instruction execution system.
The present embodiment also provides a computer program product 10, a computer readable storage medium 20. Fig. 6 is a schematic diagram of a computer program product 10 according to one embodiment of the invention, and fig. 7 is a schematic diagram of a computer readable storage medium 20 according to one embodiment of the invention. The computer program product 10 comprises a computer program 11 which when executed by a processor 32 implements the steps of any of the traffic role based route management methods described above. The computer-readable storage medium 20 has stored thereon the computer program 11 described above, which when executed by the processor 32 implements the steps of the traffic role based route management method of any of the embodiments described above.
The computer program 11 for carrying out operations of the present invention may be assembly instructions, instruction set architecture (Instruction Set Architecture, ISA) instructions, machine-related instructions, microcode, firmware instructions, state setting data, configuration data for an integrated circuit, or source or object code written in any combination of one or more programming languages and procedural programming languages. The computer program 11 may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the latter scenario, the remote computer may be connected to the user's computer through any type of network, including a local area network (Local AreaNetwork, LAN) or a wide area network (Wide Area Network, WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider). In some embodiments, in order to perform the aspects of the invention, electronic circuitry, including, for example, programmable logic circuitry, field-Programmable gate array (FPGA) GATE ARRAY, or Programmable logic array (Programmable Logic Array, PLA), may be implemented by using state information of the computer-readable program instructions to personalize the electronic circuitry.
For the purposes of the description of this embodiment, computer program product 10 is a related product containing computer program 11.
For the purposes of this description of the embodiment, a computer-readable storage medium 20 is a tangible apparatus that can retain and store a computer program 11, which can be any means that can contain, store, communicate, propagate, or use the computer program 11 for use by or in connection with the instruction execution system, apparatus, or device. More specific examples (a non-exhaustive list) of the computer-readable storage medium 20 include a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), a Static Random Access Memory (SRAM), a portable compact disc read-only memory (CD-ROM), a Digital Versatile Disc (DVD), a memory stick, a floppy disk, a mechanical coding device, and any suitable combination of the foregoing.
By now it should be appreciated by those skilled in the art that while a number of exemplary embodiments of the invention have been shown and described herein in detail, many other variations or modifications of the invention consistent with the principles of the invention may be directly ascertained or inferred from the present disclosure without departing from the spirit and scope of the invention. Accordingly, the scope of the present invention should be understood and deemed to cover all such other variations or modifications.