[go: up one dir, main page]

CN116842220B - Data access method based on logic classification and data role control - Google Patents

Data access method based on logic classification and data role control Download PDF

Info

Publication number
CN116842220B
CN116842220B CN202310824122.1A CN202310824122A CN116842220B CN 116842220 B CN116842220 B CN 116842220B CN 202310824122 A CN202310824122 A CN 202310824122A CN 116842220 B CN116842220 B CN 116842220B
Authority
CN
China
Prior art keywords
metadata
data
node
logical
classification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202310824122.1A
Other languages
Chinese (zh)
Other versions
CN116842220A (en
Inventor
杨晓娟
郭学军
李新
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Institute of Tibetan Plateau Research of CAS
Original Assignee
Institute of Tibetan Plateau Research of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Institute of Tibetan Plateau Research of CAS filed Critical Institute of Tibetan Plateau Research of CAS
Priority to CN202310824122.1A priority Critical patent/CN116842220B/en
Publication of CN116842220A publication Critical patent/CN116842220A/en
Application granted granted Critical
Publication of CN116842220B publication Critical patent/CN116842220B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/901Indexing; Data structures therefor; Storage structures
    • G06F16/9027Trees
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Databases & Information Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Mining & Analysis (AREA)
  • Computer Hardware Design (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention provides a data access method based on logic classification and data role control, which comprises the following steps: storing a plurality of pieces of source data through a source data storage module; constructing a metadata list; establishing a logic classification hierarchical tree; establishing a data role list; the user's data access request is processed. The invention establishes the logic classification hierarchical tree and the data role list, and the data roles in the data role list and the logic classification nodes in the logic classification hierarchical tree have a mapping relation, so that the source data range accessible to the user can be quickened, and the efficiency of the user on the source data access is improved. In addition, the method has the advantage that the logic classification hierarchical tree and the data role list are easy to update and maintain.

Description

一种基于逻辑分类和数据角色控制的数据访问方法A data access method based on logical classification and data role control

技术领域Technical field

本发明属于数据访问技术领域,具体涉及一种基于逻辑分类和数据角色控制的数据访问方法。The invention belongs to the technical field of data access, and specifically relates to a data access method based on logical classification and data role control.

背景技术Background technique

各类科学数据中心,存储有大量源数据,例如,某气象站2017年水文气象观测网源数据,某区域2019年逐日地表蒸散发源数据,某地区2013年上游植被源数据等。在数据访问权限控制上,采用用户注册登录,根据用户权限获取相关源数据的方式。由于源数据的数据量较大,因此,具有源数据申请访问维护管理工作量大,以及用户申请访问源数据过程复杂,等待批复时间长等问题,难以使用户快速访问到相关的源数据。Various scientific data centers store a large amount of source data, such as the hydrometeorological observation network source data of a weather station in 2017, the daily surface evapotranspiration source data of a certain region in 2019, the upstream vegetation source data of a certain region in 2013, etc. In terms of data access permission control, user registration and login are adopted, and relevant source data is obtained according to user permissions. Due to the large amount of source data, it is difficult for users to quickly access relevant source data due to the large workload of source data application, maintenance and management, the complicated process of user application to access source data, and the long waiting time for approval.

发明内容Contents of the invention

针对现有技术存在的缺陷,本发明提供一种基于逻辑分类和数据角色控制的数据访问方法,可有效解决上述问题。In view of the shortcomings of the existing technology, the present invention provides a data access method based on logical classification and data role control, which can effectively solve the above problems.

本发明采用的技术方案如下:The technical solutions adopted by the present invention are as follows:

本发明提供一种基于逻辑分类和数据角色控制的数据访问方法,包括以下步骤:The present invention provides a data access method based on logical classification and data role control, which includes the following steps:

步骤1,通过源数据存储模块,存储多条源数据;Step 1: Store multiple pieces of source data through the source data storage module;

步骤2,构建元数据列表,所述元数据列表存储每条源数据对应的元数据;所述元数据为所述源数据的描述信息,所述元数据的属性包括所述源数据的名称以及所述源数据的存储路径;Step 2: Construct a metadata list that stores metadata corresponding to each piece of source data; the metadata is the description information of the source data, and the attributes of the metadata include the name of the source data and The storage path of the source data;

步骤3,通过逻辑分类管理模块,建立逻辑分类层次树;所述逻辑分类层次树为多个逻辑分类节点形成的树形结构,将任意逻辑分类节点表示为:逻辑分类节点nodeij,代表逻辑分类层次树中第i层第j个逻辑分类节点;Step 3: Establish a logical classification hierarchical tree through the logical classification management module; the logical classification hierarchical tree is a tree structure formed by multiple logical classification nodes, and any logical classification node is represented as: logical classification node node ij , representing logical classification. The j-th logical classification node at the i-th level in the hierarchical tree;

通过逻辑分类节点配置控件,对逻辑分类节点nodeij进行配置,得到逻辑分类节点nodeij的配置信息,具体为:定义逻辑分类节点nodeij的逻辑分类节点名称;配置逻辑分类节点nodeij的父级逻辑分类节点名称;向该逻辑分类节点nodeij绑定元数据,所绑定的元数据属于该逻辑分类节点nodeij,但不属于该逻辑分类节点nodeij的子节点;因此,所述逻辑分类节点nodeij的配置信息包括逻辑分类节点名称、父级逻辑分类节点名称和绑定的元数据;Configure the logical classification node node ij through the logical classification node configuration control to obtain the configuration information of the logical classification node node ij , specifically: define the logical classification node name of the logical classification node node ij ; configure the parent of the logical classification node node ij Logical classification node name; bind metadata to the logical classification node node ij , and the bound metadata belongs to the logical classification node node ij , but does not belong to the child node of the logical classification node node ij ; therefore, the logical classification The configuration information of node node ij includes the name of the logical classification node, the name of the parent logical classification node and the bound metadata;

步骤4,通过数据角色管理模块,建立数据角色列表;所述数据角色列表包括多条数据角色;Step 4: Create a data role list through the data role management module; the data role list includes multiple data roles;

通过数据角色配置控件,对每条数据角色进行配置,具体为:定义数据角色的名称;定义数据角色的说明描述信息;定义数据角色的操作权限;所述操作权限包括:元数据访问权限、元数据对应的源数据预览权限、元数据对应的源数据下载权限;向每条数据角色绑定一个或多个逻辑分类节点;向每条数据角色绑定一个或多个用户ID;Configure each data role through the data role configuration control, specifically: define the name of the data role; define the description information of the data role; define the operation permissions of the data role; the operation permissions include: metadata access permissions, metadata The source data preview permission corresponding to the data and the source data download permission corresponding to the metadata; one or more logical classification nodes are bound to each data role; one or more user IDs are bound to each data role;

步骤5,当接收到用户的数据访问请求时,从所述数据访问请求中获取用户ID;Step 5: When receiving the user's data access request, obtain the user ID from the data access request;

基于用户ID检索所述数据角色列表,获得与所述用户ID绑定的每条数据角色,再从获得的每条数据角色中获得操作权限以及对应的逻辑分类节点;Retrieve the data role list based on the user ID, obtain each data role bound to the user ID, and then obtain operation permissions and corresponding logical classification nodes from each obtained data role;

对于获得的每个逻辑分类节点,执行以下操作:For each logical classification node obtained, do the following:

基于获得的逻辑分类节点,在所述逻辑分类层次树中定位到所述逻辑分类节点,遍历所述逻辑分类节点及其所有子孙节点,获得遍历到的各个逻辑分类节点绑定的元数据,得到元数据集合,并将所述元数据集合与对应的操作权限绑定;Based on the obtained logical classification node, locate the logical classification node in the logical classification hierarchy tree, traverse the logical classification node and all its descendant nodes, and obtain the metadata bound to each traversed logical classification node, and obtain Metadata collection, and binding the metadata collection with the corresponding operation permissions;

然后,将获得的元数据集合作为当前用户被允许访问的范围,推送给用户界面;Then, the obtained metadata set is pushed to the user interface as the scope that the current user is allowed to access;

对于某条元数据,如果其操作权限为元数据访问权限,则仅允许访问该元数据;如果其操作权限为元数据对应的源数据预览权限,则:当该元数据被点击时,根据所述元数据属性中的源数据的存储路径,从所述源数据存储模块中读取到对应的源数据,并将所述源数据预览到界面;如果其操作权限为元数据对应的源数据下载权限,则:当该元数据被点击时,根据所述元数据属性中的源数据的存储路径,从所述源数据存储模块中读取到对应的源数据,并将所述源数据下载给用户。For a certain piece of metadata, if its operation permission is metadata access permission, only the metadata is allowed to be accessed; if its operation permission is the source data preview permission corresponding to the metadata, then: when the metadata is clicked, according to the Describe the storage path of the source data in the metadata attribute, read the corresponding source data from the source data storage module, and preview the source data to the interface; if its operation permission is to download the source data corresponding to the metadata permission, then: when the metadata is clicked, the corresponding source data is read from the source data storage module according to the storage path of the source data in the metadata attribute, and the source data is downloaded to user.

优选的,通过逻辑分类节点配置控件,对逻辑分类节点nodeij进行配置,还包括:Preferably, the logical classification node node ij is configured through the logical classification node configuration control, which also includes:

所述逻辑分类节点配置控件,包括新建逻辑分类节点子控件、编辑逻辑分类节点子控件、删除逻辑分类节点子控件和翻译逻辑分类节点子控件;The logical classification node configuration control includes a new logical classification node sub-control, an edit logical classification node sub-control, a deletion logical classification node sub-control and a translation logical classification node sub-control;

所述新建逻辑分类节点子控件,用于在所述逻辑分类层次树中新建立逻辑分类节点,方法为:设定新建立的逻辑分类节点的属性,包括:设定新建立的逻辑分类节点的名称、父级逻辑分类节点名称、绑定的元数据、在同一层的兄弟逻辑分类节点的次序号,该新建立的逻辑分类节点的缩略图;同时,更新同一层的其他兄弟逻辑分类节点的次序号;The new logical classification node sub-control is used to create a new logical classification node in the logical classification hierarchy tree. The method is: setting the attributes of the newly created logical classification node, including: setting the properties of the newly created logical classification node. Name, parent logical classification node name, bound metadata, sequence number of sibling logical classification nodes on the same layer, thumbnail of the newly created logical classification node; at the same time, update the names of other sibling logical classification nodes on the same layer sequence number;

编辑逻辑分类节点子控件,用于对已建立的逻辑分类节点的属性进行编辑;Edit logical classification node sub-control, used to edit the properties of the established logical classification node;

删除逻辑分类节点子控件,用于删除已建立的逻辑分类节点及其子孙节点,同时更新同一层的兄弟逻辑分类节点的次序号;Delete logical classification node sub-control, used to delete the established logical classification node and its descendant nodes, and at the same time update the sequence number of the sibling logical classification nodes on the same layer;

翻译逻辑分类节点子控件,用于向已建立的逻辑分类节点添加翻译信息。The translation logical classification node sub-control is used to add translation information to the established logical classification node.

优选的,向该逻辑分类节点nodeij绑定元数据,具体为:Preferably, metadata is bound to the logical classification node node ij , specifically as follows:

所述逻辑分类节点配置控件包括元数据绑定子控件,当针对逻辑分类节点nodeij触发元数据绑定子控件时,所述元数据绑定子控件,向所述逻辑分类节点nodeij绑定元数据,方法为:The logical classification node configuration control includes a metadata binding sub-control. When the metadata binding sub-control is triggered for the logical classification node node ij , the metadata binding sub-control is bound to the logical classification node node ij. Metadata, the method is:

所述元数据绑定子控件,调用并打开元数据绑定界面;读取所述元数据列表中的各条元数据,并将各条所述元数据显示到所述元数据绑定界面;当接收到用户通过元数据绑定界面输入的关键词时,过滤所述元数据,得到与所述关键词关联的多条元数据,并将与所述关键词关联的多条元数据绑定到所述逻辑分类节点nodeijThe metadata binding sub-control calls and opens the metadata binding interface; reads each piece of metadata in the metadata list, and displays each piece of metadata to the metadata binding interface; When receiving keywords input by the user through the metadata binding interface, the metadata is filtered to obtain multiple pieces of metadata associated with the keywords, and the multiple pieces of metadata associated with the keywords are bound. to the logical classification node node ij .

优选的,还包括:Preferably, it also includes:

设置缓存服务器,所述缓存服务器将所述元数据列表、所述逻辑分类层次树和所述数据角色列表加载到缓存池中;Set up a cache server, and the cache server loads the metadata list, the logical classification hierarchy tree and the data role list into the cache pool;

当接收到用户的数据访问请求时,从所述数据访问请求中获取用户ID;将用户ID作为请求参数发送给所述缓存服务器;所述缓存服务器从所述缓存池中检索到对应的数据角色,再获得操作权限以及对应的逻辑分类节点;再根据获得的逻辑分类节点,得到元数据集合,然后,将获得的元数据集合作为当前用户被允许访问的范围,推送给用户界面。When a user's data access request is received, the user ID is obtained from the data access request; the user ID is sent to the cache server as a request parameter; the cache server retrieves the corresponding data role from the cache pool , and then obtain the operation permissions and the corresponding logical classification nodes; then obtain the metadata set based on the obtained logical classification nodes, and then push the obtained metadata set to the user interface as the range that the current user is allowed to access.

优选的,还包括:Preferably, it also includes:

特殊元数据绑定控件,用于向用户ID直接绑定选定的多条元数据,赋与用户ID对绑定的元数据的访问权限。A special metadata binding control is used to directly bind multiple selected pieces of metadata to a user ID and grant the user ID access rights to the bound metadata.

本发明提供的一种基于逻辑分类和数据角色控制的数据访问方法具有以下优点:A data access method based on logical classification and data role control provided by the present invention has the following advantages:

本发明建立逻辑分类层次树和数据角色列表,并且,数据角色列表中的数据角色,与逻辑分类层次树中的逻辑分类节点具有映射关系,从而能够加快查找到用户可访问的源数据范围,提高了用户对源数据访问的效率。另外,具有逻辑分类层次树和数据角色列表易更新维护的优点。The present invention establishes a logical classification hierarchical tree and a data role list, and the data roles in the data role list have a mapping relationship with the logical classification nodes in the logical classification hierarchical tree, thereby speeding up the search for the user-accessible source data range and improving Improves the efficiency of user access to source data. In addition, it has the advantage that the logical classification hierarchical tree and data role list are easy to update and maintain.

附图说明Description of drawings

图1为本发明提供的一种基于逻辑分类和数据角色控制的数据访问方法的流程示意图;Figure 1 is a schematic flow chart of a data access method based on logical classification and data role control provided by the present invention;

图2为本发明实施例提供的逻辑分类层次树的一种示意图;Figure 2 is a schematic diagram of a logical classification hierarchical tree provided by an embodiment of the present invention;

图3为本发明实施例提供的元数据绑定界面图。Figure 3 is a metadata binding interface diagram provided by an embodiment of the present invention.

具体实施方式Detailed ways

为了使本发明所解决的技术问题、技术方案及有益效果更加清楚明白,以下结合附图及实施例,对本发明进行进一步详细说明。应当理解,此处所描述的具体实施例仅用以解释本发明,并不用于限定本发明。In order to make the technical problems, technical solutions and beneficial effects solved by the present invention clearer, the present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention and are not intended to limit the present invention.

本发明提供一种基于逻辑分类和数据角色控制的数据访问方法,参考图1,包括以下步骤:The present invention provides a data access method based on logical classification and data role control. Referring to Figure 1, it includes the following steps:

步骤1,通过源数据存储模块,存储多条源数据;Step 1: Store multiple pieces of source data through the source data storage module;

步骤2,构建元数据列表,所述元数据列表存储每条源数据对应的元数据;所述元数据为所述源数据的描述信息,所述元数据的属性包括所述源数据的名称以及所述源数据的存储路径;Step 2: Construct a metadata list that stores metadata corresponding to each piece of source data; the metadata is the description information of the source data, and the attributes of the metadata include the name of the source data and The storage path of the source data;

因此,一条源数据唯一对应一条元数据,元数据的属性包括但不限于源数据的名称以及源数据的存储路径,也可以包括其他描述信息,本申请对此并不限制。Therefore, a piece of source data uniquely corresponds to a piece of metadata. The attributes of the metadata include but are not limited to the name of the source data and the storage path of the source data. They may also include other description information, which is not limited by this application.

步骤3,通过逻辑分类管理模块,建立逻辑分类层次树;所述逻辑分类层次树为多个逻辑分类节点形成的树形结构,将任意逻辑分类节点表示为:逻辑分类节点nodeij,代表逻辑分类层次树中第i层第j个逻辑分类节点;如图2所示,为逻辑分类层次树的一种具体示例示意图,在图2中,逻辑分类节点为根节点;专题分类节点和基金类型管理节点为第1层逻辑分类节点;专题分类节点作为第1层逻辑分类节点,进一步包括多个第2层逻辑分类节点,作为其子节点。Step 3: Establish a logical classification hierarchical tree through the logical classification management module; the logical classification hierarchical tree is a tree structure formed by multiple logical classification nodes, and any logical classification node is represented as: logical classification node node ij , representing logical classification. The j-th logical classification node at the i-th level in the hierarchical tree; as shown in Figure 2, it is a schematic diagram of a specific example of a logical classification hierarchical tree. In Figure 2, the logical classification node is the root node; thematic classification nodes and fund type management The node is a first-level logical classification node; the topic classification node is a first-level logical classification node, and further includes multiple second-level logical classification nodes as its child nodes.

通过逻辑分类节点配置控件,对逻辑分类节点nodeij进行配置,得到逻辑分类节点nodeij的配置信息,具体为:定义逻辑分类节点nodeij的逻辑分类节点名称;配置逻辑分类节点nodeij的父级逻辑分类节点名称;向该逻辑分类节点nodeij绑定元数据,所绑定的元数据属于该逻辑分类节点nodeij,但不属于该逻辑分类节点nodeij的子节点;因此,所述逻辑分类节点nodeij的配置信息包括逻辑分类节点名称、父级逻辑分类节点名称和绑定的元数据;Configure the logical classification node node ij through the logical classification node configuration control to obtain the configuration information of the logical classification node node ij , specifically: define the logical classification node name of the logical classification node node ij ; configure the parent of the logical classification node node ij Logical classification node name; bind metadata to the logical classification node node ij , and the bound metadata belongs to the logical classification node node ij , but does not belong to the child node of the logical classification node node ij ; therefore, the logical classification The configuration information of node node ij includes the name of the logical classification node, the name of the parent logical classification node and the bound metadata;

本发明中,通过逻辑分类节点配置控件,对逻辑分类节点nodeij进行配置,还包括:In the present invention, the logical classification node node ij is configured through the logical classification node configuration control, which also includes:

所述逻辑分类节点配置控件,包括新建逻辑分类节点子控件、编辑逻辑分类节点子控件、删除逻辑分类节点子控件和翻译逻辑分类节点子控件;The logical classification node configuration control includes a new logical classification node sub-control, an edit logical classification node sub-control, a deletion logical classification node sub-control and a translation logical classification node sub-control;

所述新建逻辑分类节点子控件,用于在所述逻辑分类层次树中新建立逻辑分类节点,方法为:设定新建立的逻辑分类节点的属性,包括:设定新建立的逻辑分类节点的名称、父级逻辑分类节点名称、绑定的元数据、在同一层的兄弟逻辑分类节点的次序号,该新建立的逻辑分类节点的缩略图;同时,更新同一层的其他兄弟逻辑分类节点的次序号;The new logical classification node sub-control is used to create a new logical classification node in the logical classification hierarchy tree. The method is: setting the attributes of the newly created logical classification node, including: setting the properties of the newly created logical classification node. Name, parent logical classification node name, bound metadata, sequence number of sibling logical classification nodes on the same layer, thumbnail of the newly created logical classification node; at the same time, update the names of other sibling logical classification nodes on the same layer sequence number;

编辑逻辑分类节点子控件,用于对已建立的逻辑分类节点的属性进行编辑;Edit logical classification node sub-control, used to edit the properties of the established logical classification node;

删除逻辑分类节点子控件,用于删除已建立的逻辑分类节点及其子孙节点,同时更新同一层的兄弟逻辑分类节点的次序号;Delete logical classification node sub-control, used to delete the established logical classification node and its descendant nodes, and at the same time update the sequence number of the sibling logical classification nodes on the same layer;

翻译逻辑分类节点子控件,用于向已建立的逻辑分类节点添加翻译信息。The translation logical classification node sub-control is used to add translation information to the established logical classification node.

作为一种具体实施方式,向该逻辑分类节点nodeij绑定元数据,具体为:As a specific implementation method, metadata is bound to the logical classification node node ij , specifically:

所述逻辑分类节点配置控件包括元数据绑定子控件,当针对逻辑分类节点nodeij触发元数据绑定子控件时,所述元数据绑定子控件,向所述逻辑分类节点nodeij绑定元数据,方法为:如图3所示,为元数据绑定界面图,所述元数据绑定子控件,调用并打开元数据绑定界面;读取所述元数据列表中的各条元数据,并将各条所述元数据显示到所述元数据绑定界面;当接收到用户通过元数据绑定界面输入的关键词时,过滤所述元数据,得到与所述关键词关联的多条元数据,并将与所述关键词关联的多条元数据绑定到所述逻辑分类节点nodeijThe logical classification node configuration control includes a metadata binding sub-control. When the metadata binding sub-control is triggered for the logical classification node node ij , the metadata binding sub-control is bound to the logical classification node node ij. Metadata, the method is: as shown in Figure 3, which is a metadata binding interface diagram, the metadata binding sub-control calls and opens the metadata binding interface; reads each element in the metadata list data, and display each piece of metadata to the metadata binding interface; when receiving keywords input by the user through the metadata binding interface, filter the metadata to obtain the keywords associated with the keywords. Multiple pieces of metadata are bound to the multiple pieces of metadata associated with the keywords to the logical classification node node ij .

本发明中,根据源数据之间的逻辑关系,建立逻辑分类层次树;针对每条源数据,建立对应的一条元数据;逻辑分类层次树中的每个逻辑分类节点,可绑定一条或多条元数据,而通过每条元数据中的源数据存储路径,可访问到对应的源数据。此种设计的优点为:将元数据与逻辑分类节点绑定建立映射关系,通过在逻辑分类层次树中定位到逻辑分类节点后,可快速获得对应的元数据,并根据元数据中的源数据存储路径,直接定位到对应的源数据,因此,加快了源数据定位速度。另外,采用逻辑分类层次树的结构对元数据进行分类分级管理,方便逻辑分类层次树的更新以及元数据相关分类标签的更新。In the present invention, a logical classification hierarchy tree is established based on the logical relationship between source data; for each piece of source data, a corresponding piece of metadata is established; each logical classification node in the logical classification hierarchy tree can be bound to one or more piece of metadata, and the corresponding source data can be accessed through the source data storage path in each piece of metadata. The advantage of this design is that it binds metadata to logical classification nodes to establish a mapping relationship. By locating the logical classification node in the logical classification hierarchy tree, the corresponding metadata can be quickly obtained, and the corresponding metadata can be quickly obtained based on the source data in the metadata. The storage path directly locates the corresponding source data, thus speeding up the source data location. In addition, the structure of a logical classification hierarchical tree is used to carry out classification and hierarchical management of metadata, which facilitates the update of the logical classification hierarchical tree and the update of metadata-related classification labels.

步骤4,通过数据角色管理模块,建立数据角色列表;所述数据角色列表包括多条数据角色;Step 4: Create a data role list through the data role management module; the data role list includes multiple data roles;

通过数据角色配置控件,对每条数据角色进行配置,具体为:定义数据角色的名称;定义数据角色的说明描述信息;定义数据角色的操作权限;所述操作权限包括:元数据访问权限、元数据对应的源数据预览权限、元数据对应的源数据下载权限;向每条数据角色绑定一个或多个逻辑分类节点;向每条数据角色绑定一个或多个用户ID;Configure each data role through the data role configuration control, specifically: define the name of the data role; define the description information of the data role; define the operation permissions of the data role; the operation permissions include: metadata access permissions, metadata The source data preview permission corresponding to the data and the source data download permission corresponding to the metadata; one or more logical classification nodes are bound to each data role; one or more user IDs are bound to each data role;

本发明中,通过数据角色列表,实现数据角色与逻辑分类节点的绑定,以及数据角色与用户ID的绑定,并且,数据角色具有操作权限,从而间接实现逻辑分类节点、用户ID和操作权限的映射,根据用户ID,可快速关联到逻辑分类节点,实现在操作权限的限制下,对逻辑分类节点绑定的元数据对应的数据源的访问。采用数据角色列表的管理方式,方便对数据角色中的每个元素进行更新和维护。In the present invention, through the data role list, the binding of data roles and logical classification nodes is realized, as well as the binding of data roles and user IDs. Moreover, the data roles have operation permissions, thereby indirectly realizing the logical classification nodes, user IDs and operation permissions. Mapping, according to the user ID, can be quickly associated with the logical classification node, enabling access to the data source corresponding to the metadata bound to the logical classification node under the restrictions of operating permissions. The data role list management method is used to facilitate the update and maintenance of each element in the data role.

步骤5,当接收到用户的数据访问请求时,从所述数据访问请求中获取用户ID;Step 5: When receiving the user's data access request, obtain the user ID from the data access request;

基于用户ID检索所述数据角色列表,获得与所述用户ID绑定的每条数据角色,再从获得的每条数据角色中获得操作权限以及对应的逻辑分类节点;Retrieve the data role list based on the user ID, obtain each data role bound to the user ID, and then obtain operation permissions and corresponding logical classification nodes from each obtained data role;

对于获得的每个逻辑分类节点,执行以下操作:For each logical classification node obtained, do the following:

基于获得的逻辑分类节点,在所述逻辑分类层次树中定位到所述逻辑分类节点,遍历所述逻辑分类节点及其所有子孙节点,获得遍历到的各个逻辑分类节点绑定的元数据,得到元数据集合,并将所述元数据集合与对应的操作权限绑定;Based on the obtained logical classification node, locate the logical classification node in the logical classification hierarchy tree, traverse the logical classification node and all its descendant nodes, and obtain the metadata bound to each traversed logical classification node, and obtain Metadata collection, and binding the metadata collection with the corresponding operation permissions;

然后,将获得的元数据集合作为当前用户被允许访问的范围,推送给用户界面;Then, the obtained metadata set is pushed to the user interface as the scope that the current user is allowed to access;

对于某条元数据,如果其操作权限为元数据访问权限,则仅允许访问该元数据;如果其操作权限为元数据对应的源数据预览权限,则:当该元数据被点击时,根据所述元数据属性中的源数据的存储路径,从所述源数据存储模块中读取到对应的源数据,并将所述源数据预览到界面;如果其操作权限为元数据对应的源数据下载权限,则:当该元数据被点击时,根据所述元数据属性中的源数据的存储路径,从所述源数据存储模块中读取到对应的源数据,并将所述源数据下载给用户。For a certain piece of metadata, if its operation permission is metadata access permission, only the metadata is allowed to be accessed; if its operation permission is the source data preview permission corresponding to the metadata, then: when the metadata is clicked, according to the Describe the storage path of the source data in the metadata attribute, read the corresponding source data from the source data storage module, and preview the source data to the interface; if its operation permission is to download the source data corresponding to the metadata permission, then: when the metadata is clicked, the corresponding source data is read from the source data storage module according to the storage path of the source data in the metadata attribute, and the source data is downloaded to user.

作为一种具体实施方式,还包括:设置缓存服务器,所述缓存服务器将所述元数据列表、所述逻辑分类层次树和所述数据角色列表加载到缓存池中,并及时更新相关变量改动;As a specific implementation method, it also includes: setting up a cache server, the cache server loads the metadata list, the logical classification hierarchy tree and the data role list into the cache pool, and updates relevant variable changes in a timely manner;

当接收到用户的数据访问请求时,从所述数据访问请求中获取用户ID;将用户ID作为请求参数发送给所述缓存服务器;所述缓存服务器从所述缓存池中检索到对应的数据角色,再获得操作权限以及对应的逻辑分类节点;再根据获得的逻辑分类节点,得到元数据集合,然后,将获得的元数据集合作为当前用户被允许访问的范围,推送给用户界面。通过设置缓存服务器和缓存池,能够预先组织好相关映射结构,提高数据访问的速度。When a user's data access request is received, the user ID is obtained from the data access request; the user ID is sent to the cache server as a request parameter; the cache server retrieves the corresponding data role from the cache pool , and then obtain the operation permissions and the corresponding logical classification nodes; then obtain the metadata set based on the obtained logical classification nodes, and then push the obtained metadata set to the user interface as the range that the current user is allowed to access. By setting up cache servers and cache pools, the relevant mapping structures can be organized in advance to improve the speed of data access.

作为一种具体实施方式,还包括:特殊元数据绑定控件,用于向用户ID直接绑定选定的多条元数据,赋与用户ID对绑定的元数据的访问权限。As a specific implementation manner, it also includes: a special metadata binding control, used to directly bind multiple selected pieces of metadata to the user ID, and grant the user ID access rights to the bound metadata.

本发明提供的一种基于逻辑分类和数据角色控制的数据访问方法具有以下优点:A data access method based on logical classification and data role control provided by the present invention has the following advantages:

本发明建立逻辑分类层次树和数据角色列表,并且,数据角色列表中的数据角色,与逻辑分类层次树中的逻辑分类节点具有映射关系,从而能够加快查找到用户可访问的源数据范围,提高了用户对源数据访问的效率。另外,具有逻辑分类层次树和数据角色列表易更新维护的优点。The present invention establishes a logical classification hierarchical tree and a data role list, and the data roles in the data role list have a mapping relationship with the logical classification nodes in the logical classification hierarchical tree, thereby speeding up the search for the user-accessible source data range and improving Improves the efficiency of user access to source data. In addition, it has the advantage that the logical classification hierarchical tree and data role list are easy to update and maintain.

以上所述仅是本发明的优选实施方式,应当指出,对于本技术领域的普通技术人员来说,在不脱离本发明原理的前提下,还可以做出若干改进和润饰,这些改进和润饰也应视本发明的保护范围。The above are only preferred embodiments of the present invention. It should be noted that those skilled in the art can make several improvements and modifications without departing from the principles of the present invention. These improvements and modifications can also be made. The scope of protection of the present invention should be considered.

Claims (5)

1. The data access method based on logic classification and data role control is characterized by comprising the following steps:
step 1, storing a plurality of source data through a source data storage module;
step 2, constructing a metadata list, wherein the metadata list stores metadata corresponding to each piece of source data; the metadata is description information of the source data, and the attribute of the metadata comprises the name of the source data and the storage path of the source data;
step 3, classifying by logicThe management module is used for establishing a logic classification hierarchical tree; the logic classification hierarchical tree is a tree structure formed by a plurality of logic classification nodes, and any logic classification node is represented as: logical classification node ij Representing the j-th logical classification node of the i-th layer in the logical classification hierarchical tree;
configuring a control through the logic classification node, and performing node configuration on the logic classification node ij Configuring to obtain a logic classification node ij Specifically, the configuration information of (a) is: definition of logical Classification node ij Is a logical classification node name; configuring a logical classification node ij Is a parent level logical classification node name; to the logical classification node ij Binding metadata, the bound metadata belonging to the logical classification node ij But not of the logical classification node ij Is a child node of (a); thus, the logical classification node ij The configuration information of (1) comprises a logic classification node name, a father level logic classification node name and binding metadata;
step 4, establishing a data role list through a data role management module; the data role list comprises a plurality of data roles;
each data role is configured through a data role configuration control, specifically: defining the name of the data role; defining description information of data roles; defining the operation authority of the data role; the operation authority includes: metadata access rights, source data preview rights corresponding to metadata, source data download rights corresponding to metadata; binding one or more logical classification nodes to each data role; binding one or more user IDs to each data role;
step 5, when a data access request of a user is received, acquiring a user ID from the data access request;
retrieving the data role list based on the user ID, obtaining each data role bound with the user ID, and obtaining operation authority and corresponding logic classification nodes from each obtained data role;
for each logical classification node obtained, the following operations are performed:
based on the obtained logic classification nodes, positioning the logic classification nodes in the logic classification hierarchical tree, traversing the logic classification nodes and all descendant nodes thereof, obtaining metadata bound by each traversed logic classification node, obtaining a metadata set, and binding the metadata set with corresponding operation authorities;
then, the obtained metadata set is used as the range which the current user is allowed to access, and is pushed to a user interface;
for a certain piece of metadata, if the operation authority is metadata access authority, only the metadata is allowed to be accessed; if the operation authority is the source data preview authority corresponding to the metadata, the method comprises the following steps: when the metadata is clicked, reading the corresponding source data from the source data storage module according to the storage path of the source data in the metadata attribute, and previewing the source data to an interface; if the operation authority is the source data downloading authority corresponding to the metadata, the method comprises the following steps: when the metadata is clicked, the corresponding source data is read from the source data storage module according to the storage path of the source data in the metadata attribute, and the source data is downloaded to a user.
2. The method for data access based on logical classification and data role control according to claim 1, wherein the logical classification node is configured with a control by the logical classification node ij Configuring further comprises:
the logic classification node configuration control comprises a newly built logic classification node sub-control, an edited logic classification node sub-control, a deleted logic classification node sub-control and a translated logic classification node sub-control;
the newly-built logic classification node child control is used for newly building logic classification nodes in the logic classification hierarchical tree, and the method comprises the following steps: setting the attribute of the newly established logical classification node, including: setting the name of a newly established logical classification node, the name of a father-level logical classification node, bound metadata and the sequence number of a brother logical classification node in the same layer, wherein the thumbnail of the newly established logical classification node; meanwhile, updating the sequence numbers of other brother logic classification nodes of the same layer;
editing a logical classification node child control, which is used for editing the attribute of the established logical classification node;
deleting the child control of the logical classification node, which is used for deleting the established logical classification node and the descendant node thereof, and updating the sequence number of the sibling logical classification node of the same layer;
and the translation logic classification node child control is used for adding translation information to the established logic classification node.
3. The method for data access based on logical classification and data role control according to claim 1, wherein the logical classification node is given to ij Binding metadata, specifically:
the logical classification node configuration control comprises a metadata binding sub-control when specific to the logical classification node ij When the metadata binding sub-control is triggered, the metadata binding sub-control is used for node to the logic classification node ij Binding metadata, the method is as follows:
the metadata binding sub-control invokes and opens a metadata binding interface; reading each piece of metadata in the metadata list, and displaying each piece of metadata to the metadata binding interface; when receiving a keyword input by a user through a metadata binding boundary surface, filtering the metadata to obtain a plurality of metadata associated with the keyword, and binding the plurality of metadata associated with the keyword to the logic classification node ij
4. The data access method based on logic classification and data role control of claim 1, further comprising:
setting a cache server, wherein the cache server loads the metadata list, the logic classification hierarchical tree and the data role list into a cache pool;
when a data access request of a user is received, acquiring a user ID from the data access request; sending the user ID as a request parameter to the cache server; the cache server retrieves the corresponding data roles from the cache pool and then obtains the operation authority and the corresponding logic classification nodes; and obtaining a metadata set according to the obtained logical classification nodes, and pushing the obtained metadata set to a user interface as the range which the current user is allowed to access.
5. The data access method based on logic classification and data role control of claim 1, further comprising:
and the special metadata binding control is used for directly binding the selected pieces of metadata to the user ID and giving the user ID access rights to the bound metadata.
CN202310824122.1A 2023-07-06 2023-07-06 Data access method based on logic classification and data role control Active CN116842220B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310824122.1A CN116842220B (en) 2023-07-06 2023-07-06 Data access method based on logic classification and data role control

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310824122.1A CN116842220B (en) 2023-07-06 2023-07-06 Data access method based on logic classification and data role control

Publications (2)

Publication Number Publication Date
CN116842220A CN116842220A (en) 2023-10-03
CN116842220B true CN116842220B (en) 2024-01-02

Family

ID=88174008

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310824122.1A Active CN116842220B (en) 2023-07-06 2023-07-06 Data access method based on logic classification and data role control

Country Status (1)

Country Link
CN (1) CN116842220B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104144150A (en) * 2013-05-10 2014-11-12 中国电信股份有限公司 Method, device and system for having access to information through metadata
CN105187365A (en) * 2015-06-04 2015-12-23 北京邮电大学 Method and device for access control based on roles and data items
CN111475841A (en) * 2020-04-07 2020-07-31 腾讯科技(深圳)有限公司 Access control method, related device, equipment, system and storage medium
CN111935131A (en) * 2020-08-06 2020-11-13 中国工程物理研究院计算机应用研究所 SaaS resource access control method based on resource authority tree

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7505958B2 (en) * 2004-09-30 2009-03-17 International Business Machines Corporation Metadata management for a data abstraction model
KR20130047193A (en) * 2011-10-31 2013-05-08 한국전자통신연구원 Method and apparatus for application service delivery using pre-configured access control corresponding to organizational structure

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104144150A (en) * 2013-05-10 2014-11-12 中国电信股份有限公司 Method, device and system for having access to information through metadata
CN105187365A (en) * 2015-06-04 2015-12-23 北京邮电大学 Method and device for access control based on roles and data items
CN111475841A (en) * 2020-04-07 2020-07-31 腾讯科技(深圳)有限公司 Access control method, related device, equipment, system and storage medium
CN111935131A (en) * 2020-08-06 2020-11-13 中国工程物理研究院计算机应用研究所 SaaS resource access control method based on resource authority tree

Also Published As

Publication number Publication date
CN116842220A (en) 2023-10-03

Similar Documents

Publication Publication Date Title
US11468103B2 (en) Relational modeler and renderer for non-relational data
US6816868B1 (en) Database system
JP4406609B2 (en) Techniques for managing multiple hierarchies of data from a single interface
US6675161B1 (en) Managing changes to a directory of electronic documents
US11893046B2 (en) Method and apparatus for implementing a set of integrated data systems
CN102110146B (en) Key-value storage-based distributed file system metadata management method
WO2023087673A1 (en) Hierarchical data retrieval method and apparatus, and device
WO2018036324A1 (en) Smart city information sharing method and device
JP2001313639A (en) System and method for managing network configuration data and recording medium
CN102129539A (en) Data resource authority management method based on access control list
CN105912666A (en) Method for high-performance storage and inquiry of hybrid structure data aiming at cloud platform
CN108984598A (en) A kind of fusion method and system of relationship type geologic database and NoSQL
CN111274294A (en) Universal distributed heterogeneous data integrated logic convergence organization, release and service method and system
CN107832392A (en) A kind of metadata management system
CN105787022A (en) Comprehensive solution for design team data bank
CN101782851B (en) Method for updating displayed page
CN102063666A (en) Platform system for water conservancy information integration and comprehensive data processing
CN117319352A (en) Address book management method, device, equipment and medium based on multi-way tree structure
JP2003067403A (en) Structured document managing device, method therefor, retrieving device and method therefor
CN116842220B (en) Data access method based on logic classification and data role control
US7415478B2 (en) Virtual repository complex content model
US12072868B1 (en) Data retention management for partitioned datasets
US12229081B2 (en) Extending filesystem domains with a domain membership condition
Du et al. Intelligent Resume Retrieval Based on Lucence.
Chong et al. Research and implementation of self-publishing website platforms for universities based on CMS

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant