Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Method for displaying authority after employee in system logs in account thereof

A display method and employee technology, applied in the direction of instruments, electrical digital data processing, digital data protection, etc., can solve the loss of system users, understand their own positions/station numbers that cannot be clearly distinguished, and trace the source of work complicated And other issues

Active Publication Date: 2018-11-23
CHENGDU QIANNIUCAO INFORMATION TECH CO LTD
View PDF5 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] However, the traditional role-based user rights management methods all adopt the "role-to-user one-to-many" association mechanism. / Position / Type of work and other concepts, the authorization of user rights under this association mechanism is basically divided into the following three forms: 1. figure 1 As shown, directly authorizing users has the disadvantages of heavy workload, frequent and cumbersome operations; 2. figure 2 As shown, authorize the role (category / group / position / type of work) (a role can be associated with multiple users), and the user obtains the authority through the role; 3. For example image 3 As shown, the combination of the above two methods
[0006] In the above statement, both 2 and 3 need to authorize the role of class / group nature, but the way of authorization through the role of class / group / post / work type has the following disadvantages: 1. The operation is difficult when the user authority changes: In the actual system use, it is often necessary to adjust the user's permissions during the operation process. For example, when dealing with changes in employee permissions, the permissions of an employee associated with a role change. We cannot Changes to change the permissions of the entire role, because the role is also associated with other employees whose permissions have not changed
The above two processing methods not only take a long time to authorize the role in the case of many role permissions, but also are prone to mistakes. The operation of the user is cumbersome and troublesome, and it is also easy to make mistakes and cause losses to the system user.
[0007] 2. It is difficult to remember the specific permissions contained in the role for a long time: If the role has many permission function points, it is difficult to remember the specific permissions of the role over time, and it is even more difficult to remember the permission differences between roles with similar permissions. To associate a new user, it is impossible to accurately determine how to choose the association
[0008] 3. Due to the change of user permissions, more and more roles will be created (if no new roles are created, the direct authorization to users will be greatly increased), and it is more difficult to distinguish the specific differences between the permissions of each role
[0009] 4. When transferring a post, if you want to assign many permissions of the transferred user to several other users, you must distinguish these permissions of the transferred user during processing, and then create roles to associate with the other users. users, such an operation is not only complicated and time-consuming, but also prone to errors
[0010] In the existing ERP and other management systems, employees cannot clearly understand the authority of each position / station number after logging into their accounts, which is not conducive to the development of work
In addition, in the existing ERP and other management systems, there are situations where multiple employees use the same user (account) to operate at work. At this time, the system cannot simply and clearly analyze the operation behavior or traces of the employees when performing analysis, resulting in Tracing work to its source becomes complicated

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for displaying authority after employee in system logs in account thereof
  • Method for displaying authority after employee in system logs in account thereof
  • Method for displaying authority after employee in system logs in account thereof

Examples

Experimental program
Comparison scheme
Effect test

example 1

[0036] Example 1: In the system, the account (user) corresponding to employee A is associated with three roles: sales manager 1, production supervisor 1 and financial supervisor 1, and the role of sales manager 1 is the main role of the account. Then, after employee A logs in to the system, the system will display sales manager 1, production supervisor 1, and financial supervisor 1 to employee A, and the corresponding permissions of these three roles, or the system will display sales manager 1 and its corresponding permissions to employee A.

[0037] The authority display method further includes: the employee chooses to display the first information or the second information. For example, in Example 1, after employee A logs in to the system, the system allows the employee to choose roles by himself; employee A can choose to display all roles, then the system will show employee A sales manager 1, production supervisor 1 and financial supervisor 1, and the three The permissions ...

Embodiment 2

[0049] [Example 2] such as Figure 5 As shown in the system, the permission display method after an employee logs in to their account includes: selecting a created, unassociated employee, and unfrozen account for the employee as the employee's account, or creating a separate account for the employee; The corresponding account login system; the system displays the first information or second information to the employee, the first information includes all roles associated with the account and the permissions corresponding to each role, the second information includes the account associated The main role of all roles and the permissions corresponding to the main role.

example 2

[0050] Example 2: Account A, Account B, and Account C exist in the system, and Account A, Account B, and Account C have no associated employees, Account A and Account B are not frozen, and Account C is frozen. Then you can choose one from account A and account B as employee A's account; or, create a new account in the system as employee A's account.

[0051] In the system, the account corresponding to employee A is associated with three roles: sales manager 1, production supervisor 1, and financial supervisor 1. The role of sales manager 1 is the main role of the account. Then, after employee A logs in to the system, the system will display sales manager 1, production supervisor 1, and financial supervisor 1 to employee A, and the corresponding permissions of these three roles, or the system will display sales manager 1 and its corresponding permissions to employee A.

[0052] The method of creating a separate account for an employee is: select a unique field in the system of ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for displaying the authority after an employee in a system logs in an account thereof. The method comprises the steps that a created and non-frozen account which is not associated with employees is selected for an employee as the account of the employee, or an account is separately created for the employee; the employee logs in the system according to the corresponding account; and the system displays first information or second information to the employee, wherein the first information comprises all roles associated with the account and authorities corresponding to the roles, and the second information comprises main roles of all the roles associated with the account and the authorities corresponding to the main roles. According to the method, after the employee logs in the account thereof, the corresponding authorities are clearly displayed according to the roles associated with the account so that the employee can conveniently carry out work; and inaddition, each employee corresponds to one account, and each account corresponds to one employee so that the operation of each account can be conveniently traced, and corresponding persons in charge can be checked.

Description

technical field [0001] The invention relates to a method for displaying user rights of management software systems such as ERP, in particular to a method for displaying rights of employees in the system after they log in to their accounts. Background technique [0002] Role-based access control (RBAC) is the most researched and thoughtful database permission management mechanism in recent years. It is considered to be an ideal candidate to replace traditional mandatory access control (MAC) and discretionary access control (DAC). The basic idea of ​​role-based access control (RBAC) is to divide different roles according to different functional positions in the enterprise organization view, encapsulate the access rights of database resources in roles, and users can indirectly access database resources by being assigned different roles. [0003] There are often a large number of tables and views in large-scale application systems, which makes the management and authorization of...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/60
CPCG06F21/604
Inventor 陈达志
Owner CHENGDU QIANNIUCAO INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products