Resource request transfer method and device, electronic equipment and storage medium
By providing a resource request relay service between users and internet products through a relay object, the problem of inconvenience for users switching between multiple similar products is solved, and a convenient and efficient resource request relay is achieved.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- TENCENT TECHNOLOGY (SHENZHEN) CO LTD
- Filing Date
- 2022-05-17
- Publication Date
- 2026-06-26
AI Technical Summary
Users need to switch frequently when using multiple similar internet products, which leads to inconvenient interaction and is prone to errors.
The relay object facilitates the relay of resource requests between the first and second objects. This includes determining the resource service type, query permission set, and performing the relay. The relay object establishes a connection between users and Internet products, providing a unified relay service.
It improves user convenience, avoids interaction errors caused by switching between different Internet products, and achieves efficient resource request relay.
Smart Images

Figure CN117113303B_ABST
Abstract
Description
Technical Field
[0001] This application relates to the field of Internet communication technology, and in particular to a method, apparatus, electronic device and storage medium for relaying resource requests. Background Technology
[0002] With the development of internet communication technology, internet products are emerging in endless streams. The user experience of internet products is generally provided by their related business functions. In related technologies, for at least two products belonging to the same category, user interaction with them is often independent. Taking application 1 and application 2 as examples, users typically log in to application 1 to experience related business functions, and then log in to application 2 to experience those same functions. This is inconvenient for users. When needing to use the related business functions provided by at least two similar products, switching between them is often necessary, which can easily lead to interaction errors. Summary of the Invention
[0003] To address at least one of the aforementioned technical problems, this application provides a resource request relay method, apparatus, electronic device, and storage medium:
[0004] According to a first aspect of this application, a resource request relay method is provided, applied to a relay object, the method comprising:
[0005] In response to a first resource request sent by a first object, the resource service type indicated by the first resource request and a second object are determined; the second object is the target object for processing the first resource request.
[0006] The specified permissions corresponding to the resource service type are determined based on the current permission settings information; the current permission settings information is the permission settings information sent by the second object to the relay object.
[0007] Query whether the target permission set contains the specified permission; the target permission set includes at least one target managed permission for which the first object has completed a contract with the second object, the first object and the second object have completed the contract through the transit object, the target managed permission indicates that the transit object is authorized to provide transit services for the first object for the second resource request, and the resource service type indicated by the second resource request corresponds to the managed permission;
[0008] Based on the query results, the first resource request is relayed.
[0009] According to a second aspect of this application, a resource request relay device is provided, configured on a relay object, the device comprising:
[0010] Response module: used to respond to a first resource request sent by a first object, determine the resource service type indicated by the first resource request and a second object; the second object is the target object for processing the first resource request;
[0011] Determining module: used to determine the specified permissions corresponding to the resource service type based on the current permission setting information; the current permission setting information is the permission setting information sent by the second object to the relay object;
[0012] Query module: used to query whether the target permission set contains the specified permission; the target permission set includes at least one target managed permission for which the first object has completed a contract with the second object, the first object and the second object are contracted through the transit object, the target managed permission indicates that the transit object is authorized to provide transit services for the first object for the second resource request, and the resource service type indicated by the second resource request corresponds to the managed permission;
[0013] Relay module: Used to relay the first resource request based on the query results.
[0014] According to a third aspect of this application, an electronic device is provided, the electronic device including at least one processor and a memory communicatively connected to the at least one processor; wherein the memory stores at least one instruction or at least one program, the at least one instruction or at least one program being loaded and executed by the at least one processor to implement the resource request relay method as described in the first aspect.
[0015] According to a fourth aspect of this application, a computer-readable storage medium is provided, wherein at least one instruction or at least one program is stored therein, the at least one instruction or at least one program being loaded and executed by a processor to implement the resource request relay method as described in the first aspect.
[0016] According to a fifth aspect of this application, a computer program product is provided, the computer program product comprising at least one instruction or at least one program segment, the at least one instruction or at least one program segment being loaded and executed by a processor to implement the resource request relay method as described in the first aspect.
[0017] It should be understood that the above general description and the following detailed description are exemplary and explanatory only, and are not intended to limit this application.
[0018] Implementing this application will have the following beneficial effects:
[0019] This application provides a resource request relay solution applied to a relay object. The relay object can be used to establish a connection between a first object (e.g., a user) and a second object (e.g., an internet product) to improve the operational convenience of the first object. The first and second objects can sign an agreement through the relay object, authorizing the relay object to provide relay services for relevant resource requests. In this way, interactions between the first object and multiple similar second objects can all be facilitated by the relay object. Compared to related technologies that require switching between multiple similar second objects for interaction, this is more convenient and efficient, and avoids interaction errors caused by switching between different second objects. The relay object can be an internet product itself, or a component module of an internet product, thereby establishing a connection between the relevant business functions of the internet product and the second objects.
[0020] Other features and aspects of this application will become clear from the following detailed description of exemplary embodiments with reference to the accompanying drawings. Attached Figure Description
[0021] To more clearly illustrate the technical solutions and advantages in the embodiments of this application or the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below. Obviously, the drawings described below are only some embodiments of this application. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.
[0022] Figure 1 This diagram illustrates an application environment according to an embodiment of the present application.
[0023] Figure 2 A flowchart illustrating a resource request relay method according to an embodiment of this application is shown;
[0024] Figure 3 A flowchart illustrating the process by which a transit object guides a first object and a second object to sign a contract, according to an embodiment of this application;
[0025] Figure 4 This illustration shows a flowchart of a process for relaying a first resource request based on a query result, according to an embodiment of this application.
[0026] Figure 5 This diagram illustrates a process for determining the parent permission of a specified permission based on current permission setting information, according to an embodiment of this application.
[0027] Figure 6 A schematic diagram illustrating permission setting information according to an embodiment of this application;
[0028] Figure 7 A schematic diagram illustrating metadata configuration according to an embodiment of this application is shown;
[0029] Figure 8 A schematic diagram illustrating a target page according to an embodiment of this application;
[0030] Figure 9 This diagram illustrates a device block diagram according to an embodiment of the present application;
[0031] Figure 10 A schematic diagram of an electronic device according to an embodiment of this application is shown. Detailed Implementation
[0032] The technical solutions of the embodiments of this application will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of this application, and not all embodiments. Based on the embodiments of this application, all other embodiments obtained by those of ordinary skill in the art without creative effort are within the scope of protection of this application.
[0033] It should be noted that the terms "first," "second," etc., in the specification, claims, and accompanying drawings of this application are used to distinguish similar objects and are not necessarily used to describe a specific order or sequence. It should be understood that such data can be interchanged where appropriate so that the embodiments of this application described herein can be implemented in orders other than those illustrated or described herein. Furthermore, the terms "comprising" and "having," and any variations thereof, are intended to cover non-exclusive inclusion; for example, a process, method, system, product, or server that comprises a series of steps or units is not necessarily limited to those steps or units explicitly listed, but may include other steps or units not explicitly listed or inherent to such processes, methods, products, or devices.
[0034] Various exemplary embodiments, features, and aspects of this application will now be described in detail with reference to the accompanying drawings. The same reference numerals in the drawings denote elements that have the same or similar functions. Although various aspects of the embodiments are shown in the drawings, they are not necessarily drawn to scale unless specifically indicated otherwise.
[0035] The term “exemplary” as used herein means “serving as an example, embodiment, or illustration.” Any embodiment illustrated herein as “exemplary” is not necessarily to be construed as superior to or better than other embodiments.
[0036] In this document, the term "and / or" is merely a description of the relationship between related objects, indicating that three relationships can exist. For example, A and / or B can represent three cases: A alone, A and B simultaneously, and B alone. Furthermore, the term "at least one" in this document means any combination of at least two of any one or more elements. For example, including at least one of A, B, and C can mean including any one or more elements selected from the set consisting of A, B, and C.
[0037] Furthermore, to better illustrate this application, numerous specific details are provided in the following detailed description. Those skilled in the art should understand that this application can be implemented without certain specific details. In some instances, methods, means, components, and circuits well-known to those skilled in the art have not been described in detail in order to highlight the main points of this application.
[0038] Before providing a further detailed description of the embodiments of this application, the nouns and terms involved in the embodiments of this application will be explained, and the nouns and terms involved in the embodiments of this application shall be interpreted as follows.
[0039] JSON: A lightweight data interchange format that can represent various types of data, such as strings, numbers, objects, and arrays.
[0040] XML: Extensible Markup Language, is a markup language used to mark up electronic documents to give them structure.
[0041] Please see Figure 1 , Figure 1 The diagram illustrates an application environment according to an embodiment of this application. The application environment may include a first object, a relay object, and a second object. The first object sends a first resource request to the relay object. The relay object determines the resource service type indicated by the first resource request and the second object; then, based on the current permission settings, it determines the specified permission corresponding to the resource service type; furthermore, it queries whether the target permission set contains the specified permission; finally, based on the query result, it relays the first resource request. It should be noted that... Figure 1 This is just one example.
[0042] In practical applications, the first object refers to the user, and the second object refers to the bank, such as the bank's server. The relay object can refer to a relay platform, which includes a relay client and a relay server. Based on the query results, the relay object forwards the first resource request to the bank. The first resource request can be triggered by the first object through the relay client, and then processed independently by the relay client; or the first resource request can be triggered by the first object through the relay client, and then forwarded to the relay server, where it is processed independently; or the first resource request can be triggered by the first object through the relay client, and then processed jointly by the relay client and the relay server through interaction. The relay client and relay server can be directly or indirectly connected via wired or wireless communication. The relay client and bank server can be directly or indirectly connected via wired or wireless communication. The relay server and bank server can be directly or indirectly connected via wired or wireless communication.
[0043] The relay client can be a physical device such as a smartphone, computer (e.g., desktop computer, tablet, laptop), augmented reality (AR) / virtual reality (VR) device, digital assistant, smart voice interaction device (e.g., smart speaker), smart wearable device, smart home appliance, or in-vehicle terminal; it can also be software running on the physical device, such as a computer program. The operating system corresponding to the client can be Android, iOS (a mobile operating system developed by Apple), Linux, or Microsoft Windows.
[0044] The relay server and bank server can be independent physical servers, server clusters or distributed systems composed of multiple physical servers, or cloud servers providing basic cloud computing services such as cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, CDN (Content Delivery Network), and big data and artificial intelligence platforms. The server may include network communication units, processors, and memory, etc. As in the resource request relay scheme provided in this application, multiple servers can form a blockchain, and the server is a node on the blockchain.
[0045] Furthermore, the relay object can be an internet product that provides a user experience for relaying resource requests. It can also be a component module of an internet product, thereby establishing a connection between the relevant business functions of that internet product and the second object. This internet product could be a browser product, instant messaging product, navigation product, live streaming product, e-commerce product, etc.
[0046] It should be noted that for resource requests that are related to user information, when the embodiments of this application are applied to specific products or technologies, user permission or consent is required, and the collection, use and processing of related data must comply with the relevant laws, regulations and standards of the relevant countries and regions.
[0047] Figure 2 This diagram illustrates a flowchart of a resource request forwarding method according to an embodiment of this application. Figure 2 As shown, the method includes:
[0048] S201: In response to a first resource request sent by a first object, determine the resource service type indicated by the first resource request and a second object; the second object is the target object for processing the first resource request;
[0049] In this embodiment, the first resource request aims to request a target object to provide relevant resource services for the first object. The intermediary object can determine the second object based on the identifier indicating the target object carried in the first resource request. The intermediary object can determine the resource service type from the resource service information carried in the first resource request. The resource service information can be resource service description information or the resource service type itself.
[0050] The resources involved in the related resource services can be objects whose ownership has been acquired through the network. Related resource services can include services for querying related resource information, services for transferring related resources, etc. For example, the first object refers to the user, the intermediary object refers to the bank-enterprise payment platform, and the second object refers to the bank. The user triggers the generation of the first resource request through the interactive interface provided by the bank-enterprise payment platform. If the first resource request aims to request the second object to provide a balance query service, then the balance corresponds to the aforementioned related resource information. If the first resource request aims to request the second object to provide a single transfer service, the object being transferred corresponds to the aforementioned related resource.
[0051] S202: Determine the specified permissions corresponding to the resource service type based on the current permission setting information; the current permission setting information is the permission setting information sent by the second object to the relay object;
[0052] In this embodiment, the relay object uses the current permission settings information to determine the specified permissions corresponding to the resource service type. It can be understood that the permission settings information records the correspondence between types and permissions. The resource requests that the relay object can forward are those for which the relay object has been granted permissions, where the type of the resource request that can be forwarded corresponds to the granted permissions. The specified permissions here are the permissions in the current permission settings information that correspond to the resource service type indicated by the first resource request.
[0053] The second object is responsible for updating the permission settings and sending the latest permission settings to the intermediary object. The current permission settings can be considered as the latest permission settings received by the intermediary object.
[0054] S203: Query whether the target permission set contains the specified permission; the target permission set includes at least one target managed permission for which the first object has completed a contract with the second object, the first object and the second object have completed the contract through the transit object, the target managed permission indicates that the transit object is authorized to provide transit services for the first object for the second resource request, and the resource service type indicated by the second resource request corresponds to the managed permission;
[0055] In this embodiment, the intermediate object queries the target permission set with the specified permission as the query target, to obtain either a first result that the target permission set contains the specified permission, or a second result that the target permission set does not contain the specified permission. The target permission set is the set of permissions granted to the intermediate object by the first object and the second object. Granting permissions to the intermediate object by the first object and the second object requires a contractual agreement between the first object and the second object, which is established through the intermediate object. After the intermediate object is granted permissions, it can forward the corresponding resource request, i.e., the second resource request. For example, the target permission set includes 10 target managed permissions, i.e., permission i (i ranges from 1 to 10), and permission i corresponds to type i. The intermediate object can forward resource requests corresponding to type i. The resource request corresponding to type i is the second resource request. Furthermore, when multiple second objects of the same type exist, the target permission set j can be considered as the set of permissions granted to the intermediate object by the first object and the second object j. It should be noted that the permissions, specified permissions, target managed permissions mentioned here, as well as the permissions, specified permissions mentioned in step S202 above, and the candidate managed permissions mentioned later, are all of the same type of permissions and all originate from the permission setting information provided by the second object.
[0056] In one exemplary implementation, the target permission set is the permission set obtained by the first object and the second object through a contract based on specified permission setting information, such as... Figure 3As shown, the method further includes:
[0057] S301: In response to the specified permission setting information sent by the second object, the specified permission setting information is processed using a preset page template to obtain a target page for display; the target page includes multiple page elements, and the multiple page elements correspond one-to-one with the multiple candidate managed permissions involved in the specified permission setting information;
[0058] S302: In response to the first object's triggering operation on a target page element in the target page, determine the target hosting permission corresponding to the target page element;
[0059] S303: Generate a contract request indicating the target managed permissions, and send the contract request to the second object to complete the contract for the target managed permissions.
[0060] This illustrates the process of a relay object guiding the first and second objects to sign contracts. The first and second objects sign contracts through the relay object, which supports multiple first objects of the same type to sign contracts with other first objects of the same type. Unified management ensures a consistent experience for multiple first objects of the same type participating in the signing process. For example, if multiple first objects of the same type are users 1-3, and multiple second objects of the same type are banks 1-3, user 1 can sign contracts with banks 1-3 individually through the relay object; user 2 can sign contracts with banks 2-3 individually through the relay object; and user 3 can sign contracts with bank 1 individually through the relay object.
[0061] The signing of an agreement between the first and second objects requires relevant permission settings, specifically the permission settings that the second object is responsible for updating and sending to the intermediary object in step S202. Here, we will use the example of obtaining a target permission set based on specified permission settings to illustrate the process of the intermediary object guiding the first and second objects to sign an agreement. It should be noted that as the permission settings are updated, the intermediary object can use the latest received permission settings to guide the first and second objects to sign an agreement.
[0062] The specified permission settings involve multiple candidate managed permissions, and these settings record the correspondence between types and candidate managed permissions. The intermediary object processes the specified permission settings using a preset page template, resulting in a target page containing multiple page elements. Each page element corresponds one-to-one with a candidate managed permission. The preset page template defines how to establish the relationship between candidate managed permissions and page elements, and how the page elements display the candidate managed permissions. Page elements are used to display candidate managed permissions. Page elements can be interactive controls indicating the selection of a candidate managed permission, and can display the permission content of the candidate managed permission through these controls. Page elements can also include interactive controls indicating the selection of a candidate managed permission, and permission content display objects associated with these interactive controls. These permission content display objects can be text, images, etc.
[0063] For example, if multiple candidate managed permissions are categorized as permissions 1-3, then each of the three permissions corresponds one-to-one with a page element: permission 1 corresponds to page element 1, permission 2 corresponds to page element 2, and permission 3 corresponds to page element 3. If the triggered target page element is page element 2, then permission 2 is the desired permission that the first object wants to contract with the second object. Accordingly, the intermediary object generates a contract request indicating the desired permission and sends it to the second object. In response to the received contract request, the second object agrees to contract with the first object for the desired permission to complete the contract. The representation of "the second object agreeing to contract with the first object for the desired permission" can be, for example, sending a confirmation notification to the intermediary object, or not sending a notification of disagreement regarding the desired permission to the intermediary object within a preset time.
[0064] It should be noted that: 1) Since "this example uses signing a contract based on specified permission settings to introduce the process of a transit object guiding the first object and the second object to sign a contract," the aforementioned expected permissions are also the target control permissions constituting the target permission set. 2) Due to the update of permission settings, the specified permission settings may be obtained by updating the first permission settings. 2.1) The candidate control permissions corresponding to the page elements here can be all permissions in the specified permission settings. Multiple page elements can include first-type page elements and second-type page elements, and their display differs. First-type elements correspond to permissions related to updates, while second-type elements correspond to permissions unrelated to updates. At the same time, for permissions that the first object and the second object have previously signed a contract with, their corresponding page elements will also display the status of the completed contract. 2.2) The candidate control permissions corresponding to the page elements here can also be permissions related to updates, that is, compared to the first permission settings, the updated specified permission settings involve new permissions, deletion permissions (existing in the first permission settings but not in the specified permission settings), and replacement permissions (the permission level in the first permission settings and the specified permission settings remains unchanged, but the permission name or the corresponding type changes). When displaying delete permissions, the page element aims to inform the first object that it no longer exists in the latest permission settings. In other words, if the first and second objects previously signed an agreement for delete permissions, that agreement is cancelled; if neither the first nor the second object previously signed an agreement for delete permissions, they cannot sign an agreement for that permission again. When displaying replace permissions, the page element aims to inform the first object that its permissions have changed in the latest permission settings. This application of page elements in displaying delete and replace permissions can also be used for the first type of page elements in 2.1). Of course, whether the candidate control permissions corresponding to the page element here are all permissions in the specified permission settings or permissions related to updates can be defined by the preset page template.
[0065] The process of guiding the first and second parties to sign contracts will be further described below:
[0066] A) Specific application of the content in the permission settings information:
[0067] Furthermore, the specified permission setting information includes permission hierarchy information corresponding to the multiple candidate managed permissions, as well as the permission name, permission identifier, and resource service description information for each candidate managed permission. It can be understood that the multiple candidate managed permissions here refer to all permissions in the specified permission setting information, and the permission hierarchy information describes the permission hierarchy architecture corresponding to all permissions. For example, which permissions belong to the same level, and which permissions have a hierarchical relationship. Each permission in the total permissions has a permission name (e.g., "balance query"), a permission identifier (e.g., "4001"), and resource service description information (e.g., "provides balance query service"). The resource service description information can be used to define the type.
[0068] Based on this, the transit object can use a preset page template to process the permission hierarchy information, the permission names and resource service descriptions of multiple candidate managed permissions, and obtain the target page for display. Referring to the descriptions in 2.1) and 2.2) above, whether the candidate management permission corresponding to a page element is all permissions specified in the permission settings information or permissions related to updates can be defined by the preset page template. The transit object uses the preset page template to process the permission hierarchy information, the permission names and resource service descriptions of multiple candidate managed permissions, and obtains a target page including multiple page elements. The target page presents the permission hierarchy structure of the multiple candidate managed permissions corresponding to the multiple page elements through visual layout or text description. Multiple page elements correspond one-to-one with multiple candidate managed permissions. Page elements are used to display candidate managed permissions; page elements can be interactive controls that indicate the selection of a candidate managed permission, and can display the permission name and resource service description information of the candidate managed permission through interactive controls. Page elements may also include interactive controls that indicate the selection of candidate managed permissions, as well as permission content display objects associated with the interactive controls. The permission content display objects display the permission name and resource service description information of the candidate managed permissions. The permission content display objects can be text, images, etc.
[0069] Continuing with the example above, if the triggered target page element is page element 2, then permission 2 is the desired permission that the first object wants to sign a contract with the second object. Accordingly, the intermediary object determines the permission identifier of the desired permission and generates a contract request indicating the permission identifier of the desired permission, and then sends it to the second object. It should be noted that since "this example uses obtaining a target permission set based on specified permission settings to illustrate the process of the intermediary object guiding the first object to sign a contract with the second object," the desired permission here is also the target control permission that constitutes the target permission set.
[0070] This section describes the target page and the process of generating the subscription request, based on the content of the permission settings. The page displayed to the first target (e.g., the user) includes permission names and resource service descriptions, improving readability and ease of interaction with the first target. The subscription request sent to the second target (e.g., the bank) includes permission identifiers, improving interaction efficiency with the bank and enhancing the security of information transmission.
[0071] B) Management of signed permissions:
[0072] After generating the subscription request indicating the target managed permissions and sending the subscription request to the second object to complete the subscription for the target managed permissions, the process may include the following steps: First, based on the first object and the second object, determine the corresponding local permission set in local storage; then, update the local permission set based on the target managed permissions to obtain the target permission set.
[0073] Taking multiple similar first objects (users 1-3) and multiple similar second objects (banks 1-3) as an example, user 1 can sign contracts with banks 1-3 through intermediary objects, user 2 can sign contracts with banks 2-3 through intermediary objects, and user 3 can sign contracts with bank 1 through intermediary objects. If the first object indicates user 1 and the second object indicates bank 2, the intermediary object can query the local permission set indicating user 1 and bank 2 in local storage. This local permission set includes the permissions previously signed between user 1 and bank 2. Then, it updates this local permission set using the target managed permissions to obtain the target permission set. Storing signed permissions locally improves permission query efficiency, thereby improving the efficiency of intermediary resource requests. Simultaneously, storing signed permissions based on the first object-second object dimension ensures effective management of signed permissions.
[0074] It should be noted that, in conjunction with the descriptions in 2.1) and 2.2) above, if the first object and the second object have previously signed an agreement for the deletion permission, then the local permission set includes the deletion permission, while the target permission set does not include the deletion permission.
[0075] In one exemplary implementation, a relay object guides a second object to provide permission setting information. In guiding the second object to provide permission setting information, the relay object not only provides a setting guidance file but also updates the setting guidance file, which can improve the convenience and efficiency of the second object in generating permission setting information.
[0076] The process of updating the setting guide file by the transit object may include the following steps: First, based on multiple historical permission setting information sent by the second object, determine the habitual characteristics of the second object for permission settings; the multiple historical permission setting information is generated by the second object setting permissions based on the guidance of the first setting guide file; then, update the first setting guide file based on the habitual characteristics to obtain a second setting guide file; furthermore, send the second setting guide file to the second object so that the second object sets permissions based on the guidance of the second setting guide file.
[0077] The configuration guide file can be in JSON or XML format. JSON is more suitable for visualization and tree-like mapping, while XML is suitable for representing nested configurations. Of course, the format used for the configuration guide file is not limited to JSON or XML. The configuration guide file can be a visual template, and a second object sets permissions based on the guidance in the configuration guide file. The second object sets initial permissions, sibling permissions, and permissions with hierarchical relationships, etc., based on the guidance in the configuration guide file. For example, it sets the arrangement of sibling permissions and permissions with hierarchical relationships; sets the permission display method; and sets permission identifiers, such as following the principle of numerical increment, setting the permission identifier for new permissions based on the permission identifiers of existing sibling permissions in an adjacent arrangement.
[0078] Regarding the second object's habitual characteristics for permission settings, it can be understood that the first setting guide file provides multiple related options for permission settings, and the habitual characteristics indicate the option selected more frequently, thus becoming the default option provided by the second setting guide file for permission settings. Of course, if the second object is not satisfied with the default option, it can also select other options. These multiple related options may include multiple related options related to the above arrangement, multiple related options related to the permission display method, and multiple related options related to setting permission identifiers.
[0079] In practical applications, the second object can use the setup guide file displayed in the web management backend for permission settings. The permission settings provided by the second object can be considered candidate permission settings. The candidate permission settings received by the intermediary object can be reviewed and approved by relevant personnel to reduce permission setting errors. The approved candidate permission settings then serve as the data source for the intermediary object to guide the first and second objects in signing the agreement.
[0080] S204: Based on the query results, the first resource request is relayed.
[0081] In this embodiment, the intermediary object decides whether to forward the first resource request to the second object based on the query result. When the query obtains a first result indicating that the target permission set contains the specified permission, the intermediary object forwards the first resource request to the second object, enabling the second object to process the first resource request. When the query obtains a second result indicating that the target permission set does not contain the specified permission, the intermediary object does not forward the first resource request to the second object, thus the second object cannot process the first resource request.
[0082] In one exemplary implementation, such as Figure 4 As shown, the step of relaying the first resource request based on the query results includes:
[0083] S401: When the target permission set obtained by the query does not contain the result of the specified permission, the parent permission of the specified permission is determined based on the current permission setting information;
[0084] S402: When the target permission set contains the superior permission, forward the first resource request to the second object so that the second object can process the first resource request.
[0085] If the specified permission corresponding to the resource service type indicated by the first resource request is not an authorized permission, but the parent permission of the specified permission is an authorized permission, the intermediary object can still provide the intermediary service for the first object regarding the first resource request. This improves the flexibility of implementing resource services between the first and second objects. The first resource request can be forwarded without a subscription for the specified permission, improving the timeliness and scalability of implementing resource services between the first and second objects. Of course, the specified permission can be added to the target permission set later. When the target permission set does not contain a parent permission, that is, when the parent permission of the specified permission is not an authorized permission, the intermediary object will not forward the first resource request to the second object, and thus the second object cannot process the first resource request.
[0086] For example, if the specified permission is permission 1, and the target permission set includes permissions 10-20, then the target permission set does not contain the specified permission. If the parent permission of the specified permission is permission 11, and the target permission set does not contain the parent permission of the specified permission, then the intermediary object forwards the first resource request to the second object, allowing the second object to process the first resource request. The hierarchical relationship between permission 11 and permission 1 is determined based on the current permission settings, indicating that permission 1 belongs to permission 11. Of course, there may be other permissions at the same level as permission 1 that belong to permission 11. Taking permission 11 indicating "transfer" and permission 1 indicating "single payment request" as an example, other permissions may include permission 2 indicating "single payment status query", permission 3 indicating "batch transfer request", and permission 4 indicating "batch transfer detail result query". Generally speaking, the resource service scope indicated by a higher-level permission is larger than the resource service scope indicated by a lower-level permission. Different peer permissions indicate different resource service scopes.
[0087] Introducing the concept of version numbers can improve the ease of managing permission settings. Introducing the concept of permission attributes can improve the granularity of permission management. The following section will combine version numbers and permission attributes to illustrate their application in determining the parent permissions of a given permission:
[0088] The target permission set is the set of permissions obtained by the first object and the second object through a contract based on specified permission settings. The second object manages the updates to the permission settings using a version management approach, such as... Figure 5 As shown, when the query results indicate that the target permission set does not contain the specified permission, the parent permission of the specified permission is determined based on the current permission setting information, including...
[0089] S501: When the target permission set does not contain the specified permission, determine the version number corresponding to the specified permission setting information and determine the version number corresponding to the current permission setting information;
[0090] S502: When the version number corresponding to the specified permission setting information is less than the version number corresponding to the current permission setting information, determine whether the specified permission has an inherited attribute based on the current permission setting information;
[0091] S503: When the specified permission has an inheritable attribute, the parent permission of the specified permission is determined based on the current permission setting information.
[0092] The signing of an agreement between the first and second objects requires relevant permission settings. For obtaining a target permission set based on specified permission settings, it can be understood that obtaining the target permission set is related to at least one permission setting, and the specified permission setting is the latest among at least one permission setting. Since the current permission settings can be considered the latest permission settings received by the intermediary object, it is necessary to confirm whether the specified permission settings are also the latest permission settings received by the intermediary object through the version number.
[0093] If the version number corresponding to the specified permission setting information is equal to the version number corresponding to the current permission setting information, it means that the specified permission setting information is also the latest permission setting information received by the relay object. Therefore, "the target permission set does not contain the specified permission" indicates that the specified permission has already been shown to the first object, and the first object has not confirmed the specified permission as the desired permission. Accordingly, the relay object does not forward the first resource request to the second object, so the second object cannot process the first resource request. Alternatively, subscription guidance information for the specified permission can be generated and sent to the first object to guide the first object to subscribe for the specified permission. "Sending subscription guidance information to the first object" can be understood as showing the first object page elements related to the specified permission, including interactive controls indicating the selection of the specified permission.
[0094] If the version number corresponding to the specified permission setting information is less than the version number corresponding to the current permission setting information, it means that the specified permission setting information is not the latest permission setting information received by the relay object, and the specified permission is a permission related to the update of the permission setting information. A specified permission with the inheritable attribute means that the resource service scope indicated by it as a lower-level permission can be directly inherited by the resource service scope indicated by the higher-level permission. A specified permission without the inheritable attribute means that the resource service scope indicated by it as a lower-level permission cannot be directly inherited by the resource service scope indicated by the higher-level permission. For example, the higher-level permission indicates "transfer," the lower-level permission indicates "single payment status query," and the first resource request aims to request the second object to provide the "single payment status query" service. If the specified permission indicates "single payment status query" and the specified permission does not have the inheritable attribute, then even if the target permission set contains the higher-level permission, the relay object will not forward the first resource request to the second object. When the specified permission has the inheritable attribute, determining the higher-level permission of the specified permission based on the current permission setting information can validate the first resource request. Of course, the relay object can also manage the version of the permission setting information it receives.
[0095] If a specified permission does not have an inheritable attribute, a subscription guidance message can be generated for the specified permission; this message is then sent to the first object to guide it to subscribe for the specified permission. "Sending subscription guidance message to the first object" can be understood as displaying page elements related to the specified permission to the first object, including interactive controls indicating the selection of the specified permission.
[0096] In practical applications, the inheritability of permissions can be used to set new permissions. If the new permission is one that a second object believes requires a contract to access related resource services, it can be made to not have the inheritability attribute, for example, by indicating the addition of a new permission for reimbursement on behalf of others.
[0097] The resource request relay solution provided in this application is applied to a bank-enterprise payment platform. This platform aggregates the payment capabilities of multiple banks, masks differences between banks, and provides standardized payment and collection services for enterprise users. Each bank has different permissions; a metadata configuration can be established to map the permission settings provided by the banks. This metadata configuration can use formats such as JSON or XML. This metadata configuration contains three parts: the part related to the target page, the part related to the contract request, and the part related to the locally stored permission set. (See [link to relevant documentation]). Figure 7 . Figure 8 This is the target page. The application of metadata configuration can improve the ease of management for enterprise users and interbank resource services. Metadata configuration provides reliable reference for guiding the first and second parties to sign contracts, and for querying whether specified permissions are already signed permissions.
[0098] See Figure 6 This is the permission setting information provided by the bank, which is used to obtain the corresponding metadata configuration. An intermediate object can use a template file in the web management backend to obtain the corresponding metadata configuration based on the permission setting information. Different banks provide different permission setting information, so corresponding template files can be configured for different banks to ensure consistency in the metadata configuration obtained based on their permission setting information. Relevant personnel can review and approve the permission setting information processed by the template file to reduce configuration errors.
[0099] Enterprise users select their desired permissions and submit them to the bank-enterprise payment platform (corresponding to the above-mentioned "triggering operation of the first object on the target page element in the target page"): [{"permission_id":"BALANCE_QUERY"},{"permission_id":"BATCH_TRANSFER"},{"permission_id":"RECEIPT_QUERY"},{"permission_id":"TRANSFER"}]. The bank-enterprise payment platform sends a contract signing request to the bank. If Bank A's single transfer permission code is 1001 / batch transfer permission code is 1002, then the contract signing request involves [{"authority":"1001"},{"authority":"1002"}] which is sent to the corresponding bank. If Bank B's single transfer permission code is e00 / batch transfer permission code is e01, then the contract signing request involves [{"authority":"e00"},{"authority":"e01"}]. Enterprise users can review the contract signing through their online banking client. For resource requests sent by enterprise users, check whether the corresponding permissions are those that have been signed up for.
[0100] As can be seen from the technical solutions provided in the embodiments of this application above, this application provides a resource request relay scheme applied to a relay object. The relay object can be used to establish a connection between a first object (such as a user) and a second object (such as an internet product) to improve the operational convenience of the first object. The first object and the second object can sign an agreement through the relay object to enable the first object to authorize the relay object to provide relay services for relevant resource requests. In this way, the interaction between the first object and multiple similar second objects can all be achieved through the relay object. Compared with related technologies, which require switching between multiple similar second objects for interaction, this is more convenient and efficient, and also avoids interaction errors caused by switching between different second objects. The relay object can be an internet product or a component module of an internet product, thereby enabling the relevant business functions of the internet product to establish a connection with the second object.
[0101] This application also provides a resource request relay device, such as... Figure 9 As shown, the resource request relay device 90 is configured on the relay object, and the resource request relay device 90 includes:
[0102] Response module 901: configured to respond to a first resource request sent by a first object, determine the resource service type indicated by the first resource request and a second object; the second object is the target object for processing the first resource request;
[0103] Determining module 902: used to determine the specified permissions corresponding to the resource service type based on the current permission setting information; the current permission setting information is the permission setting information sent by the second object to the transit object;
[0104] Query module 903: used to query whether the target permission set contains the specified permission; the target permission set includes at least one target managed permission for which the first object has completed a contract with the second object, the first object and the second object have completed the contract through the transit object, the target managed permission is used to authorize the transit object to provide transit services for the first object for the second resource request, the resource service type indicated by the second resource request corresponds to the managed permission;
[0105] Relay module 904: Used to relay the first resource request based on the query results.
[0106] It should be noted that the apparatus and method embodiments described in the device embodiments are based on the same inventive concept.
[0107] In some embodiments, the functions or modules of the apparatus provided in this application can be used to perform the methods described in the above method embodiments. The specific implementation can be referred to the description of the above method embodiments, and for the sake of brevity, it will not be repeated here.
[0108] This application also provides a computer-readable storage medium storing at least one instruction or at least one program segment, which is loaded and executed by a processor to implement the above-described method. The computer-readable storage medium may be a non-volatile computer-readable storage medium.
[0109] This application also provides an electronic device, which includes at least one processor and a memory communicatively connected to the at least one processor; wherein the memory stores at least one instruction or at least one program, and the at least one instruction or at least one program is loaded and executed by the at least one processor to implement the above method.
[0110] Electronic devices can be provided as terminals, servers, or other forms of devices.
[0111] Figure 10 A block diagram of an electronic device according to an embodiment of this application is shown. For example, electronic device 1900 may be provided as a server. (Refer to...) Figure 10The electronic device 1900 includes a processing component 1922, which further includes one or more processors, and memory resources represented by memory 1932 for storing instructions, such as application programs, that can be executed by the processing component 1922. The application programs stored in memory 1932 may include one or more modules, each corresponding to a set of instructions. Furthermore, the processing component 1922 is configured to execute instructions to perform the methods described above.
[0112] Electronic device 1900 may also include a power supply component 1926 configured to perform power management of electronic device 1900, a wired or wireless network interface 1950 configured to connect electronic device 1900 to a network, and an input / output (I / O) interface 1958. Electronic device 1900 can operate on an operating system stored in memory 1932, such as Windows Server™, Mac OS X™, Unix™, Linux™, FreeBSD™, or similar.
[0113] In an exemplary embodiment, a non-volatile computer-readable storage medium is also provided, such as a memory 1932 including computer program instructions that can be executed by a processing component 1922 of an electronic device 1900 to perform the above-described method.
[0114] This application may be a system, method, and / or computer program product. A computer program product may include a computer-readable storage medium having computer-readable program instructions loaded thereon for causing a processor to implement various aspects of this application.
[0115] Computer-readable storage media can be tangible devices capable of holding and storing instructions for use by an instruction execution device. Computer-readable storage media can be, for example—but not limited to—electrical storage devices, magnetic storage devices, optical storage devices, electromagnetic storage devices, semiconductor storage devices, or any suitable combination thereof. More specific examples (a non-exhaustive list) of computer-readable storage media include: portable computer disks, hard disks, random access memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), static random access memory (SRAM), portable compact disc read-only memory (CD-ROM), digital multifunction disc (DVD), memory sticks, floppy disks, mechanical encoding devices, such as punch cards or recessed protrusions storing instructions thereon, and any suitable combination thereof. The computer-readable storage media used herein are not to be construed as transient signals themselves, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through waveguides or other transmission media (e.g., light pulses through fiber optic cables), or electrical signals transmitted through wires.
[0116] The computer-readable program instructions described herein can be downloaded from computer-readable storage media to various computing / processing devices, or downloaded via a network, such as the Internet, local area network, wide area network, and / or wireless network, to an external computer or external storage device. The network may include copper transmission cables, fiber optic transmission, wireless transmission, routers, firewalls, switches, gateway computers, and / or edge servers. A network adapter card or network interface in each computing / processing device receives the computer-readable program instructions from the network and forwards them to the computer-readable storage media in the respective computing / processing device.
[0117] The computer program instructions used to perform the operations of this application may be assembly instructions, instruction set architecture (ISA) instructions, machine instructions, machine-dependent instructions, microcode, firmware instructions, status setting data, or source code or object code written in any combination of one or more programming languages, including object-oriented programming languages such as Smalltalk, C+, etc., and conventional procedural programming languages such as the "C" language or similar programming languages. The computer-readable program instructions may be executed entirely on the user's computer, partially on the user's computer, as a standalone software package, partially on the user's computer and partially on a remote computer, or entirely on a remote computer or server. In cases involving a remote computer, the remote computer may be connected to the user's computer via any type of network—including a local area network (LAN) or a wide area network (WAN)—or may be connected to an external computer (e.g., via the Internet using an Internet service provider). In some embodiments, electronic circuits, such as programmable logic circuits, field-programmable gate arrays (FPGAs), or programmable logic arrays (PLAs), are personalized by utilizing the status information of the computer-readable program instructions. These electronic circuits can execute the computer-readable program instructions to implement various aspects of this application.
[0118] Various aspects of this application are described herein with reference to flowchart illustrations and / or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of this application. It should be understood that each block of the flowchart illustrations and / or block diagrams, and combinations of blocks in the flowchart illustrations and / or block diagrams, can be implemented by computer-readable program instructions.
[0119] These computer-readable program instructions can be provided to a processor of a general-purpose computer, a special-purpose computer, or other programmable data processing apparatus to produce a machine such that, when executed by the processor of the computer or other programmable data processing apparatus, they create means for implementing the functions / actions specified in one or more blocks of the flowchart and / or block diagram. These computer-readable program instructions can also be stored in a computer-readable storage medium that causes a computer, programmable data processing apparatus, and / or other device to operate in a particular manner; thus, the computer-readable medium storing the instructions comprises an article of manufacture that includes instructions for implementing aspects of the functions / actions specified in one or more blocks of the flowchart and / or block diagram.
[0120] Computer-readable program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other device to cause a series of operational steps to be performed on the computer, other programmable data processing apparatus, or other device to produce a computer-implemented process, thereby causing the instructions executed on the computer, other programmable data processing apparatus, or other device to perform the functions / actions specified in one or more boxes of a flowchart and / or block diagram.
[0121] The flowcharts and block diagrams in the accompanying drawings illustrate the architecture, functionality, and operation of possible implementations of systems, methods, and computer program products according to various embodiments of this application. In this regard, each block in a flowchart or block diagram may represent a module, segment, or portion of an instruction, which includes one or more executable instructions for implementing a specified logical function. In some alternative implementations, the functions specified in the blocks may occur in a different order than those specified in the drawings. For example, two consecutive blocks may actually be executed substantially in parallel, and they may sometimes be executed in reverse order, depending on the functions involved. It should also be noted that each block in the block diagrams and / or flowcharts, and combinations of blocks in the block diagrams and / or flowcharts, can be implemented using a dedicated hardware-based system that performs the specified function or action, or using a combination of dedicated hardware and computer instructions.
[0122] The various embodiments of this application have been described above. These descriptions are exemplary and not exhaustive, nor are they limited to the disclosed embodiments. Many modifications and variations will be apparent to those skilled in the art without departing from the scope and spirit of the described embodiments. The terminology used herein is chosen to best explain the principles, practical applications, or technological improvements to the embodiments in the market, or to enable others skilled in the art to understand the embodiments disclosed herein.
Claims
1. A resource request relay method, characterized in that, Applied to intermediary objects, the method includes: In response to a first resource request sent by a first object, the resource service type indicated by the first resource request and a second object are determined; the second object is the target object for processing the first resource request. The specified permissions corresponding to the resource service type are determined based on the current permission settings information; the current permission settings information is the permission settings information sent by the second object to the relay object. The query checks whether the target permission set contains the specified permission; the target permission set includes at least one target managed permission for which the first object has completed a contract with the second object, the first object and the second object contract through the transit object, the target managed permission indicates that the transit object is authorized to provide transit services for the first object for the second resource request, the resource service type indicated by the second resource request corresponds to the managed permission, the target permission set is the permission set obtained by the first object and the second object through a contract based on specified permission setting information, and the second object manages the updates of permission setting information in a version management manner; When the target permission set obtained by the query does not contain the result of the specified permission, the parent permission of the specified permission is determined based on the current permission setting information: when the target permission set does not contain the specified permission, the version number corresponding to the specified permission setting information and the version number corresponding to the current permission setting information are determined; when the version number corresponding to the specified permission setting information is less than the version number corresponding to the current permission setting information, it is determined whether the specified permission has an inherited attribute based on the current permission setting information; when the specified permission has an inherited attribute, the parent permission of the specified permission is determined based on the current permission setting information. When the target permission set contains the parent permission, the first resource request is forwarded to the second object so that the second object can process the first resource request.
2. The method according to claim 1, characterized in that, When the version number corresponding to the specified permission setting information is less than the version number corresponding to the current permission setting information, after determining whether the specified permission has an inherited attribute based on the current permission setting information, the method further includes: When the specified permission does not have an inheritable attribute, generate contract guidance information for the specified permission; Send the signing guidance information to the first object to guide the first object to sign the contract for the specified permissions.
3. The method according to claim 1, characterized in that, The target permission set is the permission set obtained by the first object and the second object through a contract based on specified permission setting information. The method further includes: In response to the specified permission setting information sent by the second object, the specified permission setting information is processed using a preset page template to obtain a target page for display; the target page includes multiple page elements, and the multiple page elements correspond one-to-one with the multiple candidate managed permissions involved in the specified permission setting information; In response to the first object's triggering operation on a target page element in the target page, the target hosting permission corresponding to the target page element is determined; Generate a subscription request that indicates the target managed permissions, and send the subscription request to the second object to complete the subscription for the target managed permissions.
4. The method according to claim 3, characterized in that, The specified permission setting information includes permission level information corresponding to the multiple candidate managed permissions, as well as permission name, permission identifier and resource service description information for each candidate managed permission; The process of using a preset page template to process the current permission settings information to obtain the target page for display includes: The target page is obtained by processing the permission level information, the permission name and resource service description information of the multiple candidate managed permissions using a preset page template; The generation of the contract request indicating the target managed permissions includes: Determine the target permission identifier for the target managed permissions; Generate a subscription request that indicates the target permission identifier.
5. The method according to claim 3, characterized in that, After generating the subscription request indicating the target managed permissions and sending the subscription request to the second object to complete the subscription for the target managed permissions, the process includes: Based on the first object and the second object, the corresponding local permission set is determined in the local storage; The local permission set is updated based on the target managed permissions to obtain the target permission set.
6. The method according to claim 3, characterized in that, The method further includes: Based on multiple historical permission setting information sent by the second object, the habitual characteristics of the second object regarding permission settings are determined; the multiple historical permission setting information is generated by the second object when setting permissions based on the guidance of the first setting guide file; The first setting guide file is updated based on the aforementioned habitual characteristics to obtain the second setting guide file; Send the second setup guide file to the second object so that the second object performs permission settings based on the guidance of the second setup guide file.
7. A resource request relay device, characterized in that, Configured for transit objects, the device includes: Response module: used to respond to a first resource request sent by a first object, determine the resource service type indicated by the first resource request and a second object; the second object is the target object for processing the first resource request; Determining module: used to determine the specified permissions corresponding to the resource service type based on the current permission setting information; the current permission setting information is the permission setting information sent by the second object to the relay object; Query module: used to query whether the target permission set contains the specified permission; the target permission set includes at least one target managed permission for which the first object has completed a contract with the second object, the first object and the second object are contracted through the transit object, the target managed permission indicates that the transit object is authorized to provide transit services for the first object for the second resource request, the resource service type indicated by the second resource request corresponds to the managed permission, the target permission set is the permission set obtained by the first object and the second object through a contract based on the specified permission setting information, and the second object manages the updates of the permission setting information in a version management manner; Intermediate Module: Used to determine the parent permission of the specified permission based on the current permission setting information when the target permission set obtained by the query does not contain the specified permission: when the target permission set does not contain the specified permission, determine the version number corresponding to the specified permission setting information and the version number corresponding to the current permission setting information; when the version number corresponding to the specified permission setting information is less than the version number corresponding to the current permission setting information, determine whether the specified permission has an inherited attribute based on the current permission setting information; when the specified permission has an inherited attribute, determine the parent permission of the specified permission based on the current permission setting information; and, When the target permission set contains the parent permission, the first resource request is forwarded to the second object so that the second object can process the first resource request.
8. The apparatus according to claim 7, characterized in that, The device is further configured to: when the version number corresponding to the specified permission setting information is less than the version number corresponding to the current permission setting information, after determining whether the specified permission has an inheritable attribute based on the current permission setting information, generate contract guidance information for the specified permission when the specified permission does not have an inheritable attribute; Send the signing guidance information to the first object to guide the first object to sign the contract for the specified permissions.
9. The apparatus according to claim 7, characterized in that, The target permission set is the permission set obtained by the first object and the second object through a contract based on specified permission setting information. The device is further used for: In response to the specified permission setting information sent by the second object, the specified permission setting information is processed using a preset page template to obtain a target page for display; the target page includes multiple page elements, and the multiple page elements correspond one-to-one with the multiple candidate managed permissions involved in the specified permission setting information; In response to the first object's triggering operation on a target page element in the target page, the target hosting permission corresponding to the target page element is determined; Generate a subscription request that indicates the target managed permissions, and send the subscription request to the second object to complete the subscription for the target managed permissions.
10. The apparatus according to claim 9, characterized in that, The specified permission setting information includes permission level information corresponding to the multiple candidate managed permissions, as well as permission name, permission identifier and resource service description information for each candidate managed permission; The process of using a preset page template to process the current permission settings information to obtain the target page for display includes: The target page is obtained by processing the permission level information, the permission name and resource service description information of the multiple candidate managed permissions using a preset page template; The generation of the contract request indicating the target managed permissions includes: Determine the target permission identifier for the target managed permissions; Generate a subscription request that indicates the target permission identifier.
11. The apparatus according to claim 9, characterized in that, The apparatus is further configured to: after generating a subscription request indicating the target managed permissions and sending the subscription request to the second object to complete the subscription for the target managed permissions, determine a corresponding set of local permissions in local storage based on the first object and the second object; The local permission set is updated based on the target managed permissions to obtain the target permission set.
12. The apparatus according to claim 9, characterized in that, The device is also used for: Based on multiple historical permission setting information sent by the second object, the habitual characteristics of the second object regarding permission settings are determined; the multiple historical permission setting information is generated by the second object when setting permissions based on the guidance of the first setting guide file; The first setting guide file is updated based on the aforementioned habitual characteristics to obtain the second setting guide file; Send the second setup guide file to the second object so that the second object performs permission settings based on the guidance of the second setup guide file.
13. An electronic device, characterized in that, The electronic device includes at least one processor and a memory communicatively connected to the at least one processor; wherein the memory stores at least one instruction or at least one program, which is loaded and executed by the at least one processor to implement the resource request relay method as described in any one of claims 1-6.
14. A computer-readable storage medium, characterized in that, The computer-readable storage medium stores at least one instruction or at least one program, which is loaded and executed by a processor to implement the resource request relay method as described in any one of claims 1-6.
15. A computer program product, characterized in that, The computer program product includes at least one instruction or at least one program segment, which is loaded and executed by a processor to implement the resource request relay method as described in any one of claims 1-6.