Railway base station team service auditing method and device, computer equipment and medium
By using a two-dimensional matching mechanism to accurately screen and review accounts and assign differentiated permissions, the problem of imprecise permission management in the railway grassroots station team review system has been solved, thereby improving compliance and security.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- SHUOHUANG RAILWAY DEV
- Filing Date
- 2026-04-17
- Publication Date
- 2026-06-05
Smart Images

Figure CN122155657A_ABST
Abstract
Description
Technical Field
[0001] This application relates to the field of data management technology, and in particular to a method, device, computer equipment, and medium for auditing business operations at railway grassroots stations. Background Technology
[0002] The Railway Grassroots Station Audit System is a digital and intelligent management system specifically designed for railway grassroots stations. By integrating audit and supervision workflows, the system automates and informatizes functions such as case lead management, violation monitoring, and data statistical analysis. This helps improve the efficiency and accuracy of audit work and, through data-driven decision support, helps to promptly identify and resolve potential problems, promoting the standardization, transparency, and scientification of audit and supervision work.
[0003] However, existing auditing systems have shortcomings in practical applications. Due to the rapid changes in business processes at railway grassroots stations, organizational restructuring, user role changes, and multiple-position concurrent work have become commonplace. Existing auditing systems often fail to adjust permissions in a timely manner, leading to long-term changes that can result in chaotic permission data and an increase in non-compliant authorizations. This lag in permission adjustments increases the difficulty of permission management, causing a disconnect between permission allocation and actual business needs, and ultimately resulting in insufficiently granular permission management. Summary of the Invention
[0004] Therefore, it is necessary to provide a method, device, computer equipment, and medium for auditing business at railway grassroots stations that can be used for precise management, addressing the aforementioned technical problems.
[0005] Firstly, this application provides a method for reviewing business operations at railway grassroots stations, applicable to business applicants, including:
[0006] Obtain account attribute data for at least one candidate account to be reviewed and business attribute data for the business to be reviewed; account attribute data includes account permission level and account description data; the business to be reviewed is the business executed by the railway grassroots station team; business attribute data includes business processing constraints and business description data;
[0007] Candidate accounts whose account description data meets the business processing constraints are selected as target audit accounts;
[0008] Based on the business description data and the account permission levels of different target review accounts, different business review permissions are assigned to each target review account so that each target review account can conduct business review of the business to be reviewed according to the corresponding business review permissions.
[0009] In one embodiment, business review permissions include review type permissions and review scope permissions; based on business description data and the account permission levels of different target review accounts, different business review permissions are assigned to each target review account, including:
[0010] Based on the business description data, assign different review scope permissions to each target review account; and...
[0011] For each target account to be reviewed, assign review type permissions that match the corresponding account permission level.
[0012] Based on the scope and type permissions assigned to the target audit account, determine the business audit permissions assigned to the target audit account.
[0013] In one embodiment, the scope of review permissions includes content review permissions; based on business description data, different scope of review permissions are assigned to each target review account, including:
[0014] Based on the business description data, identify at least one sub-business among the businesses to be reviewed;
[0015] For each sub-business to be reviewed, based on the sub-business description data corresponding to the sub-business to be reviewed in the business description data, the review content permissions that match the sub-business to be reviewed are generated.
[0016] Assign different content access permissions to accounts that are subject to different objectives.
[0017] In one embodiment, the review scope permissions also include account management permissions; based on business description data, different review scope permissions are assigned to each target review account, including:
[0018] For each sub-business item to be reviewed, at least one candidate business account is determined based on the business description data to execute the sub-business item to be reviewed.
[0019] Different candidate business accounts are grouped to obtain at least one business account group;
[0020] For each business account group, account management permissions matching the business account group are generated based on the account group description data corresponding to the business account group.
[0021] For target review accounts that have been assigned content review permissions, assign account management permissions for the target business account group to the target review accounts;
[0022] Among them, the target business account group is the business account group under the sub-business to be reviewed, corresponding to the review content permissions assigned to the target review account.
[0023] Secondly, this application provides a method for auditing business operations at railway grassroots stations and teams, applicable to the auditing party, including:
[0024] Receive business review permissions from the business reviewer for the business to be reviewed; business review permissions include review type permissions and review scope permissions; the business to be reviewed is the business executed by the railway grassroots station team;
[0025] For sub-businesses and business account groups that are subject to review and whose review scope permissions match, perform review operations that match the review type permissions.
[0026] In one embodiment, the review type permissions include review content generation permissions, review content distribution permissions, and review result verification permissions; for the sub-businesses and business account groups to be reviewed that match the review scope permissions, review operations matching the review type permissions are performed, including:
[0027] When the review type permission is the content generation permission, the target review content is generated for the sub-business and business account group to be reviewed, based on the sub-business and business account group to be reviewed that match the review scope permission in the business to be reviewed; the target review content includes the account group identifier of the business account group.
[0028] When the review type permission is the content distribution permission, different target review content is sent to the business account group that matches the corresponding account group identifier, so that each business account group can fill in the target review content.
[0029] When the review type permission is the review result verification permission, the review result sent by the business account group is received according to the business account group that matches the review scope permission in the business to be reviewed, and the review result is verified according to the sub-business to be reviewed that matches the review scope permission in the business to be reviewed; the review result is the result obtained by the business account group in responding to the target review content.
[0030] Thirdly, this application also provides a railway grassroots station team business review device, applied to the authorization distributor, including:
[0031] The acquisition module is used to acquire account attribute data of at least one candidate account for review and business attribute data of the business to be reviewed; the account attribute data includes account permission level and account description data; the business to be reviewed is the business executed by the railway grassroots station team; the business attribute data includes business processing constraints and business description data;
[0032] The selection module is used to select candidate accounts whose account description data meets the business processing constraints as target accounts for review.
[0033] The allocation module is used to assign different business review permissions to each target review account based on the business description data and the account permission level of different target review accounts, so that each target review account can conduct business review of the business to be reviewed according to the corresponding business review permissions.
[0034] Fourthly, this application also provides a railway grassroots station team business review device, applied to the business review party, including:
[0035] The receiving module is used to receive business review permissions for the business to be reviewed from the business reviewer; the business review permissions include review type permissions and review scope permissions; the business to be reviewed is the business executed by the railway grassroots station team;
[0036] The review module is used to perform review operations that match the review type permissions for sub-businesses and business account groups that are to be reviewed and whose review scope permissions are matched.
[0037] Fifthly, this application also provides a computer device, including a memory and a processor, wherein the memory stores a computer program, and the processor executes the computer program to perform the following steps:
[0038] Obtain account attribute data for at least one candidate account to be reviewed and business attribute data for the business to be reviewed; account attribute data includes account permission level and account description data; the business to be reviewed is the business executed by the railway grassroots station team; business attribute data includes business processing constraints and business description data;
[0039] Candidate accounts whose account description data meets the business processing constraints are selected as target audit accounts;
[0040] Based on the business description data and the account permission levels of different target review accounts, different business review permissions are assigned to each target review account so that each target review account can conduct business review of the business to be reviewed according to the corresponding business review permissions.
[0041] Sixthly, this application also provides a computer device, including a memory and a processor, wherein the memory stores a computer program, and the processor executes the computer program to perform the following steps:
[0042] Receive business review permissions from the business reviewer for the business to be reviewed; business review permissions include review type permissions and review scope permissions; the business to be reviewed is the business executed by the railway grassroots station team;
[0043] For sub-businesses and business account groups that are subject to review and whose review scope permissions match, perform review operations that match the review type permissions.
[0044] Seventhly, this application also provides a computer-readable storage medium having a computer program stored thereon, which, when executed by a processor, performs the following steps:
[0045] Obtain account attribute data for at least one candidate account to be reviewed and business attribute data for the business to be reviewed; account attribute data includes account permission level and account description data; the business to be reviewed is the business executed by the railway grassroots station team; business attribute data includes business processing constraints and business description data;
[0046] Candidate accounts whose account description data meets the business processing constraints are selected as target audit accounts;
[0047] Based on the business description data and the account permission levels of different target review accounts, different business review permissions are assigned to each target review account so that each target review account can conduct business review of the business to be reviewed according to the corresponding business review permissions.
[0048] Eighthly, this application also provides a computer-readable storage medium having a computer program stored thereon, which, when executed by a processor, performs the following steps:
[0049] Receive business review permissions from the business reviewer for the business to be reviewed; business review permissions include review type permissions and review scope permissions; the business to be reviewed is the business executed by the railway grassroots station team;
[0050] For sub-businesses and business account groups that are subject to review and whose review scope permissions match, perform review operations that match the review type permissions.
[0051] Ninthly, this application also provides a computer program product, including a computer program that, when executed by a processor, performs the following steps:
[0052] Obtain account attribute data for at least one candidate account to be reviewed and business attribute data for the business to be reviewed; account attribute data includes account permission level and account description data; the business to be reviewed is the business executed by the railway grassroots station team; business attribute data includes business processing constraints and business description data;
[0053] Candidate accounts whose account description data meets the business processing constraints are selected as target audit accounts;
[0054] Based on the business description data and the account permission levels of different target review accounts, different business review permissions are assigned to each target review account so that each target review account can conduct business review of the business to be reviewed according to the corresponding business review permissions.
[0055] In a tenth aspect, this application also provides a computer program product, including a computer program that, when executed by a processor, performs the following steps:
[0056] Receive business review permissions from the business reviewer for the business to be reviewed; business review permissions include review type permissions and review scope permissions; the business to be reviewed is the business executed by the railway grassroots station team;
[0057] For sub-businesses and business account groups that are subject to review and whose review scope permissions match, perform review operations that match the review type permissions.
[0058] The aforementioned railway grassroots station business review methods, devices, computer equipment, and media, by introducing a two-dimensional matching mechanism of account attribute data (including account permission levels and account description data) and business attribute data (including business processing constraints and business description data), achieve precise screening of review accounts and differentiated permission allocation. This effectively solves the problem of permission allocation being out of touch with actual needs caused by rapid business changes and lagging permission adjustments in traditional methods. This solution can dynamically match candidate accounts with corresponding descriptive characteristics based on the specific constraints and descriptions of the business to be reviewed, and assign appropriate review types and scopes to different accounts based on their permission levels. This significantly improves the precision of permission allocation and the flexibility of business response while ensuring the compliance and security of review operations, avoiding the risks of permission abuse or inadequacy, and improving the overall efficiency and data security of railway grassroots station business review.
[0059] Furthermore, by refining the received business review permissions into two dimensions—review type permissions and review scope permissions—precise positioning and differentiated execution of review operations are achieved, effectively solving the problems of ambiguous permission division and unclear operation boundaries in traditional review methods. This solution can automatically match the corresponding sub-businesses and business account groups in the business to be reviewed based on the review scope permissions, and perform corresponding review operations (such as review content generation, distribution, or result verification) in combination with the review type permissions. This ensures that review operations are strictly limited to the authorized scope, while significantly improving the automation and execution efficiency of the review process, avoiding the risks of unauthorized review or review omissions, and enhancing the standardization, controllability, and data security of business reviews at railway grassroots stations. Attached Figure Description
[0060] To more clearly illustrate the technical solutions in the embodiments or related technologies of this application, the accompanying drawings used in the description of the embodiments or related technologies will be briefly introduced below. Obviously, the accompanying drawings described below are only some embodiments of this application. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.
[0061] Figure 1 This embodiment provides an application environment diagram for a railway grassroots station team business review method.
[0062] Figure 2 This is a flowchart illustrating the first railway grassroots station team business review method provided in this embodiment;
[0063] Figure 3 This embodiment provides a flowchart illustrating the steps for allocating business review permissions.
[0064] Figure 4 This is a flowchart illustrating the second method for auditing business at railway grassroots stations and teams provided in this embodiment;
[0065] Figure 5 This is a structural block diagram of the first type of railway grassroots station team business review device provided in this embodiment;
[0066] Figure 6 This is a structural block diagram of the second type of railway grassroots station team business review device provided in this embodiment;
[0067] Figure 7 This is an internal structural diagram of a computer device provided in this embodiment. Detailed Implementation
[0068] To make the objectives, technical solutions, and advantages of this application clearer, the following detailed description is provided in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative and not intended to limit the scope of this application.
[0069] The railway grassroots station and team business review method provided in this application embodiment can be applied to, for example... Figure 1In the application environment shown, the permission distributor 100 communicates with the business reviewer 101 via a network. The permission distributor 100 obtains account attribute data of at least one candidate review account and business attribute data of the business to be reviewed. The account attribute data includes account permission level and account description data. The business to be reviewed is the business executed by railway grassroots stations. The business attribute data includes business processing constraints and business description data. Candidate review accounts whose account description data meets the business processing constraints are selected as target review accounts. Based on the business description data and the account permission levels of different target review accounts, different business review permissions are assigned to each target review account, so that each target review account can perform business review of the business to be reviewed according to the corresponding business review permissions. Both the permission distributor and the business reviewer can be computer devices, which can be terminals or servers; this embodiment does not limit this. Terminals can be, but are not limited to, various personal computers, laptops, smartphones, tablets, IoT devices, and portable wearable devices. IoT devices can be smart speakers, smart TVs, smart air conditioners, smart vehicle devices, etc. Portable wearable devices can be smartwatches, smart bracelets, head-mounted devices, etc. A server can be implemented using a standalone server or a server cluster consisting of multiple servers.
[0070] In this context, the permission distributor refers to the system, platform, or entity responsible for identifying, filtering, allocating, and managing review permissions. In the business review scenario at railway grassroots stations, the permission distributor is typically a system backend, management platform, or a management role with permission configuration capabilities. Its core responsibility is to assign appropriate review permissions to candidate review accounts based on business attributes and review account attributes.
[0071] In this context, the business reviewer refers to the system, platform, or entity that actually receives and executes the review task. After the permissions are assigned, the business reviewer performs the corresponding review operations on the specific sub-businesses or related account groups within the business to be reviewed, based on the obtained business review permissions; it is the execution end in the review process.
[0072] In one exemplary embodiment, such as Figure 2 As shown, a method for auditing business operations at railway grassroots stations and teams is provided, and this method is applied to... Figure 1 Taking the permission distributor in the example, the explanation includes the following steps S201 to S203. Wherein:
[0073] S201 Obtain account attribute data of at least one candidate account to be reviewed and business attribute data of the business to be reviewed.
[0074] Candidate review accounts refer to user accounts in the system that have the qualifications or potential to participate in business review. These accounts may come from different departments, positions, or roles, and the permission distributor will select qualified accounts from the candidate review accounts as target review accounts.
[0075] Account attribute data is a set of information describing the characteristics and basic permissions of candidate review accounts. Account attribute data includes account permission levels and account description data. Account permission levels refer to the account's rank or level within the organizational structure or permission system, determining the types of review operations it can perform (such as content generation, distribution, and result verification). Account description data refers to business characteristic information related to the account, such as department, job title, scope of responsibilities, and professional field, used to determine whether the account is suitable for a particular review task.
[0076] Among them, pending approval business refers to various business matters in the daily operation of railway grassroots stations that require review and confirmation, such as material procurement, project acceptance, expense reimbursement, and personnel allocation. Pending approval business is the object of review operations, and its attributes determine the basis for the allocation of review authority.
[0077] The business attribute data is a set of information describing the characteristics and requirements of the business to be reviewed. It includes business processing constraints and business description data. Business processing constraints refer to the conditions or limitations that a review account must meet when undertaking the business, such as being limited to specific departments, accounts with certain types of experience, or specific positions. Business description data provides a detailed description of the business content, including the business type, business steps, involved departments, involved positions, and key review points, used to match suitable review accounts and review scopes.
[0078] For example, in this embodiment, the method for obtaining account attribute data of at least one candidate review account can be through the reviewer management module. When the reviewer management module enters information, it includes the following steps: the user enters a username and password; the user's identity is verified, confirming that the user is a system administrator or authorized user; if verification is successful, the user enters the reviewer management interface; otherwise, an authentication failure message is displayed and the user exits; the user clicks the "Add Personnel" button, and the system pops up an information form for adding personnel; the user fills in the basic information of the reviewer, including name, gender, age, position, contact information, etc., and specifies whether the person is a part-time employee; the input information is format-checked to ensure the integrity and correctness of the information; if the check passes, the information is encrypted and stored in the database; otherwise, an error message is displayed and the user is asked to re-enter the information.
[0079] For example, in this embodiment, the reviewer management module can also include the following steps when editing and deleting information: Inputting query conditions, the system searches the database for matching reviewer records based on the conditions; the search structure is displayed to the user in a list format, supporting pagination and sorting functions; the user selects the record to be edited from the list and clicks the "Edit" button to enter the editing interface; after the user modifies the relevant information, the system performs format verification again; if the verification passes, the record in the database is updated; otherwise, an error message is displayed and the user is asked to re-enter the information; the user selects the record to be deleted from the list and clicks the "Delete" button; the system pops up a confirmation dialog box, requiring the user to confirm whether to delete; after the user confirms, the system deletes the record from the database and updates the displayed list.
[0080] For example, in this embodiment, the reviewer management module can also include the following steps when performing information queries and statistics: inputting query conditions, the system constructs a query statement based on the conditions; executing the query statement to retrieve reviewer records that meet the conditions from the database; displaying the query structure to the user in list form, supporting pagination and sorting functions; the user selects a statistical dimension; the system constructs a corresponding SQL aggregation query statement based on the statistical dimension; executing the query statement to obtain statistical results from the database; and displaying the statistical results to the user in chart or table form.
[0081] S202 selects candidate audit accounts whose account description data meets the business processing constraints as target audit accounts.
[0082] In some embodiments, for each candidate review account, the account description data of the candidate review account is used to determine whether the account description data meets the business processing constraints; if it does, the candidate review account is used as the target review account. If it does not meet the constraints, the candidate review account is not used as the target review account.
[0083] S203 assigns different business review permissions to each target review account based on the business description data and the account permission levels of different target review accounts, so that each target review account can conduct business review of the business to be reviewed according to the corresponding business review permissions.
[0084] Business review permissions refer to the set of operational permissions authorized to be executed by the business reviewer during the review process. Business review permissions include review type permissions and review scope permissions. Review type permissions refer to the type of review operation, including but not limited to: review content generation permissions: allowing the creation of review forms, review questions, or review standards; review content distribution permissions: allowing the sending of review content to relevant business account groups; and review result verification permissions: allowing the review, confirmation, or rejection of returned review results. Review scope permissions refer to the business scope and object scope covered by the review operation, including: review content permissions: allowing the review of which pending sub-businesses; and account management permissions: allowing the management or supervision of the review activities of which business account groups.
[0085] The aforementioned railway grassroots station business review method, by introducing a two-dimensional matching mechanism of account attribute data (including account permission levels and account description data) and business attribute data (including business processing constraints and business description data), achieves accurate screening of review accounts and differentiated permission allocation. This effectively solves the problem of permission allocation being out of sync with actual needs caused by rapid business changes and lagging permission adjustments in traditional methods. This solution can dynamically match candidate accounts with corresponding descriptive characteristics based on the specific constraints and descriptions of the business to be reviewed, and assign appropriate review types and scopes to different accounts based on their permission levels. This significantly improves the precision of permission allocation and the flexibility of business response while ensuring the compliance and security of review operations, avoiding the risks of permission abuse or inadequacy, and enhancing the overall efficiency and data security of railway grassroots station business review.
[0086] Figure 3 This is a flowchart illustrating the steps for assigning business review permissions in one embodiment. This embodiment refines the steps described in the previous embodiment, which assign different business review permissions to each target review account based on business description data and the account permission levels of different target review accounts. The steps include the following:
[0087] Based on the business description data, S301 assigns different review scope permissions to each target review account.
[0088] The scope of review permissions includes the authority to review content; the scope of review permissions also includes account management permissions.
[0089] In some embodiments, at least one sub-business to be reviewed is determined from the business description data; for each sub-business to be reviewed, review content permissions matching the sub-business to be reviewed are generated based on the sub-business description data corresponding to the sub-business to be reviewed in the business description data; and different review content permissions are assigned to different target review accounts.
[0090] Among them, "sub-business pending review" refers to the further subdivided units of a pending review business in terms of business process or business content. A pending review business typically consists of multiple pending review sub-businesses. For example, the "material procurement" business can be broken down into sub-businesses such as "procurement application review," "supplier qualification review," and "procurement price review." The pending review sub-businesses are the objects to be allocated in the "review content permission" within the review scope permissions, used to clarify which link or type of content the review account is specifically responsible for reviewing.
[0091] Sub-business description data refers to the set of information used to describe the characteristics and review requirements of the sub-business to be reviewed. Sub-business description data typically includes: sub-business type (e.g., application, acceptance, reimbursement); the department or position to which the sub-business belongs; the business process nodes involved in the sub-business; key review points or standards for the sub-business; and the qualification requirements for reviewers required for the sub-business. Sub-business description data is a crucial basis for the permission distributor to match "review content permissions" to review accounts, ensuring that the sub-business assigned to a review account matches its responsibilities and capabilities.
[0092] The scope of review content permissions refers to the specific business content that a business reviewer is authorized to review during the review process, i.e., specifying "what to review". Review content permissions are typically allocated on a per-sub-business basis. For example, a review account might only be authorized to review the "purchase price review" sub-business, but not the "supplier qualification review" sub-business. Review content permissions are a core component of "review scope permissions," used to achieve refined division and control of review content.
[0093] In some embodiments, for each sub-business to be reviewed, at least one candidate business account is determined based on the business description data; different candidate business accounts are grouped to obtain at least one business account group; for each business account group, account management permissions matching the business account group are generated based on the account group description data corresponding to the business account group; for a target review account that has been assigned review content permissions, the account management permissions of the target business account group are assigned to the target review account; wherein, the target business account group is the business account group under the sub-business to be reviewed corresponding to the review content permissions assigned to the target review account.
[0094] Candidate business accounts refer to specific business accounts that actually execute or participate in the sub-businesses to be reviewed within railway grassroots stations and teams. These accounts are typically business operators (such as purchasing agents, expense applicants, and project executors), not reviewers. Candidate business accounts are the "audited objects" of the review operation; their business actions, submitted data, or execution results need to be reviewed and verified by the reviewing accounts. The permission distributor will identify the relevant business accounts executing each sub-business to be reviewed based on the business description data, serving as the basis for subsequent grouping and management.
[0095] In this context, a business account group refers to a collection of accounts formed by grouping candidate business accounts. Grouping can be based on department, position, business type, project team, or other business-related dimensions. For example, all purchasing agent accounts can be grouped into the "Purchasing Group," and all project executor accounts into the "Project Group." Business account groups are the objects for allocating "account management permissions," clearly defining which account groups' business activities an auditing account has the authority to manage or audit, facilitating batch operations and hierarchical management.
[0096] Account management permissions refer to the scope of business accounts that a business reviewer is authorized to manage or supervise during the review process, thus clearly defining "who is being reviewed." Account management permissions are typically allocated in units of "business account groups." For example, if a review account is authorized to manage business accounts in the "purchasing group," it can distribute review content, collect results, and verify the review results for all business accounts within that group. Account management permissions are another important component of "review scope permissions," forming a complete review scope together with "review content permissions," achieving precise dual control over "what to review" and "who to review."
[0097] S302 assigns review type permissions to each target review account that match the corresponding account permission level.
[0098] In some embodiments, for each target review account, a review type permission matching the account permission level of the target review account is determined; and the review type permission is assigned to the target review account.
[0099] S303 determines the business review permissions assigned to the target review account based on the review scope permissions and review type permissions assigned to the target review account.
[0100] In some embodiments, business review permissions are generated based on the review scope permissions and review type permissions respectively assigned to the target review account; and these business review permissions are used as the business review permissions assigned to the target review account.
[0101] For example, in this embodiment, permission management can be performed through a permission control module. The permission control module includes an organizational structure building unit, a role permission allocation unit, and a permission verification execution unit. The organizational structure building unit is used to support the setting of departments, positions, and other nodes according to the actual organizational structure, clarifying responsibilities and business scope. The role permission allocation unit is used to define different roles and assign corresponding permissions to each role, while associating reviewers with specific roles to achieve automatic permission allocation. The permission verification execution unit is used to perform permission verification when a user attempts to access system resources or perform an operation, ensuring that the user can only operate within their authorized scope, preventing unauthorized access and leakage of sensitive information.
[0102] For example, in this embodiment, the permission control module, when constructing the organizational structure, includes: inputting the actual organizational structure information of the grassroots stations and teams; the system administrator logs in and enters the organizational structure management interface; constructing the organizational structure tree level by level using a recursive and iterative approach; verifying the validity of the node information for each node, adding the node to the organizational structure tree, and maintaining the parent-child node relationship; assigning responsibilities and business scope to each node; and outputting the constructed organizational structure tree, including departments, positions, their responsibilities, and business scope.
[0103] For example, in this embodiment, the permission control module, when assigning role permissions, includes: inputting a predefined set of roles, the permission requirements of each role, and the information of the reviewers; defining and storing the set of roles according to the needs of the review work, with each role having a unique identifier; assigning specific permissions to each role, where permissions are a combination of operation type and object; traversing the reviewer information and associating each reviewer with one or more roles; constructing a role-permission mapping table, which records the permissions possessed by each role; and outputting the role-permission mapping table and the association information between reviewers and roles.
[0104] For example, in this embodiment, when the permission control module performs permission verification, it includes: inputting the operation request of the reviewer and its current role information; parsing the operation request and extracting the request type and operation object; querying the role-permission mapping table according to the reviewer's current role information to obtain the set of permissions possessed by the role; comparing the operation request with the set of permissions to determine whether the operation is within the permission scope; if the operation is within the permission scope, it is allowed to be executed and the subsequent processing flow continues; if the operation is not within the permission scope, it is refused to be executed and an error message indicating insufficient permissions is returned; and outputting the operation execution result.
[0105] In the above embodiments, by decoupling the allocation process of business review permissions into two independent dimensions—review scope permissions and review type permissions—and matching differentiated review scopes to each target review account based on business description data, while assigning appropriate review types according to each account's own permission level, the scheme achieves refined and personalized permission allocation. This solution ensures that the permissions obtained by the review account cover both the business scope required by its responsibilities and are strictly limited to the operation types allowed by its job level. Thus, while meeting the diverse review needs in complex business scenarios, it effectively avoids problems such as overstepping permissions or mismatch between rights and responsibilities, significantly improving the scientific nature, flexibility, and security of permission allocation, and providing a reliable guarantee for the standardized operation of business review in railway grassroots stations.
[0106] In one exemplary embodiment, such as Figure 4As shown, a method for auditing business operations at railway grassroots stations and teams is provided, and this method is applied to... Figure 1 Taking the business applicant as an example, the process includes the following steps S401 to S402. Wherein:
[0107] S401 receives business review permissions for the business to be reviewed from the business reviewer.
[0108] The business review authority includes review type authority and review scope authority; the business to be reviewed is the business executed by railway grassroots stations and teams.
[0109] S402 performs audit operations that match the audit type permissions for the sub-businesses and business account groups to be audited in the audit business that match the audit scope permissions.
[0110] In some embodiments, when the review type permission is the review content generation permission, target review content is generated for the sub-businesses and business account groups to be reviewed, based on the sub-businesses and business account groups to be reviewed that match the review scope permission in the business to be reviewed; the target review content includes the account group identifier of the business account group; when the review type permission is the review content distribution permission, different target review contents are sent to the business account groups that match the corresponding account group identifiers, so that each business account group can fill in the target review content; when the review type permission is the review result verification permission, the review results sent by the business account groups to be reviewed are received based on the business account groups that match the review scope permission in the business to be reviewed, and the review results are verified based on the sub-businesses to be reviewed that match the review scope permission in the business to be reviewed; the review result is the result obtained by the business account groups in responding to the target review content.
[0111] In some embodiments, business review can be performed through a questionnaire management module. The questionnaire management module includes a questionnaire creation unit, a questionnaire sending unit, and a questionnaire analysis unit. The questionnaire creation unit provides a variety of questionnaire templates for users to choose from and supports the creation of new custom questionnaires. The questionnaire sending unit sends the completed questionnaires to designated recipients via email, SMS, or system notifications, and sets the questionnaire validity period and reminder methods to ensure timely collection of questionnaires. The questionnaire analysis unit automatically stores and statistically analyzes the collected questionnaire data.
[0112] In some embodiments, the questionnaire management module in this embodiment includes the following steps when creating a questionnaire: When the system starts, it loads all preset questionnaire templates into memory or database cache for quick access; when the user selects the desired template through the interface, the system retrieves the corresponding template from the template library according to the user's selection; when the user adds, deletes, or modifies questions, the system checks the legality of the question type and saves the question content; for multiple-choice questions, the user sets the option content and can choose whether to allow adding custom options; for questions that require scoring, the user sets the score for each option; after the user completes the editing, the system saves the modified template content to the database and updates the cache.
[0113] In some embodiments, the questionnaire management module in this embodiment includes the following steps when sending questionnaires: The user specifies the recipients of the questionnaire through the interface, which can be all reviewers, personnel from a specific department, or personnel in a specific position; the system parses these conditions and generates a target user list; the user selects a sending method and sets the corresponding sending parameters; the system prepares the sending content based on the target user list and the sending method; for emails and SMS messages, personalized sending content may need to be generated; for system notifications, the notification content is prepared directly; the questionnaire is sent to the target users according to the selected sending method; for emails and SMS messages, the system calls the corresponding sending service; for system notifications, a notification message is generated internally; the system records a sending log, including information such as sending time, recipients, sending method, and sending status.
[0114] In some embodiments, the questionnaire management module in this embodiment includes the following steps when performing questionnaire analysis: the system listens for and receives questionnaire data submitted by users; the received data is verified for legality to ensure that the data is complete and conforms to the questionnaire structure; after verification, the questionnaire data is saved to the database; all collected questionnaire data is retrieved from the database and summarized; statistical analysis is performed based on the questionnaire content by calculating the selection ratio, average score, and cross-analysis of each option; the statistical results are converted into visualizations such as charts and graphs; and a survey report is generated based on the analysis results, including a summary, detailed analysis, and charts.
[0115] In the above embodiments, by refining the received business review permissions into two dimensions—review type permissions and review scope permissions—precise positioning and differentiated execution of review operations are achieved, effectively solving the problems of ambiguous permission division and unclear operation boundaries in traditional review methods. This solution can automatically match the corresponding sub-businesses and business account groups in the business to be reviewed based on the review scope permissions, and perform corresponding review operations (such as review content generation, distribution, or result verification) in combination with the review type permissions. This ensures that the review operations are strictly limited to the authorized scope, while significantly improving the automation and execution efficiency of the review process, avoiding the risks of unauthorized review or review omissions, and enhancing the standardization, controllability, and data security of business reviews at railway grassroots stations.
[0116] It should be understood that although the steps in the flowcharts of the embodiments described above are shown sequentially according to the arrows, these steps are not necessarily executed in the order indicated by the arrows. Unless explicitly stated herein, there is no strict order restriction on the execution of these steps, and they can be executed in other orders. Moreover, at least some steps in the flowcharts of the embodiments described above may include multiple steps or multiple stages. These steps or stages are not necessarily completed at the same time, but can be executed at different times. The execution order of these steps or stages is not necessarily sequential, but can be performed alternately or in turn with other steps or at least some of the steps or stages of other steps.
[0117] Based on the same inventive concept, this application also provides a railway grassroots station team business review device for implementing the above-mentioned railway grassroots station team business review method. The solution provided by this device is similar to the implementation solution described in the above method. Therefore, the specific limitations of one or more railway grassroots station team business review device embodiments provided below can be found in the limitations of the railway grassroots station team business review method above, and will not be repeated here.
[0118] In one exemplary embodiment, such as Figure 5 As shown, a railway grassroots station team business review device is provided, including: an acquisition module 10, a selection module 11, and an allocation module 12, wherein:
[0119] The acquisition module 10 is used to acquire account attribute data of at least one candidate review account and business attribute data of the business to be reviewed; the account attribute data includes account permission level and account description data; the business to be reviewed is the business executed by the railway grassroots station team; the business attribute data includes business processing constraints and business description data.
[0120] Module 11 is used to select candidate audit accounts whose account description data meets the business processing constraints as target audit accounts;
[0121] The allocation module 12 is used to allocate different business review permissions to each target review account based on the business description data and the account permission level of different target review accounts, so that each target review account can conduct business review of the business to be reviewed according to the corresponding business review permissions.
[0122] In some embodiments, the allocation module 12 is further configured to allocate different review scope permissions to each target review account according to the business description data; and, for each target review account, allocate review type permissions that match the corresponding account permission level; and determine the business review permissions allocated to the target review account based on the review scope permissions and review type permissions allocated to the target review account respectively.
[0123] In some embodiments, the allocation module 12 is further configured to determine at least one sub-business to be reviewed among the businesses to be reviewed based on the business description data; for each sub-business to be reviewed, generate review content permissions matching the sub-business to be reviewed based on the sub-business description data corresponding to the sub-business to be reviewed in the business description data; and allocate different review content permissions to different target review accounts.
[0124] In some embodiments, the allocation module 12 is further configured to, for each sub-business to be reviewed, determine at least one candidate business account to execute the sub-business to be reviewed based on business description data; group different candidate business accounts to obtain at least one business account group; for each business account group, generate account management permissions matching the business account group based on the account group description data corresponding to the business account group; and allocate the account management permissions of the target business account group to the target review account that has been allocated review content permissions; wherein, the target business account group is the business account group under the sub-business to be reviewed corresponding to the review content permissions allocated to the target review account.
[0125] In one exemplary embodiment, such as Figure 6 As shown, a railway grassroots station team business verification device is provided, including: a receiving module 20 and a verification module 21, wherein:
[0126] Receiver module 20 is used to receive business review permissions sent by the business reviewer for the business to be reviewed; the business review permissions include review type permissions and review scope permissions; the business to be reviewed is the business executed by the railway grassroots station team;
[0127] The review module 21 is used to perform review operations that match the review type permissions for sub-businesses and business account groups that are to be reviewed and whose review scope permissions are matched.
[0128] In some embodiments, the review module 21 is further configured to: generate target review content for the sub-businesses and business account groups to be reviewed, based on the sub-businesses and business account groups to be reviewed that match the review scope permissions in the business to be reviewed; the target review content includes the account group identifier of the business account group; send different target review contents to the business account groups that match the corresponding account group identifiers when the review type permission is the review content distribution permission, so that each business account group can fill in the target review content; and receive the review results sent by the business account groups according to the business account groups that match the review scope permissions in the business to be reviewed, and perform a verification operation on the review results according to the sub-businesses to be reviewed that match the review scope permissions in the business to be reviewed; the review result is the result obtained by the business account groups in replying to the target review content.
[0129] Each module in the aforementioned railway grassroots station business review device can be implemented entirely or partially through software, hardware, or a combination thereof. These modules can be embedded in the processor of a computer device in hardware form or independent of it, or stored in the memory of a computer device in software form, so that the processor can call and execute the corresponding operations of each module.
[0130] In one exemplary embodiment, a computer device is provided, which may be a server, and its internal structure diagram may be as follows: Figure 7 As shown, this computer device includes a processor, memory, input / output (I / O) interfaces, and a communication interface. The processor, memory, and I / O interfaces are connected via a system bus, and the communication interface is also connected to the system bus via the I / O interfaces. The processor provides computational and control capabilities. The memory includes non-volatile storage media and internal memory. The non-volatile storage media stores the operating system, computer programs, and a database. The internal memory provides the environment for the operation of the operating system and computer programs stored in the non-volatile storage media. The database stores data. The I / O interfaces are used for exchanging information between the processor and external devices. The communication interface is used for communicating with external terminals via a network. When the computer program is executed by the processor, it implements a method for auditing business operations at railway grassroots stations.
[0131] Those skilled in the art will understand that Figure 7The structure shown is merely a block diagram of a portion of the structure related to the present application and does not constitute a limitation on the computer device to which the present application is applied. Specific computer devices may include more or fewer components than those shown in the figure, or combine certain components, or have different component arrangements.
[0132] In one embodiment, a computer device is also provided, including a memory and a processor, wherein the memory stores a computer program, and the processor executes the computer program to implement the steps in the above method embodiments.
[0133] In one embodiment, a computer-readable storage medium is provided having a computer program stored thereon that, when executed by a processor, implements the steps in the above method embodiments.
[0134] In one embodiment, a computer program product is provided, including a computer program that, when executed by a processor, implements the steps in the above method embodiments.
[0135] It should be noted that the user information (including but not limited to user device information, user personal information, etc.) and data (including but not limited to data used for analysis, data stored, data displayed, etc.) involved in this application are all information and data authorized by the user or fully authorized by all parties, and the collection, use and processing of the relevant data must comply with relevant regulations.
[0136] Those skilled in the art will understand that all or part of the processes in the above embodiments can be implemented by a computer program instructing related hardware. The computer program can be stored in a non-volatile computer-readable storage medium, and when executed, it can include the processes of the embodiments described above. Any references to memory, databases, or other media used in the embodiments provided in this application can include at least one of non-volatile and volatile memory. Non-volatile memory can include read-only memory (ROM), magnetic tape, floppy disk, flash memory, optical memory, high-density embedded non-volatile memory, resistive random access memory (ReRAM), magnetic random access memory (MRAM), ferroelectric random access memory (FRAM), phase change memory (PCM), graphene memory, etc. Volatile memory can include random access memory (RAM) or external cache memory, etc. By way of illustration and not limitation, RAM can take many forms, such as Static Random Access Memory (SRAM) or Dynamic Random Access Memory (DRAM). The databases involved in the embodiments provided in this application may include at least one type of relational database and non-relational database. Non-relational databases may include, but are not limited to, blockchain-based distributed databases. The processors involved in the embodiments provided in this application may be general-purpose processors, central processing units, graphics processing units, digital signal processors, programmable logic devices, quantum computing-based data processing logic devices, etc., and are not limited to these.
[0137] The technical features of the above embodiments can be combined in any way. For the sake of brevity, not all possible combinations of the technical features in the above embodiments are described. However, as long as there is no contradiction in the combination of these technical features, they should be considered to be within the scope of this specification.
[0138] The embodiments described above are merely illustrative of several implementation methods of this application, and while the descriptions are specific and detailed, they should not be construed as limiting the scope of this application. It should be noted that those skilled in the art can make various modifications and improvements without departing from the concept of this application, and these all fall within the protection scope of this application. Therefore, the protection scope of this application should be determined by the appended claims.
Claims
1. A method for auditing business operations at railway grassroots stations, characterized in that, Applied to a permission distributor, the method includes: Obtain account attribute data for at least one candidate account to be reviewed and business attribute data for the business to be reviewed; the account attribute data includes account permission level and account description data; the business to be reviewed is the business executed by a railway grassroots station team; the business attribute data includes business processing constraints and business description data; Candidate accounts whose account description data satisfies the business processing constraints are selected as target accounts for review. Based on the business description data and the account permission levels of different target review accounts, different business review permissions are assigned to each target review account so that each target review account can conduct business review of the business to be reviewed according to the corresponding business review permissions.
2. The method according to claim 1, characterized in that, The business review permissions include review type permissions and review scope permissions; based on the business description data and the account permission levels of different target review accounts, different business review permissions are assigned to each target review account, including: Based on the business description data, assign different review scope permissions to each target review account; and... For each target audit account, assign audit type permissions that match the corresponding account permission level to the target audit account; Based on the review scope permissions and review type permissions assigned to the target review account, the business review permissions assigned to the target review account are determined.
3. The method according to claim 2, characterized in that, The scope of review permissions includes content review permissions; the process of assigning different scope of review permissions to each target review account based on the business description data includes: Based on the business description data, at least one sub-business among the businesses to be reviewed is identified; For each sub-business to be reviewed, based on the sub-business description data corresponding to the sub-business to be reviewed in the business description data, a review content permission matching the sub-business to be reviewed is generated; Assign different content access permissions to accounts that are subject to different objectives.
4. The method according to claim 3, characterized in that, The review scope permissions also include account management permissions; the process of assigning different review scope permissions to each target review account based on the business description data includes: For each sub-business to be reviewed, at least one candidate business account is determined to execute the sub-business to be reviewed based on the business description data. Different candidate business accounts are grouped to obtain at least one business account group; For each business account group, account management permissions matching the business account group are generated based on the account group description data corresponding to the business account group. For the target review account that has been assigned content review permissions, assign the target business account group's account management permissions to the target review account; The target business account group refers to the business account group under the sub-business to be reviewed, corresponding to the review content permissions assigned to the target review account.
5. A method for auditing business operations at railway grassroots stations, characterized in that, Applied to business reviewers, the method includes: The system receives business review permissions for the pending business sent by the business reviewer; the business review permissions include review type permissions and review scope permissions; the pending business is a business performed by a railway grassroots station team. For the sub-businesses and business account groups in the pending business that match the approval scope permissions, perform approval operations that match the approval type permissions.
6. The method according to claim 5, characterized in that, The review type permissions include review content generation permissions, review content distribution permissions, and review result verification permissions; the step of performing review operations matching the review type permissions on the sub-businesses and business account groups to be reviewed that match the review scope permissions in the business to be reviewed includes: When the review type permission is the content generation permission, target review content is generated for the sub-business and business account group to be reviewed, based on the sub-business and business account group to be reviewed that match the review scope permission in the business to be reviewed; the target review content includes the account group identifier of the business account group. When the review type permission is the review content distribution permission, different target review content is sent to the business account group that matches the corresponding account group identifier, so that each business account group can fill in the target review content; When the review type permission is the review result verification permission, the review result sent by the business account group is received according to the business account group that matches the review scope permission in the business to be reviewed, and the review result is verified according to the sub-business to be reviewed that matches the review scope permission in the business to be reviewed; the review result is the result obtained by the business account group in replying to the target review content.
7. A business verification device for railway grassroots stations and teams, characterized in that, Applied to a permission distributor, the device includes: The acquisition module is used to acquire account attribute data of at least one candidate account for review and business attribute data of the business to be reviewed; the account attribute data includes account permission level and account description data; the business to be reviewed is the business executed by the railway grassroots station team; the business attribute data includes business processing constraints and business description data; The selection module is used to select candidate audit accounts whose account description data meets the business processing constraints as target audit accounts. The allocation module is used to allocate different business review permissions to each target review account based on the business description data and the account permission levels of different target review accounts, so that each target review account can conduct business review of the business to be reviewed according to the corresponding business review permissions.
8. A business verification device for railway grassroots stations and teams, characterized in that, The device, used by a business reviewer, includes: The receiving module is used to receive business review permissions for the business to be reviewed sent by the business reviewer; the business review permissions include review type permissions and review scope permissions; the business to be reviewed is the business performed by a railway grassroots station team; The review module is used to perform review operations on the sub-businesses and business account groups that match the review scope permissions within the business to be reviewed, in accordance with the review type permissions.
9. A computer device comprising a memory and a processor, wherein the memory stores a computer program, characterized in that, When the processor executes the computer program, it implements the steps of the method according to any one of claims 1 to 6.
10. A computer-readable storage medium having a computer program stored thereon, characterized in that, When the computer program is executed by a processor, it implements the steps of the method according to any one of claims 1 to 6.