OA19376A - Method for authorizing operation permissions of form field values. - Google Patents

Method for authorizing operation permissions of form field values. Download PDF

Info

Publication number
OA19376A
OA19376A OA1201900514 OA19376A OA 19376 A OA19376 A OA 19376A OA 1201900514 OA1201900514 OA 1201900514 OA 19376 A OA19376 A OA 19376A
Authority
OA
OAPI
Prior art keywords
rôle
field values
permissions
grantee
authorizing
Prior art date
Application number
OA1201900514
Inventor
Dazhi Chen
Original Assignee
Chengdu Qianniucao Information Technology Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu Qianniucao Information Technology Co., Ltd. filed Critical Chengdu Qianniucao Information Technology Co., Ltd.
Publication of OA19376A publication Critical patent/OA19376A/en

Links

Abstract

A method for authorizing operation permissions of form-field values is disclosed in the present invention, including a step of authorizing operation permissions of form-field values and a step of selecting a grantee; the step of authorizing operation permissions of form-field values includes: SI: selecting a form to be authorized, and displaying fields in the form that need operation permission control; and S2: authorizing the operation permissions to each value of the fields respectively, where the grantee is one or more roles, the role is an independent individual rather than a group or class, one role can only be related to a unique user during the same period, and one user is related to one or more roles. The present invention can achieve respective authorization for the operation permissions of form-field values, and improves the fineness of system management. In this method, multiple authorized roles can be selected at the same time to batch authorization, thus improving the authorization efficiency. In addition, this method supports template authorization. Two methods are combined, so that the authorization efficiency of operation permissions of form-field values in a system is greatly improved.

Description

[0021] The method for authorizing operation permissions of form-field values further includes a template authorization step that specifically includes: (1) selecting an grantee and an authorized form, where one or more rôles are selected as the grantee; (2) authorizing the grantee: selecting an existing rôle or a created template as an authorization template, and giving the operation permissions of form-field values in the authorization template to the grantee; and (3) obtaining the operation permissions of form-field values of the grantee after the operation permissions are saved with or without modification.
[0022] A method for authorizing operation permissions of form-field values includes a step of authorizing operation permissions of form-field values and a step of selecting a grantee, wherein there is no sequence relation between the step of authorizing operation permissions of form-field values and the step of selecting a grantee; the step of authorizing operation permissions of form-field values includes the following steps: SI: selecting a form to be authorized; S2: selecting an operation permission to be authorized; and S3 : setting a field in a form that has the selected operation permission, so that the set field has the selected operation permission (that is, having a corresponding operation permission of a field value of the field); said grantee is one or more rôles, said rôle is an independent individual rather than a group or class, one rôle can only be related to a unique user during the same period, and one user is related to one or more rôles.
Bénéficiai Effects of the Invention
Bénéficiai Effects
[0023] The présent invention has the following bénéficiai effects: 1) The présent invention can achieve respective authorization for the operation permissions of form-field values, thus improving the fineness of System management. The operation permissions include a viewing permission and a modification permission, which is especially suitable for the case that it needs to authorize the field values of form fields respectively. For example, in an order form, a certain system rôle is allowed to view order number , customer name, customer address, industry of the customer, product model, product quantity, and product unit price, but is not allowed to view the content (that is, field values) of sensitive fields such as phone number and contact. Through this method, respective authorization can be achieved rapidly. For another example, a system rôle is allowed to view the content of product unit price field but is not allowed to modify the content of the product unit price field, and this method can also achieve the permission setting rapidly.
[0024] 2) When there is one and only grantee selected and a form to be authorized is selected, an operator who authorizes the operation permissions of field values of the form to the grantee recently and an operation time are displayed. Displaying the recent operator helps track accountability when an error occurs in authorizing the permissions of form-field values, and displaying the recent operation time helps détermine intuitively whether the form-field value needs to be re-authorized.
[0025] For example, Li Si completed the last operation of authorizing the operation permissions of field values of a contract form to a grantee Zhang San at 11:00 on May 21, 2015. When Zhang San is selected as the grantee and the contract is selected as a form to be authorized, it is displayed for the current authorization operator that the last contract form authorization was performed by Li Si at 11:00 on May 21, 2015 for Zhang San.
[0026] If Zhang San should not hâve the permission to view the content of a confïdential field, but obtained the permission to view the content of the confïdential field in the last authorization to Zhang San, those responsible can be found by searching for the last authorization operator in a subséquent accountability tracking process.
[0027] For another example, an operator needs to authorize field values of a contract form to 100 grantees; however, the operator only finished authorizing to 70 grantees on that day. When the operator continued to authorize on the next day, the operator may view the last authorization time of each grantee to détermine whether the grantee needs to be authorized. Alternatively, according to a time interval of authorization, ail grantees that are authorized in a specified time interval can be found. By viewing the last time that a grantee was authorized, it can be known how long the grantee's permissions hâve remained unchanged, which helps détermine intuitively whether to re-authorize the grantee.
[0028] 3) In this method, multiple authorized rôles can be selected at the same time to batch authorization, thus improving the authorization efficiency. In addition, this method supports template authorization, that is, selecting an existing rôle or a created template as an authorization template, and directly giving the (updating) operation permissions of form-field values in the authorization template to the grantee ( saved after simple modification). The authorization operation is simple and efficient. Two methods are combined, so that the authorization efficiency of operation permissions of form-field values in a system is greatly improved.
[0029] 4) In the présent application, the rôle is in one-to-one relation to the user.
One rôle can only be related to a unique user during the same period, and one user is related to one or more rôles. The advantage thereof is that the permissions can be obtained as long as the user is related to the rôle (that is, the user obtains the permissions of its related rôle), and changes in the role's permissions are much fewer than the changes in the user's permissions in a conventional mechanism. As there are few changes in the quantity of rôles having the nature of an independent individual (the nature of a post number or a work station number ), despite large turnover of employée, few changes occur in the post number/work station number (even there is no change within a certain period, that is, the rôle does not change). This greatly simplifies user's permission management and reduces system overheads.
[0030] 5) The operations such as dynamic management, recruitment, and transfer are simple, convenient, efficient and highly reliable. The application of recruitment or résignation or transfer in the permission management is simple. When an employée or a user has changed, it is unnecessary to reset permissions. It is only necessary for a user to cancel the relation or be related to the rôle. For the user who is no longer in the rôle, the relation to the rôle is canceled; and the user who takes over the rôle is related to the rôle of the post number. The user related to the rôle automatically obtains the related tasks and the operation permissions of that rôle, without re-authorizing the rôle, thus greatly improving the efficiency, security, and reliability of the system setting.
[0031] For example, because user Zhang San is transferred or resigns from a post, Zhang San no longer works as a rôle of purchaser 3, and Zhang San then cancels the 5 relation to purchaser 3. Meanwhile, Li Si takes over the work as the rôle of purchaser 3, and it only needs to relate Li Si to the rôle, so Li Si automatically obtains the operation permissions of form-field values of the rôle purchaser 3.
[0032] 6) The conventional permission management mechanism defines the rôle as the nature of a group, a type of work, a class or the like. The rôle is in a one-to-many 10 relation to the user. In the actual process of using a system, the user's permissions often need to be adjusted during the operation process. For example, in processing of the change in an employee's permissions, when the permissions of an employée related to the rôle hâve changed, it is improper to change the permissions of the entire rôle due to the change of the permissions of the individual employée, because this rôle is also related to other employées 15 whose permissions remain unchanged. To deal with this situation, either a new rôle is created to fit the employée whose permissions hâve changed, or permissions are directly authorized to the employée (disengaged from the rôle) based on permission requirements. The above two processing methods not only take a long time but also cause mistakes easily for the rôle authorization in the case of a large number of rôle permissions. It is 20 cumbersome for a user to operate, and errors occur easily, resulting in loss to the system user.
[0033] However, under the method of the present application, as the rôle is an independent individual, the object can be achieved by changing the role's permissions. Although the method in the present application seems to increase the workload during 25 system initialization, by means of copying or the like, the rôle can be created or authorized more efficientiy than the conventional rôles having the nature of a group/a class. As it is unnecessary to consider the commonality of the rôles having the nature of a group/a class when satisfying the related users, the solutions in the present application make the permission setting clear and explicit. Especially after the system has been used for a period of time (after the permissions of the user/role hâve changed dynamically), the solutions in the présent application can significantly improve the efficiency of permission management for the system user in using the system, make the dynamic authorization simpler, more convenient, clearer and more explicit, and improve the efficiency and reliability of the permission setting.
[0034] 7) The conventional rôle authorization method with the nature of a group/class is prone to errors. The method provided in the présent application significantly reduces the probability of authorization errors, because the method of the présent application only needs to consider the rôle as an independent individual, without considering the commonality of multiple users related to the rôle having the nature of a group under the conventional method. Even if the authorization errors occur, only the user related to the rôle is affected. However, in the case of the conventional rôle of the group nature, ail users related to the rôle are affected. Even if the authorization errors occur, the correction method in the présent application is simple and takes a short time, while in the case of the conventional rôle having the nature of a group, the commonality of the permissions of ail users related to the rôle needs to be considered during the error correction. The modification is cumbersome, complex, and error-prone when the rôle has many function points, and in many cases, the problem cannot be solved unless a new rôle is created.
[0035] 8) In the conventional group-based rôle authorization method, if the rôle has many permission function points, as time goes by, it is difficult to remember spécifie permissions of the rôle, and it is even more difficult to remember the permission différences between rôles with similar permissions. If a new user needs to be related, it cannot be accurately determined how to select a relation. In the method of the présent application, the rôle itself has the nature of a post number or work station number, such that the sélection can be made easily.
[0036] 9) When a user is transferred from a post, if many permissions of the transferred user need to be assigned to other users, in processing, distinguishing the permissions of the transferred user and creating rôles to relate to other users respectively are necessary. The operations are complicated, time-consuming, and prone to errors.
[0037] The method in the présent application is as follows: The transferred user is related to several rôles. When the user is transferred, the relation between the user and the rôles in the original department is first canceled (the canceled rôles may be re-related to other users), and then the user is related to a rôle in a new department. The operation is simple and not error-prone.
BRIEF DESCRIPTION OF THE DRAWINGS
DESCRIPTION OF THE DRAWINGS
[0038] FIG. 1 is a schematic diagram in which a system directly authorizes a user in the prior art;
[0039] FIG. 2 is a schematic diagram in which a system authorizes a rôle having the nature of a group or class in the prior art;
[0040] FIG. 3 is a schematic diagram in which a system both directly authorizes a user and a rôle having the nature of a group or class in the prior art;
[0041] FIG. 4 is a schematic diagram in which a system authorizes a user through a rôle having the nature of an independent individual according to the présent invention;
[0042] FIG. 5 is a schematic diagram when there is one selected grantee and a form is selected according to the présent invention;
[0043] FIG. 6 is a schematic diagram when there are multiple selected grantees and a form is selected according to the présent invention;
[0044] FIG. 7 is a schematic diagram when a grantee is authorized by using an authorization template according to the présent invention; and
[0045] FIG. 8 is a schematic diagram of an order form according to an embodiment of the présent invention.
DETAILED DESCRIPTION
Description of Embodiments
[0046] The technical solutions of the présent invention will be further described in detail below with reference to the figures, but the protection scope of the présent invention is not limited to the following descriptions.
[0047] [Embodiment 1] In this embodiment, the fields that need operation permission control are set first, and then the corresponding operation permissions are set.
[0048] A method for authorizing operation permissions of form-field values includes a step of authorizing operation permissions of form-field values and a step of selecting a grantee, wherein there is no sequence relation between the step of authorizing operation permissions of form-field values and the step of selecting a grantee; the step of authorizing operation permissions of form-field values includes the following steps: SI: selecting a form to be authorized, and displaying fields in the form that need operation permission control; and S2: authorizing the operation permissions to each value of the fields respectively (the fields that need operation permission control displayed in SI are authorized, and it is considered by default that a field value of a field which is not displayed in SI and does not need permission control has a viewing and/or modification permission), where the operation permission includes one of or both a viewing permission and a modification permission.
[0049] After the setting is completed, the grantee's permission to view or modify content (the field value) of each field in the form can be determined.
[0050] The présent invention can achieve respective authorization for the operation permissions of form-field values, thus improving the fineness of system management. The operation permissions include a viewing permission and a modification permission, which is especially suitable for the case that it needs to authorize the field values of form-fields respectively. For example, in an order form, a system rôle clerk 1 (Zhang San) is allowed to view order number, customer name, customer address, industry of the customer, product model, product quantity, and product unit price, but is not allowed to view the content (that is, field values) of sensitive fields such as phone number and contact. Through this method, respective authorization can be achieved rapidly. For another example, the clerk 1 (Zhang San) is allowed to view the content of the product unit price field but is not allowed to modify the content of the product unit price field, and this method can also achieve the permission setting rapidly. A setting effect figure is as shown in FIG. 5.
[0051] In this embodiment, as shown in FIG. 4, the grantee is one or more rôles, the rôle is an independent individual rather than a group or class, one rôle can only be related to a unique user during the same period, and one user is related to one or more rôles. The rôle belongs to a department, the rôle is unique under the department, the rôle is authorized according to the work content of the rôle, and the user obtains permissions through the related rôle. The name of the rôle is unique under the department, and the number of the rôle is unique in a system. During cross-department transfer of the user, the user's relation to the rôle in the original department is first canceled, and then the user is related to a rôle in a new department.
[0052] In the following, the advantages of the method for authorizing operation permissions of field values to user through a rôle having the nature of an independent individual are analyzed: The user détermines (obtains) permissions through its relation to the rôle. If the permissions of the user need to be modified, the permissions owned by the rôle are adjusted to achieve the object of changing the permissions of the user related to the rôle. Once the user is related to the rôle, the user owns ail the operation permissions of the rôle.
[0053] A rôle is in a one-to-one relation to a user (when the rôle is related to one user, other users can no longer be related to that rôle; and if the rôle is not related to the user, the rôle can be selected to be related to other users; that is, in the same period, one rôle can only be related to one user). A user is in a one-to-many relation to rôles (one user can be related to multiple rôles at the same time).
[0054] Définition of a rôle: A rôle doesn't hâve the nature of a group/class/category/post/position/a type of work or the like, but is of a non-collective nature. The rôle is unique and is an independent individual. Applied in an enterprise or an institution, the rôle is équivalent to a post number (the post number herein is not a post, and one post may hâve multiple employées at the same time, but one post number can only correspond to one employée during the same period).
[0055] For example, in a company system, the following rôles may be created: a general manager, a deputy general manager 1, a deputy general manager 2, a manager of Beijing sales department I, a manager of Beijing sales department II, a manager of Beijing sales department III, a Shanghai sales engineer 1, a Shanghai sales engineer 2, a Shanghai sales engineer 3, a Shanghai sales engineer 4, a Shanghai sales engineer 5, and so on. The relation between users and rôles is as follows: if Zhang San, the company's employée, serves as a deputy general manager 2 of the company and also serves as a manager of Beijing sales department I, rôles to which Zhang San needs to be related are the deputy general manager 2 and the manager of Beijing sales department I, and Zhang San owns the permissions of the two rôles.
[0056] The concept of conventional rôles has the nature of a group/a class/a post/a position/a type of work, and one rôle can correspond to multiple users. However, in the présent application, the concept of rôle is équivalent to a post number/work station number, and is also similar to the rôle in a film and a télévision drama: one rôle in the same period (in childhood, juvénile, middle-age...) can be played by only one actor or actress at the same time, but one actor or actress may play multiple rôles.
[0057] After the rôle is created, a user may be related to the rôle in the process of creating the user, or may be related to the rôle at any time after the user is created. After the user is related to the rôle, the user can be released from the relation to the rôle at any time, and the relation between the user and another rôle may be created at any time.
[0058] The rôle is composed of: a post name + a post number, for example, a workshop worker 1, a workshop worker 2, a workshop worker 3, and so on. The rôle is an independent individual, and is équivalent to a concept of a post number or a work station number, but different from the rôle in a conventional permission management system. The concept of the rôle in the conventional permission management system has the nature of a group or class such as a post, a position, a type of work or the like.
[0059] The following example shows the relationship among an employée, a user, and a rôle after Zhang San, an employée, enters a company as follows: 1. Recruiting: after the employée is recruited, the rôle of the corresponding post number or work station number is directly selected for the user (employée) to be related. For example, when Zhang San has joined the company (the company has assigned a user for Zhang San) and works at 5 the sales department I to be responsible for sales of refrigerator products in Beijing area (the corresponding rôle is sales engineer 5 under the sales department I), then the user Zhang San directly selects and is related to the rôle sales engineer 5.
[0060] 2. Adding position: After Zhang San has worked for a period of time, the company further arranges Zhang San to be responsible for sales of TV products in Beijing 10 area (the corresponding rôle is sales engineer 8 under the sales department I) and to serve as a supervisor of an after-sales department (the corresponding rôle is after-sales department supervisor 1). Therefore, two rôles, that is, sales engineer 8 under the sales department I and after-sales department supervisor 1 under the after-sales department, are additionally related to the user Zhang San. In this case, the employée Zhang San is related 15 to three rôles: sales engineer 5 and sales engineer 8 under the sales department I, and after-sales department supervisor 1 under the after-sales department. Therefore, the user Zhang San owns the permissions of the three rôles.
[0061] 3. Reducing position: After a while, the company has decided to let Zhang
San serve as an after-sales department manager (corresponding to a rôle after-sales 20 manager under the after-sales department) without taking up other positions any more. Therefore, the user Zhang San is related to the rôle after-sales department manager under the after-sales department, and is released from the relation to the previous three rôles (sales engineer 5 and sales engineer 8 under the sales department I, and after-sales department supervisor 1 under the sales department). In this case, the user Zhang San 25 owns only the permissions of the rôle after-sales department manager under the after-sales department.
[0062] 4. Adjusting permissions of a rôle (adjusting the permissions of the rôle itself): if the company has decided to add permissions to the after-sales department manager, the permissions only need to be added to the rôle of the after-sales department manager. With the increase in the permissions of the rôle of the after-sales department manager, the permissions of the user Zhang San are also increased.
[0063] 5. Résignation: After one year, Zhang San resigns. It is only necessary to cancel the relation between the user Zhang San and the rôle after-sales department manager under the after-sales department.
[0064] For example, during the dynamic operation of the company, recruiting and resigning of staff often occur continuously, but post numbers or work station numbers seldom change (or even remain unchanged within a period of time).
[0065] Conventional authorization method: In the case of a large quantity of System function points, authorizing the conventional rôles that hâve the nature of a group or class involves a large and cumbersome workload and is very error-prone, and errors are not easily détectable in a short time and tend to cause loss to a system user.
[0066] Authorization method of the présent application: in the présent application, the authorization is made to the rôle having the nature of a post number or work station number in nature is authorized, and the user is related to the rôle to détermine (obtain) permissions. Therefore, the permissions of the user are controlled by only a simple user-role relation. Controlling the permissions is simple, easily opérable, clear, and explicit, thereby significantly improving the efficiency and reliability of authorization.
[0067] [Embodiment 2] In this embodiment, one or more grantees may be selected, and only one form to be authorized can be selected. There is one and only grantee selected, and when a form to be authorized is selected, an operator and operation time that field values of the form are authorized to the grantee recently are displayed.
[0068] As shown in FIG. 5, when one grantee is selected and a form to be authorized is selected, an operator and operation time that field-value operation permissions of the form are authorized recently are displayed. A current state of the grantee's operation permissions for field values in the form is also displayed, and the current State is modified and saved to obtain new field-value operation permissions.
[0069] As shown in FIG. 6, when multiple grantees are selected and a form to be authorized is selected, the operator and the operation time that field-value operation permissions ofthe form are authorized recently are displayed as empty, and the state of the selected grantee's operation permissions for the field values in the form cannot be displayed either.
[0070] Displaying the recent operator helps track the accountability when an error occurs in authorizing permissions of form-field values, and displaying the recent operation time helps to détermine intuitively whether the re-authorization of form-field value needs to be performed.
[0071] For example, Li Si completed the last operation of authorizing operation permissions of field values of a contract form to a grantee Zhang San at 11.00 on May 21, 2015. When Zhang San is selected as the grantee and a contract is selected as a form to be authorized, it is displayed for the current authorization operator that the last contract form authorization is performed by Li Si at 11:00 on May 21, 2015 for Zhang San.
[0072] If Zhang San should not hâve the permission to view the content of a confïdential field, but the last authorization to Zhang San makes him own the permission to view the content of the confïdential field, those responsible can be found by searching for the last authorization operator in a subséquent accountability tracking process.
[0073] For another example, an operator needs to perform authorization of field values of a contract form to 100 grantees; however, the operator only finished authorizing to 70 grantees on that day. When the operator continued to authorize on the next day, the operator may view the last authorization time of each grantee to détermine whether the grantee needs to be authorized. Alternatively, according to a time interval of authorization, ail grantees that are authorized in a specified time interval can be found. By viewing the last time that and a grantee was authorized, it can be known how long the grantee's permissions hâve remained unchanged, which helps détermine intuitively whether to re-authorize the grantee.
[0074] [Embodiment 3] In this embodiment, display modes of a field value that does not hâve the viewing permission include: (1) displaying a field corresponding to the field value, but hiding the field value by using a hiding symbol, where as shown in FIG. 8, fields phone number and contact are displayed but the content of the fields are hidden with the symbol *; (2) displaying neither the field value nor the field corresponding to the field value.
[0075] Field values with and without the modification permission also need to be differentiated during display. For example, a field value without the modification permission is displayed as gray shading, as shown in FIG. 8.
[0076] Specifically, one form includes basic fields and detail fields. The detail fields are column names on a detail list in the form. For example, in an order form, basic fields include order number, customer name, customer address, phone number, contact, industry of the client, and so on; detail fields include product model, product quantity, product unit price, and so on.
[0077] Preferably, when an operator authorizes operation permissions of form-field values, the basic fields and detail fields can be differentiated during display, so as to be distinguished by the operator during authorization. As shown in FIG. 5 to FIG. 7, the basic fields: order number, customer name, customer address, phone number, contact, and industry of the client, may be displayed in a normal font, and the detail fields: product model, product quantity, and product unit price are displayed in italics type.
[0078] [Embodiment 4] In this embodiment, the method for authorizing operation permissions of form-field values further includes a template authorization step that specifically includes: (1) selecting a grantee and a form to be authorized, where one or more rôles are selected as the grantee; (2) authorizing the grantee: selecting an existing rôle or a created template as an authorization template, and giving the operation permissions of form-field values in the authorization template to the grantee; and (3) obtaining the operation permissions of form-field values of the grantee after the operation permissions are saved with or without modification.
[0079] As shown in FIG. 7, in the template authorization method, a grantee, clerk 1 (Zhang San), is selected first, a form order form to be authorized is selected, a created template l is selected as an authorization template, the operation permissions of form-field values in the created template 1 are used as the field-value operation permissions of the clerk 1 (Zhang San), and the operation permissions of form-field values of the clerk 1 (Zhang San) are obtained after the operation permissions of form-field values in the created template 1 are saved with or without modification.
[0080] In this method, multiple authorized rôles can be selected at the same time to batch authorization, thus improving the authorization efficiency. In addition, this method supports template authorization, that is, selecting an existing rôle or a created template as an authorization template, and directly assigning (updating) the operation permissions of form-field values in the authorization template to the grantee (saved after simple modification). The authorization operation is simple and efficient. Two methods are combined, so that the authorization efficiency of operation permissions of form-field values in a system is greatly improved.
[0081] [Embodiment 5] In this embodiment, an operation permission is selected first, and then a field having the operation permission is set.
[0082] A method for authorizing operation permissions of form-field values includes a step of authorizing operation permissions of form-field values and a step of selecting a grantee, wherein there is no sequence relation between the step of authorizing operation permissions of form-field values and the step of selecting a grantee. The step of authorizing operation permissions of form-field values includes the following steps: SI: selecting a form to be authorized; S2: selecting an operation permission to be authorized; and S3 : setting a field in a form that has the selected operation permission, so that the set field has the selected operation permission (that is, having the corresponding operation permission for a field value of the field); the grantee is one or more rôles, the rôle is an independent individual rather than a group or class, one rôle can only be related to a unique user during the same period, and one user is related to one or more rôles.
[0083] The above is only a preferred embodiment of the présent invention, and it should be understood that the présent invention is not limited to the forms disclosed herein, and is not to be construed as being limited to the other embodiments, but may be used in various other combinations, modifications and environments. Modification can be made by the techniques or knowledge of the above teachings or related art within the scope of the teachings herein. Ail changes and modifications made by those skilled in the art without departing from the spirit and scope of the présent invention are intended to be within the 5 protection scope of the appended claims.

Claims (5)

  1. (1) selecting a grantee and an authorized form, selecting one or more rôles as the grantee;
    (1 ) displaying a field corresponding to the field value, but hiding the field value by using a hiding symbol; and (2 ) displaying neither the field value nor the field corresponding to the field value.
    1. A method for authorizing operation permissions of form-field values, comprising a step of authorizing operation permissions of form-field values and a step of selecting a grantee, wherein there is no sequence relation between the step of authorizing operation permissions of form-field values and the step of selecting a grantee;
    the step of authorizing operation permissions of form-field values comprises the following steps:
    SI: selecting a form to be authorized, and displaying fields in the form that need operation permission control; and
    S2: authorizing the operation permissions to each value of the fields respectively;
    said grantee is one or more rôles, the rôle is an independent individual rather than a group or class, one rôle can only be related to a unique user during the same period, and one user is related to one or more rôles.
  2. (2) authorizing the grantee: selecting an existing rôle or a created template as an authorization template, and giving the operation permissions of form-field values in the authorization template to the grantee; and (3) obtaining the operation permissions of form-field values of the grantee after the operation permissions are saved with or without modification.
    9. A method for authorizing operation permissions of form-field values, comprising a step of authorizing operation permissions of form-field values and a step of selecting a grantee, wherein there is no sequence relation between the step of authorizing operation permissions of form-field values and the step of selecting a grantee;
    the step of authorizing operation permissions of form-field values comprises the following steps:
    S1 : selecting a form to be authorized;
    S2: selecting an operation permission to be authorized; and
    S3: setting a field in a form that has the selected operation permission, so that the set field has the selected operation permission;
    2. The method for authorizing operation permissions of form-field values according to claim 1, wherein said operation permission comprises one of or both a viewing permission and a modification permission.
  3. 3. The method for authorizing operation permissions of form-field values according to claim 2, wherein display modes of a field value that does not hâve the viewing permission comprise:
  4. 4. The method for authorizing operation permissions of form-field values according to claim 1, wherein there is one and only grantee selected, and when a form to be authorized is selected, an operator who authorizes field values of the form to the grantee recently and an operation time are displayed.
    5. The method for authorizing operation permissions of form-field values according to claim 1, wherein said rôle belongs to a department, the rôle is unique under the department, the rôle is authorized according to the work content of the rôle, and a user obtains permissions through the related rôle.
    6. The method for authorizing operation permissions of form-field values according to claim 5, wherein the name of said rôle is unique under the department, and the number of the rôle is unique in a System.
    7. The method for authorizing operation permissions of form-field values according to claim 5 or 6, wherein while a user is transferred cross department, the user's relation to the rôle in the original department is canceled, and then the user is related to a rôle in a new department.
    8. The method for authorizing operation permissions of form-field values according to claim 1, wherein further comprising a template authorization step that specifically comprises:
  5. 5 said grantee is one or more rôles, said rôle is an independent individual rather than a group or class, one rôle can only be related to a unique user during the same period, and one user is related to one or more rôles.
OA1201900514 2017-07-05 2018-06-28 Method for authorizing operation permissions of form field values. OA19376A (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710543859.0 2017-07-05

Publications (1)

Publication Number Publication Date
OA19376A true OA19376A (en) 2020-07-31

Family

ID=

Similar Documents

Publication Publication Date Title
US11507651B2 (en) Method for authorizing operation permissions of form-field values
CN109214150B (en) Form operation authority authorization method based on role
US11475142B2 (en) Method for authorizing operation permission of a statistical list
US20200184091A1 (en) Method for granting form operation authority respectively according to form field values
US11507679B2 (en) Authorization method for form related information
CN109032459B (en) Form data operation authority authorization method
US11750616B2 (en) Method for authorizing approval processes and approval nodes thereof for user
US11775687B2 (en) Method for authorizing field value of form field by means of third party field
CN109086418B (en) The method of separately authorizing the operation authority of the statistical list based on the column value
US20200219063A1 (en) Form authority granting method based on time property fields of form
OA19376A (en) Method for authorizing operation permissions of form field values.
OA19402A (en) Column value-based separate authorization method for statistical list operations.
OA19403A (en) Statistical list operation permission authorization method.
OA19305A (en) Permission granting method and system based on one-to-one correspondence between roles and users
EA044529B1 (en) METHOD OF GRANTING RIGHTS TO PERFORM OPERATIONS WITH FORM FIELD VALUE