1. A method for controlling network software permission, the method comprising:

creating an authority list of the network software, and setting corresponding operation buttons in the authority list;

creating a plurality of administrator user roles, and distributing the authority in the authority list to different administrator user roles;

creating a plurality of accounts, and binding an administrator user role for each account in the plurality of accounts to obtain a plurality of administrator accounts bound with the administrator user role;

and creating a corresponding user system according to the organization architecture of the organization managed by each administrator account and distributing corresponding authority to the users in the user system.

2. The method of claim 1, wherein creating the list of permissions for the network software comprises:

adding the background function of the network software into a background permission list;

and adding the foreground function of the network software into a foreground authority list.

3. The method of claim 1, wherein creating a plurality of administrator user roles and assigning permissions in the permission list to different administrator user roles comprises:

creating a plurality of different levels of administrator user roles;

and distributing a plurality of authorities corresponding to the levels of the administrator user roles in the authority list to different administrator user roles according to the different levels of the administrator user roles.

4. The method according to claim 1, wherein creating, by each administrator account, a corresponding user hierarchy according to an organization architecture of an organization managed by each administrator account, and assigning corresponding permissions to users in the user hierarchy, comprises:

acquiring an organization architecture corresponding to each administrator account;

creating a plurality of user accounts according to the organization architecture;

and allocating corresponding authority to each user account in the plurality of user accounts.

5. The method of claim 4, wherein assigning a corresponding permission to each of the plurality of user accounts comprises:

creating a plurality of user groups according to the organization architecture;

selecting a user account and adding the user account into a corresponding user group;

and allocating the foreground function of the network software to a corresponding user group.

6. The method of claim 4, wherein each of the plurality of user accounts is assigned a corresponding privilege, the method further comprising:

acquiring a plurality of account roles corresponding to each administrator account;

distributing the background authority owned by each administrator to the corresponding account role;

and respectively allocating the account roles to the user accounts.

7. A network software right control apparatus, characterized in that the apparatus comprises:

the list creating module is used for creating an authority list of the network software and setting a corresponding operation button in the authority list;

the first authority distribution module is used for creating a plurality of administrator user roles and distributing the authorities in the authority list to different administrator user roles;

the role binding module is used for creating a plurality of accounts, binding an administrator user role for each account in the plurality of accounts and obtaining a plurality of administrator accounts bound with the administrator user role;

and the second permission allocation module is used for creating a corresponding user system according to the organization architecture of the organization managed by each administrator account and allocating corresponding permissions to the users in the user system.

8. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 6.

9. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the steps of the method according to any of claims 1 to 6 are implemented when the computer program is executed by the processor.

Background

In recent years, there are many platforms that provide Software services over a network, which may also be called saas (Software-as-a-Service), meaning Software as a Service. The suppliers of the saas platform uniformly deploy the application software on their own servers, and the customers can obtain the required application software service through the internet according to the actual requirements. The existing saas product usually has a corresponding management background (generally a PC end web edition) and a mobile display foreground (generally an APP and an applet), and the management background and the mobile display foreground have two sets of user systems and one set of account respectively due to different functions and positioning, and respective authority control is separated.

In the existing saas product, a foreground and a background are divided into two sets of user systems, and part of function authorities are not subdivided to an operation button level, so that operation is inconvenient, and the requirements of all service scenes cannot be met.

Disclosure of Invention

The embodiment of the application provides a method, a device, equipment and a storage medium for controlling network software permission, and aims to realize flexible configuration of the permission of a user under the same user system.

A first aspect of an embodiment of the present application provides a method for controlling network software permissions, where the method includes:

creating an authority list of the network software, and setting corresponding operation buttons in the authority list;

creating a plurality of administrator user roles, and distributing the authority in the authority list to different administrator user roles;

creating a plurality of accounts, and binding an administrator user role for each account in the plurality of accounts to obtain a plurality of administrator accounts bound with the administrator user role;

and creating a corresponding user system according to the organization architecture of the organization managed by each administrator account and distributing corresponding authority to the users in the user system.

Optionally, creating a permission list of the network software includes:

adding the background function of the network software into a background permission list;

and adding the foreground function of the network software into a foreground authority list.

Optionally, creating a plurality of administrator user roles, and assigning the permissions in the permission list to different administrator user roles, including:

creating a plurality of different levels of administrator user roles;

and distributing a plurality of authorities corresponding to the levels of the administrator user roles in the authority list to different administrator user roles according to the different levels of the administrator user roles.

Optionally, creating, by each administrator account, a corresponding user system according to an organization architecture of an organization managed by each administrator account, and allocating corresponding permissions to users in the user system, where the creating includes:

acquiring an organization architecture corresponding to each administrator account;

creating a plurality of user accounts according to the organization architecture;

and allocating corresponding authority to each user account in the plurality of user accounts.

Optionally, allocating a corresponding right to each user account in the plurality of user accounts includes:

creating a plurality of user groups according to the organization architecture;

selecting a user account and adding the user account into a corresponding user group;

and allocating the foreground function of the network software to a corresponding user group.

Optionally, a corresponding right is allocated to each user account in the plurality of user accounts, and the method further includes:

acquiring a plurality of account roles corresponding to each administrator account;

distributing the background authority owned by each administrator to the corresponding account role;

and respectively allocating the account roles to the user accounts.

A second aspect of the embodiments of the present application provides a network software permission control apparatus, where the apparatus includes:

the list creating module is used for creating an authority list of the network software and setting a corresponding operation button in the authority list;

the first authority distribution module is used for creating a plurality of administrator user roles and distributing the authorities in the authority list to different administrator user roles;

the role binding module is used for creating a plurality of accounts, binding an administrator user role for each account in the plurality of accounts and obtaining a plurality of administrator accounts bound with the administrator user role;

and the second permission allocation module is used for creating a corresponding user system according to the organization architecture of the organization managed by each administrator account and allocating corresponding permissions to the users in the user system.

Optionally, the list creation module includes:

the background function submodule is used for adding the background function of the network software into a background permission list;

and the foreground function sub-module is used for adding the foreground function of the network software into a foreground permission list.

Optionally, the first right assignment module includes:

the first role creating submodule is used for creating a plurality of administrator user roles with different levels;

and the first authority distribution submodule is used for distributing a plurality of authorities corresponding to the levels of the administrator user roles in the authority list to different administrator user roles according to the different levels of the administrator user roles.

Optionally, the second right assignment module includes:

the organization architecture acquisition sub-module is used for acquiring the organization architecture corresponding to each administrator account;

the user account creating submodule is used for creating a plurality of user accounts according to the organization architecture;

and the second permission allocation submodule is used for allocating corresponding permission to each user account in the plurality of user accounts.

Optionally, the second permission assignment sub-module includes:

the user group creating submodule is used for creating a plurality of user groups according to the organization architecture;

the account selecting submodule is used for selecting a user account and adding the user account into a corresponding user group;

and the foreground function distribution submodule is used for distributing the foreground functions of the network software to the corresponding user groups.

Optionally, the second permission assignment sub-module further includes:

the account role obtaining submodule is used for obtaining a plurality of account roles corresponding to each administrator account;

the background authority distribution submodule is used for distributing the background authority owned by each administrator to the corresponding account role;

and the account role allocation submodule is used for allocating the account roles to the user accounts respectively.

A third aspect of embodiments of the present application provides a readable storage medium, on which a computer program is stored, which, when executed by a processor, implements the steps in the method according to the first aspect of the present application.

A fourth aspect of the embodiments of the present application provides an electronic device, including a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor executes the computer program to implement the steps of the method according to the first aspect of the present application.

The method for controlling the network software permission is adopted to create a permission list of the network software, wherein each permission in the permission list corresponds to an operation button; creating a plurality of administrator user roles, and distributing the authority in the authority list to different administrator user roles; creating a plurality of accounts, and binding an administrator user role for each account in the plurality of accounts to obtain a plurality of administrator accounts bound with the administrator user role; and creating a corresponding user system according to the organization architecture of the organization managed by each administrator account and distributing corresponding authority to the users in the user system. In the method, a corresponding button is set for each authority, so that the operation and configuration of a user are facilitated, the administrator user role creates a corresponding user system according to the organization architecture managed by the administrator user role, and the authorities of the user can be flexibly configured under the same user system.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings needed to be used in the description of the embodiments of the present application will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art that other drawings can be obtained according to these drawings without inventive exercise.

Fig. 1 is a flowchart of a network software permission control method according to an embodiment of the present application;

fig. 2 is a schematic diagram of a network software permission control device according to an embodiment of the present application.

Detailed Description

The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some, but not all, embodiments of the present application. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.

Referring to fig. 1, fig. 1 is a flowchart of a network software permission control method according to an embodiment of the present application. As shown in fig. 1, the method comprises the steps of:

s11: and creating an authority list of the network software, and setting corresponding operation buttons in the authority list.

In this embodiment, network software (saas) is generally provided by a provider on a platform, a user can obtain network software services as required, and such saas products generally include two sets of systems, namely a foreground system and a background system, each set of system requires a corresponding control authority to perform control operation, an authority list is a list integrating all authorities together, corresponding authorization operation can be performed on each authority in the authority list, and a corresponding operation button is set in the authority list and is mainly used for granting various authorities in the authority list. The specific steps for creating the authority list of the network software are as follows:

s11-1: and adding the background function of the network software into a background permission list.

S11-2: and adding the foreground function of the network software into a foreground authority list.

In this embodiment, the background function of the network software is a function that the administrator uses in the background, and the foreground function is a function that the front-end user can operate and use on the mobile terminal. The permission list comprises background permissions (web permissions) and foreground permissions, the web permissions are background management permissions which are generally permissions needed by background managers, the foreground permissions are permissions which are generally of mobile terminals and are permissions needed by foreground workers or users, the web terminals and the foreground sections generally have a plurality of interfaces, and functions in the interfaces need to be added into the permission list, so that the permission management of each function is realized.

In this embodiment, the operation button is used for clicking and triggering to realize authorization of permissions of addition, deletion, modification and the like, in the web permission list, addition, deletion and modification buttons are set for each management item and used for authorizing permissions of addition, deletion, modification and the like of the item, the addition button is clicked, the addition permission of the corresponding item can be granted to the role, the deletion button is clicked, the deletion permission of the corresponding item can be granted to the role, and the modification permission of the corresponding item can be granted to the role by clicking the modification button. In the foreground permission list, the differentiated functions of each interface are added, arbitrary permission setting can be carried out on the differentiated functions, the general permission of the foreground does not need to be added into the foreground permission list, the general permission is the default permission of all user accounts, and authorization is not needed.

For example, in a merchant management software system, the background authority may be a role management authority, a user management authority, a department management authority, and the like. The foreground authority can be information viewing authority, information input authority, information modification authority, account creating authority and the like.

S12: creating a plurality of administrator user roles and assigning permissions in the permission list to different administrator user roles.

In this embodiment, a plurality of administrator user roles may be created in the setting page of the network software, and meanwhile, authority assignment may be performed on each administrator user role, and an operation bar may be set for performing web authority assignment and foreground authority assignment on each role, and also modifying and deleting roles, and the like.

In this embodiment, the specific steps of creating a plurality of administrator user roles and assigning the permissions in the permission list to different administrator roles are as follows:

s12-1: a plurality of different levels of administrator user roles are created.

S12-2: and distributing a plurality of authorities corresponding to the levels of the administrator user roles in the authority list to different administrator user roles according to the different levels of the administrator user roles.

In this embodiment, the administrator user roles are roles of managing the network software system, and there are also level classifications among the administrator user roles, the administrator user role with the highest level has the most web permissions, and the administrator user role with the lowest level has the least web permissions.

Illustratively, the user roles of the administrators can be set to be in the levels of super administrators (having all web authorities and all foreground special authorities), gold administrators (having 5 web authorities and 2 foreground special authorities), diamond administrators (having 7 web authorities and 4 foreground special authorities), and honored administrators (having 10 web authorities and 5 foreground special authorities). And meanwhile, the role of the administrator user at each level has foreground general authority.

In this embodiment, by creating a plurality of administrator user roles of different levels, software can be further divided into different versions according to different control permissions, for example: super version (user own super administrator role, having all web permissions and all foreground special permissions). Gold version (the user has the role of gold manager and has 5 web authorities and 2 foreground special authorities). Diamond version (user with diamond manager role, having 7 web rights and 4 foreground special rights). Honored version (user own honored manager role, having 10 web permissions and 5 foreground special permissions). By dividing the network software into different versions according to different control authorities, the requirements of different users can be met, and the network software with different versions is provided for the users according to different requirements of the users.

S13: creating a plurality of accounts, and binding an administrator user role for each account in the plurality of accounts to obtain a plurality of administrator accounts bound with the administrator user role.

In this embodiment, a new account may be created in the network software, where the account is used for a user to log in the network software, an administrator user role is bound to each account, the account bound with the administrator user role is an administrator account, and after the user logs in the administrator account on the network software, the user may exercise the authority of the corresponding administrator user role through the administrator account.

For example, if the role of the super administrator is bound to an account, the user logs in the account, and can exercise the authority of the role of the super administrator through the account.

S14: and creating a corresponding user system according to the organization architecture of the organization managed by each administrator account and distributing corresponding authority to the users in the user system.

In this embodiment, after a user logs in an administrator account, a corresponding user system may be created according to an organization architecture of an organization managed by the user, and a corresponding right is assigned to each user in the user system, which includes the specific steps of:

s14-1: and acquiring an organization architecture corresponding to each administrator account.

In this embodiment, after logging in an administrator account, a user may enter a background of network software, and import or add an organization structure, where the rest of the organization structure except the administrator user is a default role, the default role has no roles of web permission and foreground permission, and the default role user has no permission to log in the background and cannot see foreground special applications. The organization architecture also includes various departments in the organization, and various positions required by each department. Different users can import different organization architectures through different administrator accounts.

For example, in a merchant management system, a merchant administrator logs in an administrator role account, enters a background of the system, and imports or creates a merchant organization structure, which specifically includes a sales department, an after-sales maintenance department, a security department, and a financial department, and may further subdivide downwards, for example, sales 1, sales 2, and the like, which is determined according to practical situations and is not limited herein.

S14-2: and creating a plurality of user accounts according to the organization architecture.

In this embodiment, after the organization architecture is imported, how many user accounts are needed can be determined, and a corresponding number of accounts are created according to the organization architecture.

For example, as soon as the sales department has 6 employees, 6 user accounts are created, and as soon as the after-sales maintenance department has 3 employees, 3 user accounts are created, and as many employees as there are, how many user accounts are created.

S14-3: and allocating corresponding authority to each user account in the plurality of user accounts.

In this embodiment, after the user accounts are created, corresponding permissions need to be allocated to each user account, and the specific steps include:

s14-3-1: and creating a plurality of user groups according to the organization architecture.

In this embodiment, the user group is a set formed by a plurality of users, and one organization has a plurality of user groups, and one user group includes a plurality of users. The user groups may be divided by department function.

Illustratively, it may be an after-market repair group, sales group, security group, finance group, or the like.

S14-3-2: and selecting a user account and adding the user account into a corresponding user group.

In this embodiment, the created user account needs to be selected, and the user account is added to the corresponding user group.

In this embodiment, a user group management interface may be added to a setting page of the network software, all user groups created by an administrator are listed in the user group management interface, a binding person may be selected after each user group, a user to be bound may be selected in the user list after clicking the binding person, and then the user account of the user is bound to the user group.

Illustratively, user 1 and user 2 are after-market repair crews, and then the accounts of user 1 and user 2 are added to the after-market repair group.

S14-3-3: and allocating the foreground function of the network software to a corresponding user group.

In this embodiment, after the user group is created through the administrator account and the user is bound, the administrator may allocate the foreground special permission owned by the administrator account to the corresponding user group, and the foreground general permission is acquiescent and does not need to be authorized again.

Illustratively, the account of the merchant administrator has a foreground special authority for checking the repair statistics and the inspection statistics, and then the authority is granted to the after-sales maintenance group, and the workers of the after-sales maintenance group all have the authority for checking the repair statistics and the inspection statistics, and the workers of the after-sales maintenance group can log in the account of the after-sales maintenance group on the terminal to check the repair statistics and the inspection statistics.

S14-3-4: and acquiring a plurality of account roles corresponding to each administrator account.

In this embodiment, a user may create a plurality of account roles through an administrator account, and the role names of the account roles are set according to an organization architecture, and may be the responsibility of a certain department or the positions of employees. Each administrator account can create a plurality of account roles according to different organizational structures, and the administrator accounts can manage the account roles created by the administrator accounts, and perform authorization and modification operations.

Illustratively, the created account role may be a sales employee, a serviceman, a department manager, or the like.

S14-3-5: and distributing the background authority owned by each administrator to the corresponding account role.

In this embodiment, after creating a plurality of account roles, an administrator user may assign a web permission owned by the administrator user to the plurality of account roles, and for different account roles, assign corresponding permissions according to role names of the roles.

Illustratively, the administrator account role has 10 web permissions, 3 of which are assigned to the "employee" account role, and 5 sales-related permissions are assigned to the "sales force director" role.

S14-3-6: and respectively allocating the account roles to the user accounts.

In this embodiment, after the plurality of role accounts are created, the plurality of account roles may be allocated to the plurality of user accounts, and the user logs in the user account and can exercise the corresponding authority through the account. For example, the "sales force manager" account role is assigned to the user account 1, and the "sales employee" account role is assigned to the user account 2.

Based on the same inventive concept, an embodiment of the present application provides a network software permission control device. Referring to fig. 2, fig. 2 is a schematic diagram of a network software permission control device 200 according to an embodiment of the present application. As shown in fig. 2, the apparatus includes:

a list creating module 201, configured to create a permission list of the network software, and set a corresponding operation button in the permission list;

a first permission allocation module 202, configured to create multiple administrator user roles, and allocate permissions in the permission list to different administrator user roles;

the role binding module 203 is configured to create a plurality of accounts, bind an administrator user role to each account in the plurality of accounts, and obtain a plurality of administrator accounts to which the administrator user role is bound;

the second authority allocation module 204 is configured to create a corresponding user system according to an organization architecture of each managed organization through each administrator account, and allocate a corresponding authority to a user in the user system.

Optionally, the list creation module includes:

the background function submodule is used for adding the background function of the network software into a background permission list;

and the foreground function sub-module is used for adding the foreground function of the network software into a foreground permission list.

Optionally, the first right assignment module includes:

the first role creating submodule is used for creating a plurality of administrator user roles with different levels;

and the first authority distribution submodule is used for distributing a plurality of authorities corresponding to the levels of the administrator user roles in the authority list to different administrator user roles according to the different levels of the administrator user roles.

Optionally, the second right assignment module includes:

the organization architecture acquisition sub-module is used for acquiring the organization architecture corresponding to each administrator account;

the user account creating submodule is used for creating a plurality of user accounts according to the organization architecture;

and the second permission allocation submodule is used for allocating corresponding permission to each user account in the plurality of user accounts.

Optionally, the second permission assignment sub-module includes:

the user group creating submodule is used for creating a plurality of user groups according to the organization architecture;

the account selecting submodule is used for selecting a user account and adding the user account into a corresponding user group;

and the foreground function distribution submodule is used for distributing the foreground functions of the network software to the corresponding user groups.

Optionally, the second permission assignment sub-module further includes:

the account role obtaining submodule is used for obtaining a plurality of account roles corresponding to each administrator account;

the background authority distribution submodule is used for distributing the background authority owned by each administrator to the corresponding account role;

and the account role allocation submodule is used for allocating the account roles to the user accounts respectively.

Based on the same inventive concept, another embodiment of the present application provides a readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the steps in the network software permission control method according to any of the above embodiments of the present application.

Based on the same inventive concept, another embodiment of the present application provides an electronic device, which includes a memory, a processor, and a computer program stored in the memory and running on the processor, and when the processor executes the computer program, the electronic device implements the steps in the network software permission control method according to any of the above embodiments of the present application.

For the device embodiment, since it is basically similar to the method embodiment, the description is simple, and for the relevant points, refer to the partial description of the method embodiment.

The embodiments in the present specification are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other.

As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, apparatus, or computer program product. Accordingly, embodiments of the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, embodiments of the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

Embodiments of the present application are described with reference to flowchart illustrations and/or block diagrams of methods, terminal devices (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing terminal to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing terminal, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing terminal to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing terminal to cause a series of operational steps to be performed on the computer or other programmable terminal to produce a computer implemented process such that the instructions which execute on the computer or other programmable terminal provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

While preferred embodiments of the present application have been described, additional variations and modifications of these embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including the preferred embodiment and all such alterations and modifications as fall within the true scope of the embodiments of the application.

Finally, it should also be noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or terminal that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or terminal. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or terminal that comprises the element.

The method, the device, the equipment and the storage medium for controlling the network software permission provided by the application are introduced in detail, a specific example is applied in the text to explain the principle and the implementation of the application, and the description of the above embodiment is only used for helping to understand the method and the core idea of the application; meanwhile, for a person skilled in the art, according to the idea of the present application, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present application.