阅读说明：本技术 一种页面权限控制方法及相关装置 (Page permission control method and related device ) 是由 杨博勋 范渊 黄进 于 2021-06-18 设计创作，主要内容包括：本申请公开了一种页面权限控制方法,应用于前端,包括：拦截页面访问路径；从后端获取页面权限列表；判断所述页面权限列表中是否存在所述页面访问路径；若存在,则跳转到所述页面访问路径对应的目标页面；若不存在,则禁止跳转到所述页面访问路径对应的所述目标页面。该方法由前端进行页面权限控制,顺应web开发的发展方向,能够减少后端开发工作量,有效提高开发效率,更便于进行技术革新。本申请还公开了一种页面权限控制装置、设备以及计算机可读存储介质,均具有上述技术效果。(The application discloses a page authority control method, which is applied to a front end and comprises the following steps: intercepting a page access path; acquiring a page permission list from a back end; judging whether the page access path exists in the page permission list or not; if so, jumping to a target page corresponding to the page access path; and if not, forbidding jumping to the target page corresponding to the page access path. According to the method, the front end controls the page authority, the development direction of web development is conformed, the workload of back-end development can be reduced, the development efficiency is effectively improved, and technical innovation is more convenient. The application also discloses a page authority control device, equipment and a computer readable storage medium, which have the technical effects.)

1. A page authority control method is applied to a front end and comprises the following steps:

intercepting a page access path;

acquiring a page permission list from a back end;

judging whether the page access path exists in the page permission list or not;

if so, jumping to a target page corresponding to the page access path;

and if not, forbidding jumping to the target page corresponding to the page access path.

2. The method for controlling page permissions according to claim 1, wherein the determining whether the page access path exists in the page permission list comprises:

judging whether the page access path contains a page path character string in the page permission list or not;

if not, the page access path does not exist in the page permission list;

if so, carrying out segmentation and format conversion on the page access path according to the separators to obtain a first array; dividing and format converting the page path character string contained in the page access path in the page permission list according to the divider to obtain a second array;

judging whether the second array is a subset of the first array;

if so, the page access path exists in the page permission list;

if not, the page access path does not exist in the page permission list.

3. The method for controlling page permissions according to claim 1, wherein said obtaining a page permission list from a backend comprises:

judging whether a token exists in the local storage;

if not, returning to the login page;

if yes, sending a network request carrying the token to the back end;

and receiving the page permission list returned by the back end when responding to the network request.

4. The page permission control method according to claim 1, further comprising:

and if the page access path does not exist in the page permission list, jumping to a specified page or sending a prompt.

5. The page permission control method according to claim 1, wherein the intercepting a page access path comprises:

and intercepting the page access path by adopting a beforeEach hook of vue-router.

6. The page permission control method according to claim 1, further comprising:

and after the user successfully logs in, storing the token returned by the back end into a local storage, and jumping to a specified page which the user has authority to access.

7. A page permission control apparatus, comprising:

the intercepting module is used for intercepting a page access path;

the acquisition module is used for acquiring a page permission list from the back end;

the judging module is used for judging whether the page access path exists in the page permission list or not;

the skipping module is used for skipping to a target page corresponding to the page access path if the page access path exists;

and the forbidding module is used for forbidding jumping to the target page corresponding to the page access path if the target page does not exist.

8. The page permission control device according to claim 7, wherein the judging module comprises:

the first judging unit is used for judging whether the page access path contains a page path character string in the page permission list or not;

the first determining unit is used for determining that the page access path does not exist in the page permission list if the page access path does not exist in the page permission list;

the dividing and converting unit is used for dividing and converting the page access path according to the separators to obtain a first array if the page access path contains the separators; dividing and format converting the page path character string contained in the page access path in the page permission list according to the divider to obtain a second array;

a second judging unit, configured to judge whether the second array is a subset of the first array;

a second determining unit, configured to determine that the page access path exists in the page permission list if the page access path exists; if not, determining that the page access path does not exist in the page permission list.

9. A page permission control apparatus, comprising:

a memory for storing a computer program;

processor for implementing the steps of the page permission control method according to any one of claims 1 to 6 when executing said computer program.

10. A computer-readable storage medium, characterized in that a computer program is stored on the computer-readable storage medium, which computer program, when being executed by a processor, carries out the steps of the page authorization control method according to any one of claims 1 to 6.

Technical Field

The application relates to the technical field of page management, in particular to a page authority control method; also relates to a page authority control device, equipment and a computer readable storage medium.

Background

For the same platform, when different users have different page rights, different user pages have different menu options displayed, and the user jumps to the corresponding page by clicking the menu on the page. Therefore, the authority control of the page is realized, but when the user directly inputs the page address without the authority in the address bar of the browser, the user can still access the page without the authority, and the problem that the user can perform higher-level operation without higher-level authority is caused. Therefore, page authority control is required.

Aiming at the page authority control, the front end and the back end of the prior art are not separated, the page is controlled by the back end, all control logics are in the back end, so that the development amount of the back end is greatly increased, the development direction of web development is different from that of the web development, the rapid development is not facilitated, the technical innovation difficulty is high, and the authority control logics of the back end need to be integrally migrated.

Therefore, how to solve the technical defects becomes a technical problem to be solved urgently by those skilled in the art.

Disclosure of Invention

The method for controlling the page authority is used for controlling the page authority by the front end, conforms to the development direction of web development, can reduce the workload of back-end development, effectively improves the development efficiency and is more convenient for technical innovation. Another object of the present application is to provide a page permission control apparatus, a device and a computer readable storage medium, all having the above technical effects.

In order to solve the above technical problem, the present application provides a page permission control method, applied to a front end, including:

intercepting a page access path;

acquiring a page permission list from a back end;

judging whether the page access path exists in the page permission list or not;

if so, jumping to a target page corresponding to the page access path;

and if not, forbidding jumping to the target page corresponding to the page access path.

Optionally, the determining whether the page access path exists in the page permission list includes:

judging whether the page access path contains a page path character string in the page permission list or not;

if not, the page access path does not exist in the page permission list;

if so, carrying out segmentation and format conversion on the page access path according to the separators to obtain a first array; dividing and format converting the page path character string contained in the page access path in the page permission list according to the divider to obtain a second array;

judging whether the second array is a subset of the first array;

if so, the page access path exists in the page permission list;

if not, the page access path does not exist in the page permission list.

Optionally, the obtaining the page permission list from the back end includes:

judging whether a token exists in the local storage;

if not, returning to the login page;

if yes, sending a network request carrying the token to the back end;

and receiving the page permission list returned by the back end when responding to the network request.

Optionally, the method further includes:

and if the page access path does not exist in the page permission list, jumping to a specified page or sending a prompt.

Optionally, the intercepting a page access path includes:

and intercepting the page access path by adopting a beforeEach hook of vue-router.

Optionally, the method further includes:

and after the user successfully logs in, storing the token returned by the back end into a local storage, and jumping to a specified page which the user has authority to access.

In order to solve the above technical problem, the present application further provides a page permission control apparatus, including:

the intercepting module is used for intercepting a page access path;

the acquisition module is used for acquiring a page permission list from the back end;

the judging module is used for judging whether the page access path exists in the page permission list or not;

the skipping module is used for skipping to a target page corresponding to the page access path if the page access path exists;

and the forbidding module is used for forbidding jumping to the target page corresponding to the page access path if the target page does not exist.

Optionally, the determining module includes:

the first judging unit is used for judging whether the page access path contains a page path character string in the page permission list or not;

the first determining unit is used for determining that the page access path does not exist in the page permission list if the page access path does not exist in the page permission list;

the dividing and converting unit is used for dividing and converting the page access path according to the separators to obtain a first array if the page access path contains the separators; dividing and format converting the page path character string contained in the page access path in the page permission list according to the divider to obtain a second array;

a second judging unit, configured to judge whether the second array is a subset of the first array;

a second determining unit, configured to determine that the page access path exists in the page permission list if the page access path exists; if not, determining that the page access path does not exist in the page permission list.

In order to solve the above technical problem, the present application further provides a page permission control device, including:

a memory for storing a computer program;

a processor for implementing the steps of the page permission control method as described in any one of the above when executing the computer program.

In order to solve the above technical problem, the present application further provides a computer-readable storage medium, on which a computer program is stored, and the computer program, when executed by a processor, implements the steps of the page permission control method according to any one of the above items.

The page authority control method provided by the application is applied to a front end and comprises the following steps: intercepting a page access path; acquiring a page permission list from a back end; judging whether the page access path exists in the page permission list or not; if so, jumping to a target page corresponding to the page access path; and if not, forbidding jumping to the target page corresponding to the page access path. Therefore, the page authority control method provided by the application carries out page authority control by the front end, realizes front-end and back-end separation, and is more clear in development task division. The back end only needs to be responsible for logic implementation of specific functions, and development efficiency can be effectively improved. The upgrading and the renovation of the back end and the front end are respectively carried out, thereby being more convenient for technical renovation.

The page permission control device, the equipment and the computer readable storage medium provided by the application have the technical effects.

Drawings

In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed in the prior art and the embodiments are briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings without creative efforts.

Fig. 1 is a schematic flowchart of a page permission control method according to an embodiment of the present application;

fig. 2 is a schematic diagram of a page permission control apparatus according to an embodiment of the present application;

fig. 3 is a schematic diagram of a page permission control device according to an embodiment of the present application.

Detailed Description

The core of the application is to provide a page authority control method, the front end controls the page authority, the development direction of web development is conformed, the workload of back end development can be reduced, the development efficiency is effectively improved, and the technical innovation is more convenient. Another core of the present application is to provide a page right control apparatus, a device and a computer readable storage medium, all having the above technical effects.

In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.

Referring to fig. 1, fig. 1 is a schematic flow chart of a page permission control method according to an embodiment of the present application, and referring to fig. 1, the method includes:

s101: intercepting a page access path;

specifically, the page permission control method provided by the application is realized by a front end. When the user successfully logs in the login page and jumps to a certain page, the front end firstly intercepts a corresponding page access path, and after judging that the user has the access right of the page, the front end releases the route to intercept and enters a target page.

The method for intercepting the page access path may be as follows: and intercepting the page access path by adopting a beforeEach hook of vue-router.

Specifically, the embodiment realizes page authority control based on an vue framework, and adopts a before approach hook of vue-router to intercept a page access path. For the beforeEach hook of vue-router, details are not repeated in this application, and reference may be made to the existing related technology.

S102: acquiring a page permission list from a back end;

specifically, the page permission list includes access paths of all pages that the user has access permissions. When different users have different access rights, the corresponding page permission lists are different. The page authority list is stored by the back end, and the front end acquires the page authority list from the back end when performing page authority control.

The method for acquiring the page permission list from the back end can be as follows: judging whether a token exists in the local storage; if not, returning to the login page; if yes, sending a network request carrying the token to the back end; and receiving the page permission list returned by the back end when responding to the network request.

Specifically, the front end determines whether a token exists in the locally stored sessionStroage. If the token does not exist in the locally stored sessionStroage, returning to the login page, and if the token exists in the locally stored sessionStroage, further sending a network request carrying the token to the back end to request to acquire the page permission list from the back end. After the back end receives the network request sent by the front end, if the back end responds to the network request, the page permission list is sent to the front end, and at the moment, the request return code is 200, which represents that the request is normal. If the back end does not respond to the network request, the page permission list is not sent to the front end, and at the moment, the request return code is 401, which represents that the request is abnormal. When the request return code is 401, the front end further returns to the landing page.

S103: judging whether the page access path exists in the page permission list or not;

s104: if so, jumping to a target page corresponding to the page access path;

s105: and if not, forbidding jumping to the target page corresponding to the page access path.

Specifically, on the basis of acquiring the page permission list, whether the intercepted page access path exists in the page permission list is judged. And if so, releasing the route to enter the page corresponding to the page access path. And if the page access path does not exist, the page corresponding to the page access path is forbidden to enter.

The method for judging whether the page access path exists in the page permission list may be as follows: judging whether the page access path contains a page path character string in the page permission list or not; if not, the page access path does not exist in the page permission list; if so, carrying out segmentation and format conversion on the page access path according to the separators to obtain a first array; dividing and format converting the page path character string contained in the page access path in the page permission list according to the divider to obtain a second array; judging whether the second array is a subset of the first array; if so, the page access path exists in the page permission list; if not, the page access path does not exist in the page permission list.

Specifically, the page permission list is traversed, and whether the intercepted page access path contains a certain page access path character string in the page permission list is judged. If not, the intercepted page access path does not exist in the page permission list, which indicates that no access permission exists. If so, the intercepted page access path is divided according to the separators in the page access path, and the page access path is converted into an array format to obtain a first array. In addition, the page access path character string is screened out from the page permission list, the screened page access path character string is segmented according to separators in the page access path character string, and the page access path character string is converted into an array format to obtain a second array. Further judging whether a second array is a subset of the first array, if so, the page access path exists in the page permission list; and if the second array is not the first array, the page access path does not exist in the page permission list.

For example, the page access path in the page permission list includes: '/my/pages/article', '/my/pages/home/index' and'/my/pages/details'. Wherein '/my/pages/article' is a page access path character string included in the intercepted page access path, and the page access path character string is divided according to the separator "/" at this time and converted into an array [ 'my', 'pages', 'article' ]. If the array [ 'my', 'pages', 'attribute' ] is a subset of the first array obtained by dividing the intercepted page access path, it indicates that the page access path exists in the page permission list and the user has the access permission, and conversely, the page access path does not exist in the page permission list and the user has no access permission.

In addition, when the page access path does not exist in the page permission list, the user can jump to a specified page or send a prompt to the user.

Further, on the basis of the above embodiment, the method further includes: and after the user successfully logs in, storing the token returned by the back end into a local storage, and jumping to a specified page which the user has authority to access. After the user logs in the login page and the login is successful, the back end returns the token, and after the token returned by the back end is received, the token is stored in the local storage and jumps to the specified page which the user has the right to access.

The technical solution is illustrated by a specific example below:

and the user performs login operation on the login page, and after the login is successful, the back end returns the token to the front end. The front end stores the token returned by the back end into the storage, intercepts a page access path before jumping to a certain page, and judges whether the token exists in the local storage. And if the token exists in the local storage, sending a network request carrying the token to the back end so as to obtain the page permission list from the back end. If token does not exist in the local store, return to the login page. And after the front end acquires the page permission list from the back end, matching the intercepted page access path with the acquired page permission list, and judging whether the intercepted page access path exists in the page permission list or not. And if the intercepted page access path exists in the page permission list, releasing the route for interception and entering the corresponding page. And if the intercepted page access path does not exist in the page permission list, jumping to a specified page or prompting the user that the user has no access permission.

In summary, the page permission control method provided by the present application is applied to a front end, and includes: intercepting a page access path; acquiring a page permission list from a back end; judging whether the page access path exists in the page permission list or not; if so, jumping to a target page corresponding to the page access path; and if not, forbidding jumping to the target page corresponding to the page access path. Therefore, the page authority control method provided by the application carries out page authority control by the front end, realizes front-end and back-end separation, and is more clear in development task division. The back end only needs to be responsible for logic implementation of specific functions, and development efficiency can be effectively improved. The upgrading and the renovation of the back end and the front end are respectively carried out, thereby being more convenient for technical renovation.

The application also provides a page authority control device, and the device described below can be referred to with the method described above correspondingly. Referring to fig. 2, fig. 2 is a schematic diagram of a page permission control device according to an embodiment of the present application, and referring to fig. 2, the device includes:

the intercepting module 10 is used for intercepting a page access path;

an obtaining module 20, configured to obtain a page permission list from a back end;

a judging module 30, configured to judge whether the page access path exists in the page permission list;

a skip module 40, configured to skip to a target page corresponding to the page access path if the target page exists;

and the prohibiting module 50 is configured to prohibit jumping to the target page corresponding to the page access path if the target page does not exist.

On the basis of the foregoing embodiment, optionally, the determining module 30 includes:

the first judging unit is used for judging whether the page access path contains a page path character string in the page permission list or not;

the first determining unit is used for determining that the page access path does not exist in the page permission list if the page access path does not exist in the page permission list;

the dividing and converting unit is used for dividing and converting the page access path according to the separators to obtain a first array if the page access path contains the separators; dividing and format converting the page path character string contained in the page access path in the page permission list according to the divider to obtain a second array;

a second judging unit, configured to judge whether the second array is a subset of the first array;

a second determining unit, configured to determine that the page access path exists in the page permission list if the page access path exists; if not, determining that the page access path does not exist in the page permission list.

On the basis of the foregoing embodiment, optionally, the obtaining module 20 includes:

the judging unit is used for judging whether a token exists in the local storage;

a returning unit, configured to return to the login page if the login page does not exist;

a sending unit, configured to send, to the backend, a network request carrying the token if the token exists;

and the receiving unit is used for receiving the page permission list returned by the back end when responding to the network request.

On the basis of the above embodiment, optionally, the method further includes:

and the skipping and prompting module is used for skipping to a specified page or sending out a prompt if the page access path does not exist in the page permission list.

On the basis of the foregoing embodiment, optionally, the intercepting module 10 is specifically configured to intercept the page access path by using a beforeEach hook of vue-router.

On the basis of the above embodiment, optionally, the method further includes:

and the storage module is used for storing the token returned by the rear end into a local storage after the user successfully logs in, and jumping to a specified page which the user has authority to access.

The present application also provides a page permission control device, which is shown with reference to fig. 3 and includes a memory 1 and a processor 2.

A memory 1 for storing a computer program;

a processor 2 for executing a computer program to implement the steps of:

intercepting a page access path; acquiring a page permission list from a back end; judging whether the page access path exists in the page permission list or not; if so, jumping to a target page corresponding to the page access path; and if not, forbidding jumping to the target page corresponding to the page access path.

For the introduction of the device provided in the present application, please refer to the above method embodiment, which is not described herein again.

The present application further provides a computer readable storage medium having a computer program stored thereon, which when executed by a processor, performs the steps of:

intercepting a page access path; acquiring a page permission list from a back end; judging whether the page access path exists in the page permission list or not; if so, jumping to a target page corresponding to the page access path; and if not, forbidding jumping to the target page corresponding to the page access path.

The computer-readable storage medium may include: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.

For the introduction of the computer-readable storage medium provided in the present application, please refer to the above method embodiments, which are not described herein again.

The embodiments are described in a progressive manner in the specification, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. The device, the apparatus and the computer-readable storage medium disclosed by the embodiments correspond to the method disclosed by the embodiments, so that the description is simple, and the relevant points can be referred to the description of the method.

Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.

The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in Random Access Memory (RAM), memory, Read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.

The page permission control method, device, equipment and computer readable storage medium provided by the present application are described in detail above. The principles and embodiments of the present application are explained herein using specific examples, which are provided only to help understand the method and the core idea of the present application. It should be noted that, for those skilled in the art, it is possible to make several improvements and modifications to the present application without departing from the principle of the present application, and such improvements and modifications also fall within the scope of the claims of the present application.