云招标用户管理功能模块的设计和实现

发布时间：2018-04-19 09:09

本文选题：SaaS + 权限管理　；参考：《北京邮电大学》2016年硕士论文

【摘要】：随着互联网的快速发展,SaaS因其可维护性强的特点,越来越受到企业的重视。在把SaaS模式引入企业信息系统后,解决了传统ERP不足的同时,也引来了企业对数据安全和权限管理的担忧。本文基于SaaS的软件交付模式,设计实现了云招标系统(面向招标公司业务的SaaS平台)用户管理模块。主要内容包括结合对需求的分析与理解,设计与实现包括三个方面,分别为用户角色管理,权限管理与访问控制和租户数据隔离。通过打标签的方式建立用户和角色的映射关系。在企业角色层级中引入权限管理的同时,加入了对用户个人授权的机制。实现了在流程系统中控制粒度可以具体到请求的同时,也可以按照用户角色层级关系、管辖项目以及由多个请求组成的一个流程步骤等进行灵活控制,并提供了对访问权限进行只读和可写权限的控制机制。本文着重于让权限管理更好的支持工作流管理与控制,大幅度减轻工作流的逻辑负担,让工作流仅需负责维护各实体的流程状态。在企业用户中,有权限的用户范围比应该操作的用户范围广泛,通过对权限分层,确定通知操作的用户。通过给请求增加属性,从而对访问控制实现更加细致的控制,如实现在用户个人授权时适当扩展读权限或工作流中的误操作处理等。配合权限模块控制系统中操作元素的显示与隐藏,完成控制工作流的同时,保证系统安全。本文第一章介绍了系统模块的研究背景、国内外的研究现状和研究意义,第二章介绍了系统开发涉及的背景知识和相关技术,第三章对系统模块进行了需求整理和分析,第四章详细介绍了模块中关键技术的研究内容,第五章主要介绍了工程的技术实现细节,第六章描述了模块的实现效果和主要的测试用例。
[Abstract]:With the rapid development of Internet, SaaS is paid more and more attention by enterprises because of its strong maintainability.After introducing SaaS mode into enterprise information system, it solves the shortage of traditional ERP, and at the same time, it also causes the concern of data security and authority management.Based on the software delivery mode of SaaS, this paper designs and implements the user management module of cloud bidding system (SaaS platform for bidding company business).The design and implementation includes three aspects: user role management, privilege management and access control, and tenant data isolation.The mapping between the user and the role is established by tagging.At the same time, the authority management is introduced into the enterprise role level, and the mechanism of individual authorization to the user is added.It is realized that the control granularity can be specified to the request in the process system, but also can be controlled flexibly according to the user role hierarchy, the control project and a process step composed of multiple requests, etc.It also provides the control mechanism of read-only and writable access rights.This paper focuses on enabling privilege management to better support workflow management and control, greatly reducing the logical burden of workflow, and making workflow only responsible for maintaining the process state of each entity.Among enterprise users, the scope of authorized users is wider than that of users that should be operated, and the users of notifying operations are determined by stratifying the permissions.By adding the attribute to the request, we can control the access control more carefully, and extend the read permission or the misoperation processing in the workflow when the user is authorized according to the facts.Cooperating with the authority module to control the display and hiding of the operation elements in the system, the control workflow is completed and the security of the system is ensured at the same time.The first chapter of this paper introduces the research background of the system module, the domestic and foreign research status and research significance, the second chapter introduces the background knowledge and related technology involved in the system development, the third chapter carries on the demand arrangement and the analysis to the system module.The fourth chapter introduces the research contents of the key technologies in the module in detail, the fifth chapter mainly introduces the technical implementation details of the engineering, and the sixth chapter describes the implementation effect of the module and the main test cases.
【学位授予单位】：北京邮电大学
【学位级别】：硕士
【学位授予年份】：2016
【分类号】：TP311.52;TP393.09

【参考文献】