+

CN106452907A - Configuration management system - Google Patents

Configuration management system Download PDF

Info

Publication number
CN106452907A
CN106452907A CN201610972758.0A CN201610972758A CN106452907A CN 106452907 A CN106452907 A CN 106452907A CN 201610972758 A CN201610972758 A CN 201610972758A CN 106452907 A CN106452907 A CN 106452907A
Authority
CN
China
Prior art keywords
server
configuration management
warehouse
user
authority
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610972758.0A
Other languages
Chinese (zh)
Other versions
CN106452907B (en
Inventor
陈献庆
黄文书
汤洋
李英明
李萌
王鹏
杨健
叶留义
纪元
张玉龙
张荣良
顾峰
裘愉涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xuji Group Co Ltd
State Grid Zhejiang Electric Power Co Ltd
XJ Electric Co Ltd
Xuchang XJ Software Technology Co Ltd
Jiaxing Power Supply Co of State Grid Zhejiang Electric Power Co Ltd
State Grid Corp of China SGCC
Original Assignee
Xuji Group Co Ltd
State Grid Zhejiang Electric Power Co Ltd
XJ Electric Co Ltd
Xuchang XJ Software Technology Co Ltd
Jiaxing Power Supply Co of State Grid Zhejiang Electric Power Co Ltd
State Grid Corp of China SGCC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xuji Group Co Ltd, State Grid Zhejiang Electric Power Co Ltd, XJ Electric Co Ltd, Xuchang XJ Software Technology Co Ltd, Jiaxing Power Supply Co of State Grid Zhejiang Electric Power Co Ltd, State Grid Corp of China SGCC filed Critical Xuji Group Co Ltd
Priority to CN201610972758.0A priority Critical patent/CN106452907B/en
Publication of CN106452907A publication Critical patent/CN106452907A/en
Application granted granted Critical
Publication of CN106452907B publication Critical patent/CN106452907B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/085Retrieval of network configuration; Tracking network configuration history
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0876Aspects of the degree of configuration automation

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Automation & Control Theory (AREA)
  • Computer And Data Communications (AREA)
  • Storage Device Security (AREA)

Abstract

本发明涉及一种配置管理系统,包括web服务器、注册登记服务器、数据库服务器和配置管理服务器;所述web服务器用于提供操作界面,注册登记服务器接收注册信息,数据库服务器用于存储配置管理系统中的数据库,配置管理服务器包括代理程序,用于对系统进行配置管理;所述代理程序还用于对web服务器进行用户权限配置和用户权限查询。本发明提供的一种配置管理系统,在配置管理服务器上设置了具有配置用户权限和用户权限查询的代理程序,用户能够从web服务器通过代理程序查询自身的权限,从而解决了用户不能对其自身权限进行查询的问题。

The present invention relates to a configuration management system, including a web server, a registration server, a database server and a configuration management server; the web server is used to provide an operation interface, the registration server receives registration information, and the database server is used to store information in the configuration management system The configuration management server includes an agent program for performing configuration management on the system; the agent program is also used for performing user authority configuration and user authority query on the web server. In the configuration management system provided by the present invention, an agent program with configuration user authority and user authority query is set on the configuration management server, and the user can query his own authority through the agent program from the web server, thus solving the problem that the user cannot Permissions to query the problem.

Description

一种配置管理系统A configuration management system

技术领域technical field

本发明涉及计算机信息技术应用领域,具体涉及一种配置管理系统。The invention relates to the application field of computer information technology, in particular to a configuration management system.

背景技术Background technique

当前,大中型公司的各研发单位,都有自己独立的配置管理服务器,包括CVS、SVN等配置管理服务器,他们分散管理,各自为政,且配置管理水平不一,存在权限控制不严格、版本管理混乱、无备份等现象;配置管理操作繁琐,或者通过原始的命令行进行配置管理,或者修改其配置文件达到管理目的,没有可视化的图像界面进行操作,效率低下,而且要求管理员素质很高。这种现状为公司规范、安全、集约化管理,制造了不利条件。在自动构建方面各公司的水平也不统一,需要一个统一平台能够全面提升自动构建水平,提高软件生产水平。At present, each R&D unit of a large and medium-sized company has its own independent configuration management server, including CVS, SVN and other configuration management servers. They are managed in a decentralized manner, and their configuration management levels are different, and there are loose authority control and chaotic version management. , No backup, etc.; the configuration management operation is cumbersome, or the configuration management is performed through the original command line, or the configuration file is modified to achieve the purpose of management. There is no visual graphical interface for operation, which is inefficient and requires high quality administrators. This status quo has created unfavorable conditions for the company's standardized, safe, and intensive management. In terms of automatic construction, the level of each company is not uniform, and a unified platform is needed to comprehensively improve the level of automatic construction and software production.

目前的配置管理系统,如SVN服务器和CVS服务器,没有设置用户的权限查询功能,因此用户不能对其自身的权限进行查询,不能满足用户的实际需求。The current configuration management system, such as SVN server and CVS server, does not have the function of querying the user's authority, so the user cannot query his own authority, which cannot meet the actual needs of the user.

发明内容Contents of the invention

本发明提供一种配置管理系统,用于解决上述用户不能对其自身权限进行查询的问题。The present invention provides a configuration management system for solving the above-mentioned problem that users cannot query their own rights.

一种配置管理系统,包括web服务器、注册登记服务器、数据库服务器和配置管理服务器;所述web服务器用于提供操作界面,注册登记服务器接收注册信息,数据库服务器用于存储配置管理系统中的数据库,配置管理服务器包括代理程序,用于对系统进行配置管理;所述代理程序还用于对web服务器进行用户权限配置和用户权限查询。A configuration management system, comprising a web server, a registration server, a database server and a configuration management server; the web server is used to provide an operation interface, the registration server receives registration information, and the database server is used to store a database in the configuration management system, The configuration management server includes an agent program for configuration management of the system; the agent program is also used for user authority configuration and user authority query to the web server.

本发明提供的一种配置管理系统,在配置管理服务器上设置了具有配置用户权限和用户权限查询的代理程序,用户能够从web服务器通过代理程序查询自身的权限,从而解决了用户不能对其自身权限进行查询的问题。In the configuration management system provided by the present invention, an agent program with configuration user authority and user authority query is set on the configuration management server, and the user can query his own authority through the agent program from the web server, thereby solving the problem that the user cannot Permissions to query the problem.

进一步的,所述web服务器的用户权限分为系统管理员、部门管理员和仓库管理员;所述系统管理员的权限包括查看当前纳入系统的配置管理服务器列表,以及注册的部门管理员和仓库管理员列表,以及为新进入该系统的配置管理服务器注册部门管理员和仓库管理员;部门管理员的权限包括对该部门的配置管理服务器所有仓库和用户进行远程的管理、授权和构建;仓库管理员的权限对授权的仓库进行远程管理、授权和构建。为web服务器设置多层用户权限,能够防止用户越权操作。Further, the user authority of the web server is divided into system administrator, department administrator and warehouse administrator; the authority of the system administrator includes viewing the list of configuration management servers currently included in the system, and registered department administrators and warehouse administrators. The list of administrators, as well as the registration of department administrators and warehouse administrators for the new configuration management server entering the system; the authority of department administrators includes remote management, authorization and construction of all warehouses and users of the configuration management server of the department; The administrator's permission remotely manages, authorizes and builds authorized warehouses. Setting multi-layer user permissions for the web server can prevent users from exceeding their authority.

进一步的,所述配置管理服务器至少包括CVS服务器和SVN服务器的其中一种,代理程序通过CVS服务器或SVN服务器所提供的API接口与CVS服务器或SVN服务器进行交互。Further, the configuration management server includes at least one of a CVS server and an SVN server, and the agent program interacts with the CVS server or the SVN server through an API interface provided by the CVS server or the SVN server.

进一步的,所述配置管理系统还包括备份服务器,用于对配置管理服务器数据进行备份。设置备份服务器能够防止数据的丢失,保证系统的安全性。Further, the configuration management system further includes a backup server, configured to back up data of the configuration management server. Setting up a backup server can prevent data loss and ensure system security.

进一步的,所述配置管理系统还包括自动构建服务器,用于根据用户输入的标签或分支名称,自动从配置管理服务器获取相应的代码并送入构建环境中进行自动构建。通过自动构建服务器,能够减少系统的使用难度,降低对管理员的素质要求。Further, the configuration management system also includes an automatic construction server, which is used to automatically obtain the corresponding code from the configuration management server according to the label or branch name input by the user and send it to the construction environment for automatic construction. By automatically building servers, it can reduce the difficulty of using the system and reduce the quality requirements for administrators.

附图说明Description of drawings

图1是实施例所提供的配置管理系统图;Fig. 1 is a diagram of the configuration management system provided by the embodiment;

图2是自动备份服务器的工作原理图;Fig. 2 is a working principle diagram of an automatic backup server;

图3是自动备份服务器的通信交互图;Fig. 3 is a communication interaction diagram of an automatic backup server;

图4是自动构建服务器的工作原理图;Fig. 4 is a working principle diagram of the automatic construction server;

图5是Web服务器的工作原理图。Figure 5 is a working principle diagram of the Web server.

具体实施方式detailed description

本发明提供一种配置管理系统,用于解决上述用户不能对其自身权限进行查询的问题。The present invention provides a configuration management system for solving the above-mentioned problem that users cannot query their own rights.

一种配置管理系统,包括web服务器、注册登记服务器、数据库服务器和配置管理服务器;所述web服务器用于提供操作界面,注册登记服务器接收注册信息,数据库服务器用于存储配置管理系统中的数据库,配置管理服务器包括代理程序,用于对系统进行配置管理;所述代理程序还用于对web服务器进行用户权限配置和用户权限查询。A configuration management system, comprising a web server, a registration server, a database server and a configuration management server; the web server is used to provide an operation interface, the registration server receives registration information, and the database server is used to store a database in the configuration management system, The configuration management server includes an agent program for configuration management of the system; the agent program is also used for user authority configuration and user authority query to the web server.

本发明提供的一种配置管理系统,在配置管理服务器上设置了具有配置用户权限和用户权限查询的代理程序,用户能够从web服务器通过代理程序查询自身的权限,从而解决了用户不能对其自身权限进行查询的问题。In the configuration management system provided by the present invention, an agent program with configuration user authority and user authority query is set on the configuration management server, and the user can query his own authority through the agent program from the web server, thereby solving the problem that the user cannot Permissions to query the problem.

下面结合附图对本发明进行详细说明。The present invention will be described in detail below in conjunction with the accompanying drawings.

本实施例所提供的一种配置管理系统,其系统结构如图1所示,包括web服务器,数据库服务器,注册登记服务器,自动备份服务器,自动构建服务器和配置管理服务器,其中配置管理服务器包括CVS服务器和SVN服务器。A configuration management system provided by this embodiment has a system structure as shown in Figure 1, including a web server, a database server, a registration server, an automatic backup server, an automatic construction server, and a configuration management server, wherein the configuration management server includes a CVS server and SVN server.

配置管理服务器上设有代理程序,根据配置管理服务器类型,分为CVS代理程序和SVN代理程序。代理程序支持对CVS和SVN服务器中仓库、用户、组进行操作,每种操作有唯一的命令号,用户通过浏览器给代理下发命令,代理对接收到的命令进行解析并完成相应的操作。代理支持的操作包括仓库操作、用户操作、权限操作,SVN代理程序还支持组操作,权限操作包括只读、只写和读写。代理程序在安装的时候,需要设置CVS或SVN服务器中仓库的路径、用户文件、权限文件;以及CVS和SVN服务的安装路径,这是因为对部分命令的解析要通过CVS和SVN服务提供的命令行处理,如仓库的创建、删除等。There are agent programs on the configuration management server, which are divided into CVS agent programs and SVN agent programs according to the configuration management server type. The agent program supports operations on warehouses, users, and groups in CVS and SVN servers. Each operation has a unique command number. Users send commands to the agent through the browser, and the agent parses the received commands and completes corresponding operations. The operations supported by the agent include warehouse operations, user operations, and permission operations. The SVN agent program also supports group operations. The permission operations include read-only, write-only, and read-write. When the agent is installed, it is necessary to set the path of the warehouse in the CVS or SVN server, the user file, the permission file; and the installation path of the CVS and SVN services, because the analysis of some commands needs to pass the commands provided by the CVS and SVN services Row processing, such as warehouse creation, deletion, etc.

代理的仓库操作包括:增加仓库、删除仓库、枚举仓库。The agent's warehouse operations include: adding warehouses, deleting warehouses, and enumerating warehouses.

(1)增加仓库:代理收到来自浏览器的增加仓库操作命令后,查询仓库路径下需要增加的仓库是否存在,如果不存在,调用CVS或SVN的程序(命令行)执行增加仓库操作;(1) Increase warehouse: after the agent receives the operation command to increase warehouse from the browser, it inquires whether the warehouse that needs to be increased under the warehouse path exists, if not, calls the program (command line) of CVS or SVN to perform the operation of increasing warehouse;

(2)删除仓库:代理收到来自浏览器的删除仓库操作命令后,查询仓库路径下需要删除的仓库是否存在,如果存在,调用CVS或SVN的程序(命令行)执行删除仓库操作;(2) Delete warehouse: after the agent receives the delete warehouse operation command from the browser, it inquires whether the warehouse to be deleted under the warehouse path exists, and if it exists, calls the program (command line) of CVS or SVN to execute the delete warehouse operation;

(3)枚举仓库:代理收到来自浏览器的枚举仓库操作命令后,遍历仓库路径下的所有仓库,并通过报文的形式反馈给浏览器;(3) Enumerate warehouse: After receiving the enumerate warehouse operation command from the browser, the agent traverses all warehouses under the warehouse path, and feeds back to the browser in the form of a message;

代理的用户操作包括:增加用户、删除用户、增加用户到仓库、移除用户从仓库、枚举用户、枚举仓库用户、用户管理的仓库。The user operations of the agent include: adding users, deleting users, adding users to warehouses, removing users from warehouses, enumerating users, enumerating warehouse users, and warehouses managed by users.

(1)增加用户:代理收到来自浏览器的增加用户操作命令后,查询用户文件中(svn是htpasswd文件,cvs是每个仓库对应一个用户文件passwd)用户是否存在,如果不存在,将用户添加到用户文件中;(1) Add users: After the agent receives the command to add users from the browser, it will query whether the user exists in the user file (svn is the htpasswd file, cvs is a user file passwd corresponding to each warehouse), if not, the user added to the user file;

(2)删除用户:代理收到来自浏览器的删除用户操作命令后,查询用户文件中用户是否存在,如果存在,将用户从用户文件中删除;(2) delete the user: after the agent receives the delete user operation command from the browser, check whether the user exists in the user file, if it exists, the user is deleted from the user file;

(3)增加用户到仓库:代理收到来自浏览器的增加用户到仓库操作命令后,查询仓库和用户是否存在,如果存在且权限文件中没有记录,在权限文件中增加对应记录。(权限文件:svn是authz,cvs是每个仓库对应两个权限文件,一个读权限文件,一个写权限文件);(3) Add users to the warehouse: After receiving the operation command of adding users to the warehouse from the browser, the agent inquires whether the warehouse and users exist. If they exist and there is no record in the permission file, add the corresponding record in the permission file. (Permission file: svn is authz, cvs is two permission files for each warehouse, one read permission file, one write permission file);

(4)移除用户从仓库:代理收到来自浏览器的移除用户从仓库操作命令后,查询权限文件中是否有记录,如果有则在权限文件中删除对应记录;(4) Remove the user from the warehouse: After the agent receives the command to remove the user from the warehouse from the browser, it will query whether there is a record in the authority file, and if so, delete the corresponding record in the authority file;

(5)枚举用户:代理收到来自浏览器的枚举用户操作命令后,枚举用户文件中的所有用户,并通过报文的形式反馈给浏览器;(5) Enumerate users: after the agent receives the enumerate user operation command from the browser, it enumerates all users in the user file and feeds back to the browser in the form of messages;

(6)枚举仓库用户:代理收到来自浏览器的枚举仓库用户操作命令后,从权限文件中提取仓库的用户列表,并通过报文的形式反馈给浏览器;(6) Enumerate warehouse users: After receiving the enumeration warehouse user operation command from the browser, the agent extracts the user list of the warehouse from the permission file, and feeds back to the browser in the form of a message;

(7)用户管理的仓库:代理收到来自浏览器的用户管理的仓库操作命令后,从权限文件中提取用户管理的仓库列表,并通过报文的形式反馈给浏览器;(7) User-managed warehouse: After receiving the user-managed warehouse operation command from the browser, the agent extracts the user-managed warehouse list from the authority file, and feeds back to the browser in the form of a message;

代理的权限操作包括:添加用户到仓库、修改用户对仓库的操作权限。The agent's permission operations include: adding users to the warehouse, modifying the user's operation permissions on the warehouse.

(1)添加用户到仓库:代理收到来自浏览器的添加用户到仓库操作命令后,查询仓库和用户是否存在,如果存在且权限文件中没有记录,在权限文件中增加对应记录;(1) Adding users to the warehouse: After the agent receives the operation command of adding users to the warehouse from the browser, it queries whether the warehouse and the user exist. If there is no record in the authority file, the corresponding record is added to the authority file;

(2)修改用户对仓库的操作权限:代理收到来自浏览器的修改用户对仓库的操作权限操作命令后,查询权限文件中用户对仓库是否有操作权限,如果没有增加记录,如果有则修改权限;(2) Modify the user's operation authority to the warehouse: After the agent receives the operation command from the browser to modify the user's operation authority to the warehouse, it will query whether the user has the operation authority to the warehouse in the authority file. If there is no record, modify it authority;

SVN代理程序的组操作包括:增加组、移除组、增加用户到组、移除用户从组、添加组到仓库、移除组从仓库、修改组对仓库的管理权限、枚举所有组列表、枚举组中用户列表、获取组对仓库的权限、枚举仓库组列表。The group operations of the SVN agent include: add group, remove group, add user to group, remove user from group, add group to warehouse, remove group from warehouse, modify group's administrative authority on warehouse, enumerate all group lists , Enumerate the list of users in the group, get the permissions of the group to the warehouse, and enumerate the list of warehouse groups.

(1)增加组:代理收到来自浏览器的增加组操作命令后,查询权限文件中组是否存在,如果不存在,添加记录;(1) Add group: after the agent receives the operation command to add a group from the browser, it inquires whether the group exists in the authority file, and if it does not exist, add a record;

(2)移除组:代理收到来自浏览器的移除组操作命令后,查询权限文件中组是否存在,如果存在,删除记录;(2) Remove group: after the agent receives the remove group operation command from the browser, it will query whether the group exists in the authority file, and if it exists, delete the record;

(3)增加用户到组:代理收到来自浏览器的增加用户到组操作命令后,如果权限文件中的组存在、用户文件中的用户存在且用户不在组中,在权限文件中增加记录;(3) increase the user to the group: after the agent receives the increase user from the browser to the group operation command, if the group in the authority file exists, the user in the user file exists and the user is not in the group, the record is added in the authority file;

(4)移除用户从组:代理收到来自浏览器的移除用户从组操作命令后,如果权限文件中用户在组中,从组中删除用户;(4) Remove the user from the group: after the agent receives the remove user from the group operation command from the browser, if the user is in the group in the authority file, delete the user from the group;

(5)添加组到仓库:代理收到来自浏览器的添加组到仓库操作命令后,如果仓库存在、组存在且组没有对仓库的管理权限,增加记录;(5) Add group to warehouse: After the agent receives the operation command of adding group to warehouse from the browser, if the warehouse exists, the group exists and the group does not have management authority to the warehouse, add a record;

(6)移除组从仓库:代理收到来自浏览器的移除组从仓库操作命令后,如果权限文件中组对仓库有管理权限,删除记录;(6) Remove the group from the warehouse: After the agent receives the command to remove the group from the warehouse from the browser, if the group in the permission file has management authority over the warehouse, delete the record;

(7)修改组对仓库的管理权限:代理收到来自浏览器的修改组对仓库的管理权限操作命令后,如果权限文件中组对仓库有管理权限,修改权限;(7) Modify the management authority of the group to the warehouse: after the agent receives the operation command from the browser to modify the management authority of the group to the warehouse, if the group in the authority file has management authority to the warehouse, modify the authority;

(8)枚举所有组列表:代理收到来自浏览器的枚举所有组列表操作命令后,枚举权限文件中的所有组,并通过报文的形式反馈给浏览器;(8) Enumerate all group lists: after the agent receives the enumerate all group list operation commands from the browser, it enumerates all groups in the permission file and feeds back to the browser in the form of messages;

(9)枚举组中用户列表:代理收到来自浏览器的枚举组中用户列表操作命令后,枚举权限文件中的组中的用户,并通过报文的形式反馈给浏览器;(9) list of users in the enumeration group: after the agent receives the user list operation command in the enumeration group from the browser, enumerates the users in the group in the authority file, and feeds back to the browser by the form of message;

(10)获取组对仓库的权限:代理收到来自浏览器的获取组对仓库的权限操作命令后,如果组和仓库都存在,且组对仓库有管理权限,提取权限信息并通过报文的形式反馈给浏览器;(10) Obtain the authority of the group to the warehouse: After the agent receives the operation command of obtaining the authority of the group to the warehouse from the browser, if both the group and the warehouse exist, and the group has management authority to the warehouse, the authority information is extracted and passed through the packet form feedback to the browser;

(11)枚举仓库组列表:代理收到来自浏览器的枚举仓库组列表操作命令后,如果仓库存在,提取权限文件中记录的被授权管理仓库的组列表并通过报文的形式反馈给浏览器。(11) Enumerate warehouse group list: After the agent receives the enumerate warehouse group list operation command from the browser, if the warehouse exists, it will extract the group list authorized to manage the warehouse recorded in the permission file and feed it back to browser.

用户权限查询的具体方法为:The specific method of user permission query is as follows:

CVS服务器中每个仓库下有一个读权限文件和一个写权限文件,代理程序查询用户对仓库的管理权限的方法:枚举仓库对应的读权限文件和写权限文件,提取用户权限做逻辑或处理,将结果通过报文的形式反馈给浏览器。Each warehouse in the CVS server has a read permission file and a write permission file. The agent program queries the user’s management permission for the warehouse: enumerates the read permission file and write permission file corresponding to the warehouse, and extracts the user permission for logic or processing. , and feed back the result to the browser in the form of a message.

SVN服务器所有仓库共享同一个权限文件,权限文件中按仓库记录所有组、用对仓库的管理权限,代理程序查询用户对仓库的管理权限的方法:All warehouses of the SVN server share the same authority file, which records all groups and users’ management authority to warehouses by warehouse. The agent program queries the user’s management authority to warehouses:

(1)提取权限文件中仓库对应的组和用户权限列表;(1) Extract the group and user permission list corresponding to the warehouse in the permission file;

(2)提取步骤(1)中所有组管理的用户,筛选包含用户的组列表;(2) extract the user of all group management in the step (1), filter and include the group list of user;

(3)从(1)中提取(2)中所有组的权限,做逻辑或处理;(3) Extract the permissions of all groups in (2) from (1), and do logical OR processing;

(4)从(1)中提取用户权限,和(3)做逻辑或处理;(4) Extract user rights from (1), and do logical OR processing with (3);

(5)将(4)中的结果通过报文形式反馈给浏览器。(5) Feedback the result in (4) to the browser in the form of a message.

代理程序通过CVS服务器、SVN服务器所提供的API命令行接口与其进行交互。代理程序能够响应并执行web服务器、自动备份服务器、自动构建服务器的指令。代理程序与web服务器、自动备份服务器、自动构建服务器的通信命令,传输层采用TCP协议,应用层是自定义协议。The agent interacts with the CVS server and the API command line interface provided by the SVN server. The agent program can respond to and execute the instructions of the web server, automatic backup server, and automatic build server. The agent program communicates with the web server, the automatic backup server, and the automatic construction server. The transport layer adopts the TCP protocol, and the application layer is a custom protocol.

自定义协议的请求报文中第一个字节是命令号,之后是参数,参数均以ascii码表示,多个参数之间用\n\r分割,即回车换行,ascii编码是1310,最后以\0结束,即ascii码的0。响应报文和请求报文格式一样,第一个字节是命令号,之后是ascii编码的返回信息,最后以\0结束。The first byte in the request message of the custom protocol is the command number, followed by the parameters. The parameters are expressed in ascii codes. Multiple parameters are separated by \n\r, that is, carriage return and line feed. The ascii code is 1310. Finally, it ends with \0, which is the 0 of the ascii code. The format of the response message is the same as that of the request message. The first byte is the command number, followed by the ascii-encoded return information, and finally ends with \0.

举例1:新建一个仓库,名字是Testrepos,请求报文:Example 1: Create a new warehouse named Testrepos, request message:

11 Testrepos\0Testrepos\0

报文中1是命令号,代表增加仓库。1 in the message is the command number, which means adding a warehouse.

Web服务器封装好该命令报文后,连接代理程序,代理程序收到该报文后,新增一个Testrepos仓库,然后根据结果回应,成功是201,失败是401。After the web server encapsulates the command message, it connects to the agent program. After the agent program receives the message, it adds a Testrepos warehouse, and then responds according to the result. The success is 201, and the failure is 401.

11 201\0201\0

回应201表示成功。A response of 201 indicates success.

举例2:枚举仓库,请求报文:Example 2: Enumerate warehouses, request message:

33

报文中3表示枚举仓库命令,该命令无需参数。3 in the message indicates the command to enumerate warehouses, and this command does not need parameters.

代理程序收到该报文后,获取仓库列表,并返回仓库列表,如下面所示的响应报文示例。After receiving the message, the agent obtains the warehouse list and returns the warehouse list, as shown in the response message example below.

33 Repos1\n\rRepos2\n\rRepos3\n\r...Reposn\0Repos1\n\rRepos2\n\rRepos3\n\r...Reposn\0

各个仓库名之间用\n\r间隔。Each warehouse name is separated by \n\r.

举例3:增加用户到仓库,请求报文:Example 3: Add a user to the warehouse and request a message:

1111 Reposname\n\rusername\0Reposname\n\rusername\0

响应报文:Response message:

1111 201\0201\0

201表示成功。201 means success.

代理程序既作为客户端程序,又作为服务端程序。作为客户端时,绑定10001端口,主要用来向注册登记服务器发起注册请求,直到注册成功。作为服务程序,监听端口10000,等待web服务器、自动备份服务器和自动构建服务器的连接请求。收到它们的命令后,根据命令功能进行相应的处理,处理完毕后主动关闭连接,表示通信完毕。web服务器、自动备份服务器和自动构建服务器作为客户端,主动连接SVN或CVS服务器代理程序,发送命令报文,等待对方的响应或关闭连接。The agent program acts both as a client program and as a server program. As a client, bind port 10001, which is mainly used to initiate a registration request to the registration server until the registration is successful. As a service program, it listens to port 10000 and waits for connection requests from the web server, automatic backup server and automatic build server. After receiving their commands, they will perform corresponding processing according to the command functions, and actively close the connection after processing, indicating that the communication is complete. The web server, the automatic backup server and the automatic construction server act as clients, actively connect to the SVN or CVS server agent program, send command messages, wait for the response of the other party or close the connection.

配置管理服务器第一次接入该系统时,代理程序需向注册登记服务器发送注册请求,请求进入该系统。在该实施例中,通过255命令向注册登记服务器提交注册请求。其报文格式如下所示。When the configuration management server accesses the system for the first time, the agent program needs to send a registration request to the registration server, requesting to enter the system. In this embodiment, the registration request is submitted to the registration server through the 255 command. Its message format is as follows.

注册登记服务器根据授权信息准许其进入该系统,并把该服务器的相关信息包括其内存、磁盘、操作系统等信息,存入数据库服务器备案。有了这个备案,系统管理员可为该服务器注册管理员。之后,代理程序定时的向注册登记服务器发送心跳报文,证明自己在线可操作。注册登记服务器如果在120秒内收不到心跳报文,则认为该服务器离线,把离线标识写入数据库,当web服务器向该配置管理服务器发送命令时,会提示用户该服务器离线,不能进行操作。The registration server allows it to enter the system according to the authorization information, and stores the relevant information of the server, including its memory, disk, operating system and other information, into the database server for filing. With this record, the system administrator can register administrators for the server. Afterwards, the agent regularly sends a heartbeat message to the registration server to prove that it is online and operable. If the registration server does not receive a heartbeat message within 120 seconds, it will consider the server offline and write the offline identifier into the database. When the web server sends a command to the configuration management server, it will prompt the user that the server is offline and cannot be operated. .

自动备份服务器工作原理图如图2所示。它根据用户的备份策略配置,对各单位的配置管理服务器数据,如SVN服务器,进行周期性的发送增量备份或全部备份命令。其向代理程序发送的全备或增量备份命令报文如下:The working principle diagram of the automatic backup server is shown in Figure 2. According to the user's backup policy configuration, it periodically sends incremental backup or full backup commands to the configuration management server data of each unit, such as the SVN server. The full backup or incremental backup command message it sends to the agent is as follows:

发送备份命令,无需回应Send backup command without response

5555 ALL或INC\n\r服务端口\0ALL or INC\n\rService port\0

报文中ALL表示全部备份,INC表示增量备份,服务端口是监听备份完成通知的服务端口。ALL in the message means full backup, INC means incremental backup, and the service port is the service port for listening to the backup completion notification.

SVN服务器在收到其备份命令后,开始备份工作。其通信流程图如图3所示。当SVN服务器把数据备份完毕后,通知自动备份服务器,自动备份服务器会响应该报文。备份完成通知和响应报文如下:After the SVN server receives its backup command, it starts the backup work. Its communication flowchart is shown in Fig. 3 . After the SVN server finishes backing up the data, it will notify the automatic backup server, and the automatic backup server will respond to the message. The backup completion notification and response message are as follows:

发送备份完成通知Send backup completion notification

ALL或INC\n\r服务端口号\n\rSvn标识\n\r备份文件名称\n\rMD5\0ALL or INC\n\rService port number\n\rSvn ID\n\rBackup file name\n\rMD5\0

响应备份完成Response backup complete

201\0201\0

报文中ALL表示全部备份完成,INC表示增量备份完成,服务端口号是监听请求备份数据命令的服务端口,后面还有该次备份文件的名称,以及其MD5校验码。ALL in the message means that all backups are completed, INC means that incremental backups are completed, the service port number is the service port that monitors the command for requesting backup data, followed by the name of the backup file and its MD5 check code.

自动备份服务器在有空闲线程后,向该SVN服务器获取数据。其获取备份文件命令报文如下:After the automatic backup server has an idle thread, it obtains data from the SVN server. The command message to obtain the backup file is as follows:

请求备份数据命令request backup data command

5656 备份文件名称\0Backup file name\0

数据传输完毕后,记录日志,以备恢复用。After the data transfer is complete, record the log for recovery.

自动构建服务器的工作原理图如图4所示。自动构建服务器根据用户输入的标签或分支名称,从远程的配置管理服务器上获取数据并送入虚拟机构建环境进行构建,虚拟机可选用VMWare成熟的产品,预装好Windows系统或Linux系统,以及构建编译环境。构建进度存放入数据库,用户可随时查看,构建完毕后,根据要求,可给公司的PLM系统交互,完成自动化入库。The working principle diagram of the automatic build server is shown in Figure 4. According to the label or branch name entered by the user, the automatic construction server obtains data from the remote configuration management server and sends it to the virtual machine construction environment for construction. The virtual machine can choose VMWare mature products, pre-installed Windows system or Linux system, and Build the compilation environment. The construction progress is stored in the database, and the user can check it at any time. After the construction is completed, it can interact with the company's PLM system according to the requirements to complete the automatic storage.

web服务器的工作原理如图所示。web服务器采用典型的三层模型开发,包括业务服务层,数据访问层,通信层。web服务器以Ajax方式提供服务,web服务器用Ajax请求访问,这种交互方式能够增强用户使用体验,局部数据刷新,不导致整页数据传送。web服务器通过通信层给代理程序、自动备份服务器、自动构建服务器发送命令报文,实现管理的员远程控制。通信报文都是采用上述的报文格式。The working principle of the web server is shown in the figure. The web server is developed using a typical three-tier model, including business service layer, data access layer, and communication layer. The web server provides services in the form of Ajax, and the web server uses Ajax to request access. This interactive mode can enhance user experience, refresh partial data, and not cause full-page data transmission. The web server sends command messages to the agent program, the automatic backup server, and the automatic construction server through the communication layer, so as to realize the remote control of the administrator. The communication messages all adopt the above-mentioned message format.

web服务器的用户权限分为系统管理员、部门管理员和仓库管理员。系统管理员通过web服务器登录系统,可以看到当前纳入系统的配置管理服务器,以及注册的部门管理员和仓库管理员列表。系统管理员可为新进入该系统的配置管理服务器注册部门管理员和仓库管理员。部门管理员可对该部门的配置管理服务器所有仓库和用户进行远程的管理和授权;仓库管理员仅仅可对授权的仓库进行远程管理和授权。仓库管理员适合于项目经理管理一个或多个仓库,而对其它仓库无访问权限情况。The user rights of the web server are divided into system administrators, department administrators, and warehouse administrators. The system administrator logs in to the system through the web server, and can see the configuration management server currently included in the system, as well as the list of registered department administrators and warehouse administrators. The system administrator can register department administrators and warehouse administrators for configuration management servers newly entering the system. Department administrators can remotely manage and authorize all warehouses and users of the department's configuration management server; warehouse administrators can only remotely manage and authorize authorized warehouses. Warehouse administrator is suitable for project managers who manage one or more warehouses and have no access rights to other warehouses.

以上给出了本发明涉及的具体实施方式,但本发明不局限于所描述的实施方式。在本发明给出的思路下,采用对本领域技术人员而言容易想到的方式对上述实施例中的技术手段进行变换、替换、修改,并且起到的作用与本发明中的相应技术手段基本相同、实现的发明目的也基本相同,这样形成的技术方案是对上述实施例进行微调形成的,这种技术方案仍落入本发明的保护范围内。The specific embodiments related to the present invention are given above, but the present invention is not limited to the described embodiments. Under the idea given by the present invention, the technical means in the above-mentioned embodiments are transformed, replaced, and modified in ways that are easy for those skilled in the art, and the functions played are basically the same as those of the corresponding technical means in the present invention. 1. The purpose of the invention realized is also basically the same, and the technical solution formed in this way is formed by fine-tuning the above-mentioned embodiments, and this technical solution still falls within the protection scope of the present invention.

Claims (5)

1. a kind of configuration management system, including web server, registration server, database server and configuration management clothes Business device;Described web server is used for providing operation interface, and registration server receives log-on message, and database server is used Data base in storage configuration management system, configuration management server includes Agent, for system is carried out with configuration pipe Reason;It is characterized in that, described Agent is additionally operable to web server is carried out with user right configuration and user right inquiry.
2. a kind of configuration management system according to claim 1 is it is characterised in that the user right of described web server It is divided into system manager, department manager and warehouse keeper;The authority of described system manager includes checking currently including The configuration management server list of system, and the department manager of registration and warehouse keeper's list, and enter this and be for new The configuration management server registration department manager of system and warehouse keeper;The authority of department manager includes this department is joined Put all warehouses of management server and user carries out long-range management, mandate and structure;The authority of warehouse keeper is to mandate Warehouse carries out remote management, mandate and structure.
3. a kind of configuration management system according to claim 1 is it is characterised in that described configuration management server at least wraps Include CVS server and the one of which of SVN server, Agent passes through the API that CVS server or SVN server are provided Interface is interacted with CVS server or SVN server.
4. a kind of configuration management system according to claim 1 it is characterised in that described configuration management system also include standby Part server, for backing up to configuration management server data.
5. a kind of configuration management system according to claim 1 is it is characterised in that described configuration management system is also included certainly Dynamic structure server, for the label according to user input or branch name, obtains corresponding automatically from configuration management server Code sending in constructing environment is built automatically.
CN201610972758.0A 2016-11-03 2016-11-03 A configuration management system Active CN106452907B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610972758.0A CN106452907B (en) 2016-11-03 2016-11-03 A configuration management system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610972758.0A CN106452907B (en) 2016-11-03 2016-11-03 A configuration management system

Publications (2)

Publication Number Publication Date
CN106452907A true CN106452907A (en) 2017-02-22
CN106452907B CN106452907B (en) 2020-02-21

Family

ID=58180614

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610972758.0A Active CN106452907B (en) 2016-11-03 2016-11-03 A configuration management system

Country Status (1)

Country Link
CN (1) CN106452907B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112783546A (en) * 2021-01-28 2021-05-11 杉德银卡通信息服务有限公司 Code authority WEB management system based on domain service and SVN
CN112783545A (en) * 2021-01-28 2021-05-11 杉德银卡通信息服务有限公司 Domain service and SVN-based code authority WEB management method and medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102193841A (en) * 2010-03-04 2011-09-21 阿里巴巴集团控股有限公司 Backup method and device of Subversion configuration database
US8255357B1 (en) * 2006-04-24 2012-08-28 Sprint Communications Company L.P. Systems and methods of configuration management for enterprise software
CN104702421A (en) * 2013-12-05 2015-06-10 中国银联股份有限公司 Web-based configuration management system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8255357B1 (en) * 2006-04-24 2012-08-28 Sprint Communications Company L.P. Systems and methods of configuration management for enterprise software
CN102193841A (en) * 2010-03-04 2011-09-21 阿里巴巴集团控股有限公司 Backup method and device of Subversion configuration database
CN104702421A (en) * 2013-12-05 2015-06-10 中国银联股份有限公司 Web-based configuration management system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112783546A (en) * 2021-01-28 2021-05-11 杉德银卡通信息服务有限公司 Code authority WEB management system based on domain service and SVN
CN112783545A (en) * 2021-01-28 2021-05-11 杉德银卡通信息服务有限公司 Domain service and SVN-based code authority WEB management method and medium

Also Published As

Publication number Publication date
CN106452907B (en) 2020-02-21

Similar Documents

Publication Publication Date Title
CN104376237B (en) A kind of method of controlling security and system for being directed to information in production process
CN101841537B (en) Method and system for realizing file sharing access control based on protocol proxy
US10536459B2 (en) Document management systems and methods
CN103095720B (en) A kind of method for managing security of cloud storage system of dialogue-based management server
CN111327613B (en) Distributed service authority control method and device and computer readable storage medium
CN101901315A (en) A USB mobile storage medium security isolation and monitoring management method
CN106452798B (en) The network equipment command identifying method and command identifying of high-volume deployment
CN102307114A (en) Management method of network
CN107154982A (en) A kind of method and system of audit log record
CN106452907A (en) Configuration management system
CN111651122A (en) Data deleting method, device, server and storage medium
CN107911443A (en) A kind of session information processing method, device, server and readable storage medium storing program for executing
CN113162950A (en) Mobile application secondary authority authentication and management system based on i country network
CN104885418B (en) How to manage servers and user groups
CN119248771A (en) Visual database system and computer equipment supporting real-time collaboration
CN107294959A (en) The method of inside and outside Network Communication, apparatus and system
CN114070856B (en) Data processing method, device, system, operation and maintenance auditing equipment and storage medium
CN112131192B (en) Request response method, device and system, storage medium, and electronic device
CN112733118B (en) Cloud security product user management method, device and system and readable storage medium
CN109150595A (en) A kind of network O&M instruction method for pushing
JP2008243198A (en) Access authority control system
CN112766805A (en) Production process informatization management system and method
CN115643068A (en) A media information system
CN114707128A (en) Database access method, related device, storage medium and program product
CN115375409A (en) User management system and method

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载