CN120012166A

CN120012166A - Method and device for controlling permissions of page objects in open format document OFD

Info

Publication number: CN120012166A
Application number: CN202510490157.5A
Authority: CN
Inventors: 康凯; 商谦; 方俊
Original assignee: Fuxin Kunpeng Beijing Information Technology Co ltd
Current assignee: Fuxin Kunpeng Beijing Information Technology Co ltd
Priority date: 2025-04-18
Filing date: 2025-04-18
Publication date: 2025-05-16

Abstract

The present invention provides a method and device for controlling the permissions of page objects in an open format document OFD, and relates to the field of computer technology. The method comprises: obtaining a semantic tree file corresponding to the OFD document, wherein the semantic tree file comprises at least one semantic node, and the semantic node comprises at least one page object in the OFD document; when a permission setting operation for any of the semantic nodes is detected, a corresponding target permission is set for the semantic node; under the semantic node, according to the target permission and the backup document corresponding to each of the page objects, a permission control operation is performed on the object content and object permission attribute of each of the page objects. The present invention avoids the problem caused by omission or error in copying a complete object; there is no need to record and maintain the layer identification, direction index, etc. of the object, which greatly simplifies the system structure and logic.

Description

Authority control method and device for page object in open format document OFD

Technical Field

The invention relates to the technical field of computers, in particular to a method and a device for controlling authority of page objects in an open format document OFD.

Background

An Open-layout Document (OFD) supports setting Document rights statement (Permissions) nodes so as to achieve the application purposes of Document diffusion prevention and the like. In order to improve granularity of authority control, authority control on specific objects in an OFD document becomes a research hotspot.

In the prior art, an object of an OFD document needing to control authority is removed from a corresponding page and is completely copied into a first page object, and meanwhile, a second page object corresponding to the object is created, but the content is modified into the content which can be seen or operated by a user with limited authority, and meanwhile, the layer identification, the index identification and the like of the object in the page are recorded. After the user opens the OFD document, the reader can determine whether to copy the first page object or the second page object completely according to the user role and then insert the first page object into the original document for display, so that different roles are displayed, and different display effects and operation effects are achieved.

However, the above method is easy to miss attribute and data during copying, has a complex structure, is poor in understanding and maintainability, and changes the structure of a document and the like. Therefore, an effective solution is urgently needed to solve the above-mentioned problems.

Disclosure of Invention

Aiming at the defects in the prior art, the invention provides a permission control method and device for page objects in an open format document OFD.

The invention provides a right control method of a page object in an open format document OFD, which comprises the following steps:

Acquiring a semantic tree file corresponding to an OFD document, wherein the semantic tree file comprises at least one semantic node, and the semantic node comprises at least one page object in the OFD document;

When detecting permission setting operation aiming at any semantic node, setting corresponding target permission for the semantic node;

and under the semantic node, performing authority control operation on the object content and the object authority attribute of each page object according to the target authority and the backup document corresponding to each page object.

According to the authority control method for the page object in the open format document OFD, the target authority is the hidden authority;

And under the semantic node, performing authority control operation on the object content and the object authority attribute of each page object according to the target authority and the backup document corresponding to each page object, including:

performing the following operations for each of the page objects under the semantic node:

Creating a backup file for the page object;

copying the object content and the object authority attribute of the page object to the backup document under the semantic node;

recording the identification of the backup document under the semantic node as the document identification corresponding to the page object;

and according to the target authority, hiding the object content of the page object under the semantic node, and changing the object authority attribute of the page object.

According to the authority control method for the page objects in the open format document OFD provided by the invention, after the authority control operation is performed on the object content and the object authority attribute of each page object, the method further comprises the following steps:

Responsive to an output class operation for the OFD document:

Aiming at an authorized user, executing the output class operation on the OFD document based on the semantic tree file and the backup document corresponding to all recorded document identifications;

And aiming at unauthorized users, executing the output class operation on the OFD document based on the semantic tree file.

According to the authority control method for the page object in the open format document OFD, the output operation is document display and/or document printing;

the executing the output class operation on the OFD document based on the semantic tree file and the backup document corresponding to all the recorded document identifications for the authorized user comprises the following steps:

Reading the semantic tree file for an authorized user;

checking whether the page object has a corresponding document identifier or not according to any page object contained in each semantic node in the semantic tree file;

if yes, reading the object content of the page object from the backup file corresponding to the document identification, and reading the display attribute of the page object from the semantic node;

if not, reading the object content and the display attribute of the page object from the semantic node;

And performing output class operation on the page object according to the object content and the display attribute of the page object.

The executing the output class operation on the OFD document based on the semantic tree file for an unauthorized user comprises the following steps:

for unauthorized users, reading the semantic tree file;

reading object content and display attributes of any page object contained in each semantic node in the semantic tree file from the semantic node;

According to the authority control method for the page object in the open format document OFD, the output class operation is derived from a semantic tree;

Reading the semantic tree file for an authorized user;

if yes, reading the object content of the page object from the backup file corresponding to the document identification and exporting the object content;

and if not, reading the object content of the page object from the semantic node and exporting the object content.

for each semantic node in the semantic tree file, reading a derived attribute from node authority attributes of the semantic node;

if the derived attribute is refusal, skipping the semantic node;

and if the export attribute is permission, reading the object content of the page object from the semantic node and exporting the object content.

In response to a recovery operation of an authorized user for the OFD document, performing the following for each of the semantic nodes in the semantic tree file:

clearing node authority attributes of the semantic nodes;

checking whether the page object has a corresponding document identifier or not according to any page object contained in the semantic node;

If so, using the object content and the authority attribute of the page object in the backup file corresponding to the document identification to replace the object content and the authority attribute of the page object under the semantic node, and deleting the document identification corresponding to the page object under the semantic node.

According to the authority control method for the page object in the open format document OFD provided by the invention, after the object content and the authority attribute of the page object are copied to the backup document under the semantic node, the authority control method further comprises the following steps:

the backup document is encrypted using a key associated with a user, either an authorized user or an unauthorized user.

The invention also provides a right control device of the page object in the open format document OFD, which comprises:

the acquisition module is configured to acquire a semantic tree file corresponding to the OFD document, wherein the semantic tree file comprises at least one semantic node, and the semantic node comprises at least one page object in the OFD document;

the setting module is configured to set corresponding target authorities for the semantic nodes when detecting authority setting operation for any semantic node;

And the control module is configured to perform authority control operation on the object content and the object authority attribute of each page object according to the target authority and the backup document corresponding to each page object under the semantic node.

The invention also provides electronic equipment, which comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the processor realizes the authority control method of the page object in the open layout file OFD when executing the computer program.

The present invention also provides a non-transitory computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements a permission control method for a page object in an open layout document OFD as described in any one of the above.

The invention also provides a computer program product comprising a computer program which when executed by a processor implements a method of controlling the authority of a page object in an open layout document OFD as described in any one of the above.

The authority control method and device for the page objects in the open format document OFD provided by the invention are characterized in that the semantic tree file corresponding to the OFD document is obtained, the semantic tree file comprises at least one semantic node, the semantic node comprises at least one page object in the OFD document, when the authority setting operation for any semantic node is detected, the corresponding target authority is set for the semantic node, and under the semantic node, the authority control operation is carried out on the object content and the object authority attribute of each page object according to the target authority and the backup document corresponding to each page object. The invention does not need to copy complex and numerous display attributes, and further does not need to process the common drawing parameters referenced by the display attributes, so that the problem caused by missing or error of copying the complete object is avoided; the invention does not need to remove the original page object, but directly modifies the data affected by the right on the page object, so that the position of the page object is unchanged, and the layer identification, the direction index and the like of the object are not required to be recorded and maintained, thereby greatly simplifying the system structure and logic.

Drawings

In order to more clearly illustrate the invention or the technical solutions of the prior art, the following description will briefly explain the drawings used in the embodiments or the description of the prior art, and it is obvious that the drawings in the following description are some embodiments of the invention, and other drawings can be obtained according to the drawings without inventive effort for a person skilled in the art.

Fig. 1 is a schematic flow diagram of a method for controlling authority of a page object in an open layout document OFD according to the present invention.

Fig. 2 is a schematic flow chart of authority setting provided by the present invention.

FIG. 3 is a schematic flow chart of document display provided by the present invention.

FIG. 4 is a schematic flow chart of document printing provided by the present invention.

FIG. 5 is a schematic flow chart of semantic tree derivation provided by the present invention.

FIG. 6 is a schematic flow chart of a document recovery process provided by the present invention.

Fig. 7 is a second flow chart of the authority control method of the page object in the open layout document OFD provided by the invention.

Fig. 8 is a schematic structural diagram of a right control device for a page object in an open layout document OFD provided by the invention.

Fig. 9 is a schematic structural diagram of an electronic device provided by the present invention.

Detailed Description

For the purpose of making the objects, technical solutions and advantages of the present invention more apparent, the technical solutions of the present invention will be clearly and completely described below with reference to the accompanying drawings, and it is apparent that the described embodiments are some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.

The following describes a method and a device for controlling authority of a page object in an open layout document OFD in accordance with the present invention with reference to FIGS. 1 to 9.

First, the related content of the present invention will be briefly described.

In the OFD standard, GB/T33190-2016 electronic file storage and exchange format-format document supports setting document rights statement nodes so as to achieve the application purposes of document diffusion prevention and the like, such as permission of editing (Edit), adding or modifying labels (Annot), exporting (Export) and the like.

However, the set rights are for the whole format document, and the rights of specific objects in the format document, such as the name or sex of a patient in a medical record, cannot be controlled, and different rights can not be flexibly set for different scenes and users, such as different rights of doctors, nurses or management staff for medical records. In actual life, a large number of scenes exist, different users need to be subjected to different authority control, and the control granularity also needs to be finer. Therefore, how to realize the authority control of the OFD page object is a technical problem to be solved.

The prior art is based on the principle that an object (such as a text object) requiring control authority is removed from a corresponding page and completely copied into a specific data backup file, wherein the object is called a first page object, and a second page object corresponding to the object is created, but the content is modified to be visible or operable by a user with limited authority, such as the content is changed toThe print edit (InPrintable) becomes allowed (true) or the like, while recording the layer Identification (ID) of the object in the page, further it may be necessary to record the index ID of the object in the layer, or the like. After the user opens the OFD document, the reader can determine whether to copy the first page object or the second page object completely according to the user role and then insert the first page object into the original document for display, so that different roles, such as normal plaintext or normal operation effect, are displayedAnd the operation rights such as characters, printing or non-printing can be replaced.

However, the above scheme has the following disadvantages:

1) Deleting the object from the page and completely copying the object into a specific data backup file, or completely copying the object from the data backup file back to the original page is difficult, and the condition of missing attribute and data during copying is easy to occur. The reason is that the copy operation is performed on the memory object, and when the object has complex attributes, such as clipping, pattern (Patten)/coloring (Shadding) filling, the attributes are further constructed by a plurality of other sub-objects, and there may be complex relationships (such as multiple intersections/union) between the sub-objects, so that it is difficult to completely copy the object, and these attributes are used for controlling the display of the object, and the copy error or the data omission may cause the display effect to be wrong. In fact, existing layout document engines do not provide substantially complete replication of objects, just because of direct replication difficulties or error-prone, and some engines employ counting techniques to simulate or circumvent complete replication of objects.

2) The rendering effect of a page object is affected by its own properties, as well as by the rendering parameters of the common resource if the object references these parameters. When the object is removed and copied back from the backup place, even if the attribute data of the object is completely copied, if the reference to the common parameter is omitted, the drawing effect is incorrect.

3) When the object is copied back to the original page from the data backup file, it is difficult to guarantee the position of the object. The prior art adopts a method of recording the layer (layer) ID of the original object to ensure that the layer of the object is unchanged during writing back, but cannot ensure that the index (i.e. the position) of the object in a plurality of object sequences is unchanged in the same layer. For example, a text object in an original page can be normally displayed before a certain image object in the same layer, when the text object is removed and then inserted into the page again, the index value in the object sequence is lost, and the text object is processed in a last mode, so that the text object is blocked from being displayed after being changed into an image. Moreover, the prior art increases the index of the recorded object or the ID of the previous object, and the subsequent retrieval of the position according to the index/the previous object ID is still fragile, and the recorded index value or ID may be invalid once the user edits on the page, such as adding/deleting the object.

4) The prior art is relatively complex in structure, requiring the system to maintain the ID of the original page object (the object is removed, but the ID is still recorded in the semantic tree), the first page object (the copy object of the original page object), the second page object (copy and construct the object that changes subject to rights, e.g., plaintext becomes "in the clear"; "etc.), and their mapping relationships, and also layer IDs, possible object indexes, etc., make the system structure more complex, understandable and maintainable.

5) The prior art removes the rights-set object from the original page (and copies it to some custom data backup file), which changes the structure of the document. A bad consequence is that when the document is viewed with an OFD reader of other standards, the objects are no longer present and the area is left blank. A more reasonable effect is that when viewing the document with a standard OFD reader, the object still exists but becomes a limited user-viewable effect, e.g. text becomesThe text is still visible but not printable, etc.

6) The prior art encryption of this particular data backup file is independent of the system's overall encryption policy for the OFD, which can result in inconsistent encryption policies for this data backup file with the overall OFD encryption policy, or increase the cost of maintaining such consistent pairs.

Fig. 1 is a schematic flow diagram of a method for controlling authority of a page object in an open layout document OFD according to the present invention, as shown in fig. 1, and the method includes steps 101 to 103.

Step 101, acquiring a semantic tree file corresponding to an OFD document, wherein the semantic tree file comprises at least one semantic node, and the semantic node comprises at least one page object in the OFD document.

It should be noted that, the permission control method for a page object in an open format document OFD provided by the present invention is applicable to a scenario of permission control for a page object in an OFD document, and an execution body of the method may be a permission control device for a page object in an open format document OFD, for example, an electronic device, or a control module in the permission control device for a page object in an open format document OFD, which is used for executing the permission control method for a page object in the open format document OFD.

Specifically, when users with different scenes or different roles need to perform authority control on page objects in an OFD document, the users open the OFD document by using an OFD document reader, input text contents in the OFD document reader, pop up at least one semantic tree template corresponding to the text contents correspondingly by the OFD document reader, select the corresponding semantic tree template, and import the semantic tree template into the OFD document, wherein the page objects comprise at least one of text, pictures and paths.

And then, analyzing the OFD document to obtain a semantic tree file, wherein the semantic tree file comprises a plurality of semantic nodes. In practical application, the obtained OFD document is analyzed to obtain a semantic tree file (semantic tree XML file), wherein the semantic tree file comprises a plurality of semantic nodes, such as document body nodes, edition head nodes, main body nodes, edition record nodes, a plurality of copying mechanism nodes, a printing mechanism and a printing date node, and the printing mechanism and the printing date node comprise a printing mechanism node and a printing date node.

And 102, setting corresponding target authorities for the semantic nodes when detecting authority setting operation for any semantic node.

Specifically, the target authority is used for performing corresponding authority control operation on each page object contained in the semantic node, and the target authority comprises at least one group of invisible, non-printable, non-extractable, invisible, non-printable, extractable, invisible, printable, extractable, visible, non-printable, non-extractable, visible, non-printable, extractable, invisible, non-printable, extractable, visible, printable, non-extractable, and visible, printable, and extractable.

In practical application, when the permission setting operation for the semantic node is detected, the corresponding target permission can be set for the semantic node. For example, the page object associated with the "file level" node is "superfine", invisible, printable and extractable rights are set for the "file level" node, wherein the page object "superfine" corresponding to the invisible rights can be replaced by a substitute text, for example, the substitute text is "". By setting the corresponding target authority for the semantic node, when the authority control operation corresponding to the target authority is executed on the page object, the authority of the page object is controlled, so that the refinement management of the authority of the page object is realized, and the user experience is improved.

And 103, performing authority control operation on the object content and the object authority attribute of each page object according to the target authority and the backup document corresponding to each page object under the semantic node.

Specifically, when the authorized user sets the rights for a certain semantic node, the rights are expressed in two parts, namely, a (node right) attribute of the semantic node, including 'plaintext/ciphertext', a 'ClearText =true/false', a 'printable/unprintable', a 'InPrintable =false/true', a 'exportable/nondderive', a 'Extractable =true/false', and the like. And secondly, the attribute of the page object(s) contained under the semantic node, for example, 'OriginalObjID' represents the backup file ID corresponding to the page object, and the original content data of the object is stored. When the semantic node is not qualified, these attributes of the semantic node do not exist.

All data of the page object contained in the semantic node is divided into three parts, the first part is content data (object content) of the object, such as character strings (TextCode) and CGTransform (CGTransform used for describing indexes of characters in embedded fonts, which are closely related to the content of the characters), and the second part is conventional attribute data (display attribute) of the object, such as fonts, font sizes, line widths, colors, positions, transparency, drawing parameter resource sets, whether printing can be performed, rectangle surrounding, rotation matrix, character direction, reading direction, transverse scaling ratio, gradual/axial/radial/high-power filling, and complex filling effects such as clipping area, shadding/Pattern. The third part is an object rights related attribute (object rights attribute), preferably a specific "InPrintable" attribute, indicating whether the page object is unprintable.

In practical application, according to the target authority, the authority control operation corresponding to the target authority can be executed on each page object, namely, firstly, the object content and the object authority attribute are copied to the backup document, and then, the authority control operation is executed on each object content and each object authority attribute based on the target authority.

Illustratively, two words of the object content "top" of the page object "top" and the object authority attribute "InPrintable =wire" can be copied into the backup file, and then the object content "top" can be changed to "based on the target authority""InPrintable =wire" is changed to "InPrintable =false".

The authority control method for the page objects in the open format document OFD comprises the steps of obtaining a semantic tree file corresponding to the OFD document, wherein the semantic tree file comprises at least one semantic node, the semantic node comprises at least one page object in the OFD document, setting corresponding target authorities for the semantic node when authority setting operation for any semantic node is detected, and performing authority control operation on object contents and object authority attributes of the page objects according to the target authorities and backup documents corresponding to the page objects under the semantic node. The invention does not need to copy complex and numerous display attributes, and further does not need to process the common drawing parameters referenced by the display attributes, so that the problem caused by missing or error of copying the complete object is avoided; the invention does not need to remove the original page object, but directly modifies the data affected by the right on the page object, so that the position of the page object is unchanged, and the layer identification, the direction index and the like of the object are not required to be recorded and maintained, thereby greatly simplifying the system structure and logic.

In one or more optional embodiments of the present invention, the target authority is a hidden authority, and correspondingly, under the semantic node, performing an authority control operation on an object content and an object authority attribute of each page object according to the target authority and a backup document corresponding to each page object, where the operation includes:

Creating a backup file for the page object;

In particular, the hidden rights include ciphertext and/or unprintable.

In practical application, when the page object contained in the semantic node is designated as ciphertext or can not be printed, two operations are carried out, namely, a specific backup file is constructed for storing object contents of the page object with set authority, the object contents and the object authority attributes of all the page objects under the semantic node are copied into a standby document, document identifications are recorded, and the object contents and the object authority attributes of the page objects under the semantic node are modified according to the contents of the target authority.

For text objects set as ciphertext, the content strings thereof are illustratively replaced with specified replacement characters (e.g. ""Etc.) while deleting CGTransform to ensure that the replacement character is in effect. For an object set to unprintable, its "InPrintable" attribute is set to true.

In one or more optional embodiments of the present invention, the target authority is a display authority, and correspondingly, under the semantic node, performing an authority control operation on an object content and an object authority attribute of each page object according to the target authority and a backup document corresponding to each page object, where the operation includes:

Setting the ciphertext attribute of the semantic node as refusal according to the display authority;

And for each page object under the semantic node, replacing the object content and the authority attribute of the page object under the semantic node by using the object content and the authority attribute of the page object in the backup file corresponding to the document identification.

Specifically, the display authority includes plaintext and/or printable.

In practical application, when a page object contained in a semantic node is designated as being changed from ciphertext to plaintext or printing permission is changed from unprintable to printable, a corresponding backup document necessarily exists in the page object under the semantic node, and the original object content of the page object is stored in the backup document. At this time, the ciphertext attribute of the semantic node, i.e., chiperText attribute, is set to reject (false), and then the object content and the object authority attribute in the backup document are copied back into the object content and the authority attribute of the page object under the semantic node.

Illustratively, for example, for a text object, text content (TextCode) and CGTransform in the corresponding backup document are copied back to the page object, replacing the object content and object rights attributes in the page object under the semantic node. For print authority, print attribute "InPrintable" of the semantic node should be set to false, and then InPrintable of the page object should be set to false.

In one or more optional embodiments of the present invention, the target authority derives authority for a semantic tree, and correspondingly, under the semantic node, performing an authority control operation on object contents and object authority attributes of each page object according to the target authority and a backup document corresponding to each page object, where the authority control operation includes:

And according to the semantic tree export permission, setting the export attribute of the semantic node as permission.

In one or more optional embodiments of the present invention, the target authority is a semantic tree from which no authority is derived, and correspondingly, performing, under the semantic node, an authority control operation on an object content and an object authority attribute of each page object according to the target authority and a backup document corresponding to each page object, where the authority control operation includes:

And according to the semantic tree, the authority is not exported, and the export attribute of the semantic node is set as refusal.

In practical application, the export attribute of the semantic node is set as to whether exportable, namely Extractable is directly set as true or false on the semantic node.

It should be noted that, in the embodiment of the present invention, when the "plaintext/ciphertext" attribute of the page object is set, the "Visible" attribute of the page object is not changed. Visible/invisible representation that the content of the page object can/cannot be displayed, as opposed to switching only the plaintext/ciphertext of the object content (switching toEqual ciphertext or switch back to original). For example, if the "Visible" attribute of a page object of a native OFD document is false, that is, the page object itself is not Visible. The embodiment of the invention only modifies the object content of the page object, and after the object content is switched into ciphertext, the page object is still invisible, for example, the text object cannot see the replaced 'after the replacement'"Character because its Visible attribute is false. However, for the "printable/non-printable" setting, this attribute is not ambiguous, and the "InPrintable" attribute of the page object is directly modified/replaced to achieve intent. For example, if the "InPrintable" attribute of a certain page object in the original document is false (or no InPrintable attribute, the default value is false), that is, the page object is printable, after the user sets it to "unprintable", the "InPrintable" is set to true, otherwise, if the "InPrintable" attribute of a certain page object in the original document is true, that is, the page object is unprintable, after the user sets it to "printable", the "InPrintable" of the page object is set to false.

Referring to fig. 2, fig. 2 is a schematic flow chart of authority setting provided by the present invention, in which node authority attributes of semantic nodes are firstly set, whether the node authority attributes of the semantic nodes are set as ciphertext or unprintable is judged, if yes, a backup document is constructed, object contents and object authority attributes of page objects under the semantic nodes are copied into the backup document, namely, the object contents and the object authority attributes are copied into the backup document, then the object contents and the object authority attributes of the page objects under the semantic nodes are modified, namely, the object contents and the object authority attributes of the page objects are modified, and if no, whether the page objects are changed from plaintext or unprintable to printable on the right is continuously judged. If the document is changed from the plain text or the right unprintable document to the printable document, the object content of the page object is read from the document identification corresponding backup document and restored to the object content of the page object under the semantic node, namely, the object content is read from the backup document and restored to the page object, and the object authority attribute of the page object is read from the document identification corresponding backup document and restored to the object authority attribute of the page object under the semantic node, namely, the attribute is updated InPrintable. If it is not from plain text or right unprintable to printable, it ends.

In one or more optional embodiments of the present invention, after performing the rights control operation on the object content and the object rights attribute of each of the page objects, the method further includes:

Responsive to an output class operation for the OFD document:

Specifically, the output class operation includes three classes, document display, document printing, and semantic tree derivation.

In practical application, under the condition that a user performs output class operation on an OFD document, different logic output class operations are performed on the OFD document for different users, namely, for authorized users, the output class operation is performed on the OFD document together according to the semantic node and the backup document corresponding to the record document identification, and for unauthorized users, the output class operation is performed on the OFD document only according to the semantic node without the backup document corresponding to the document identification. Thus, different users can be ensured to have different output class operations.

In one or more optional embodiments of the present invention, the output class operation is document display and/or document printing, and the executing, for the authorized user, the output class operation on the OFD document based on the semantic tree file and the recorded backup documents corresponding to all document identifications includes:

Reading the semantic tree file for an authorized user;

In practical application, referring to FIG. 3, FIG. 3 is a schematic flow chart of document display provided by the invention, in which when an OFD document is displayed, the embodiment of the invention does not adopt a mode of modifying the content of an OFD page object to realize the change of a display effect, but keeps the object content unmodified, and when a rendering engine displays a certain page object, the correct content of the page object is obtained in real time according to a user role and is transmitted to a display engine, so that the content of the OFD document is ensured to be unchanged all the time after the authority is set, and is not changed with different display conditions. The specific method comprises the steps of firstly taking the conventional attribute of the page object according to the normal flow when the object is rendered, wherein the conventional attribute comprises referenced public drawing parameter data, namely, the display attribute is obtained when the page object is rendered, and then taking the page content according to the role of the current user, namely, judging whether the user is an authorized user or not. If the user is authorized, the ChiperText attribute of the semantic node is ignored (each authorization limit is only specific to an unauthorized user, and the authorized user must have the authority of seeing the plaintext), namely the ChiperText attribute is ignored, and whether each page object contained in the semantic node has a corresponding document identifier is checked, namely whether a backup document exists is judged. If the document identification is not corresponding, the page object under the semantic node is not set with permission, and the object content of the page object under the semantic node is still the original plaintext, and at the moment, the object content and the display attribute of the page object under the semantic node are read for display, namely the object content and the display attribute of the page object are read for rendering. So that the authorized user must see the original text (plaintext). In this way, different effects can be displayed according to the user roles and plaintext/ciphertext settings, and the change of the effects occurs dynamically in the rendering engine instead of relying on modifying the document content, which itself does not change.

Referring to fig. 4, fig. 4 is a schematic flow chart of document printing provided by the present invention. And when the page object is printed, acquiring display attributes, and judging whether the user is an authorized user or not. If the user is authorized, the InPrintable attribute of the semantic node is ignored (each authorization limit is only specific to an unauthorized user, and the authorized user has certain printing permission), namely the InPrintable attribute is ignored, and whether each page object contained in the semantic node has a corresponding document identifier or not is checked, namely whether a backup document exists or not is judged. If the document identification is not corresponding, the page object under the semantic node is not set with permission, the object content of the page object under the semantic node is still the original plaintext, and at the moment, the object content and the display attribute of the page object under the semantic node are read for printing, namely, the object content and the display attribute of the page object are read for printing. The content thus printed by the authorized user must be in the original text (plaintext).

It should be noted that, in the embodiment of the present invention, the printing and the logic of the plaintext/ciphertext are separated, for example, a certain object is set to display the ciphertext and can be printed, so that an unauthorized user can print, but only can print out the password, so that the present invention accords with the convention and principle of "what you see is what you get".

In one or more alternative embodiments of the invention, the output class operation is document display and/or document printing;

for unauthorized users, reading the semantic tree file;

In practical application, referring to fig. 3, if the user is an unauthorized user, object content and display attribute of the fixed read page object are rendered from the semantic tree file, that is, the object content and display attribute of the fixed read page object are rendered. In this way, different effects can be displayed according to the user roles and plaintext/ciphertext settings, and the change of the effects occurs dynamically in the rendering engine instead of relying on modifying the document content, which itself does not change.

It should be noted that, at this time, whether the page object has ChiperText attribute and ChiperText attribute is true or false in the semantic node, the object content and display attribute of the page object are fixed and read for rendering. And for the condition that ChiperText attributes are not set, the condition that the semantic node/page object is not set with the permission of plaintext/ciphertext is explained, at the moment, the object content of the page object under the semantic node is original data (plaintext), and the displayed effect is plaintext. For ChiperText =true, the semantic node/object is set to display ciphertext, at this time, the object content of the page object under the semantic node has been modified to ciphertext when the right is set, and the displayed object content is ciphertext. For the case of ChiperText attribute and ChiperText =false, the semantic node is set to display ciphertext (ChiperText =true) and then modified to display plaintext (ChiperText =false), at this time, the object content of the page object under the semantic node has been modified to plaintext when the right is set last time, and the displayed object content is plaintext.

Referring to fig. 4, when printing an OFD document, if it is an unauthorized user, the object content and display attribute of the read page object are fixed for printing.

It should be noted that, at this time, whether the page object has InPrintable attribute and InPrintable attribute is true or false in the semantic node, the object content and display attribute of the page object are fixed for printing.

In one or more optional embodiments of the present invention, the output class operation is derived for a semantic tree, and the executing, for an authorized user, the output class operation on the OFD document based on the semantic tree file and the recorded backup documents corresponding to all document identifications includes:

Reading the semantic tree file for an authorized user;

In practical application, referring to fig. 5, fig. 5 is a schematic flow chart of semantic tree derivation provided by the invention, which is to traverse each semantic node in a semantic tree file, namely traverse the semantic node, and judge by combining with the role of the current user, namely judge whether the user authorizes the user. If the user is authorized, ignoring the 'Exprotable' attribute and the ChiperText attribute of the semantic node (each authorization limit only aims at an unauthorized user, and the authorized user has the export permission), namely ignoring the Exprotable attribute and the ChiperText attribute, judging whether each page object contained in the semantic node has a corresponding document identification, namely judging whether a backup document exists, if so, reading the object content (plaintext) of the backup document corresponding to the document identification to export, namely reading the object content export of the backup document, and if not, reading the object content (plaintext) of the page object under the semantic node to export, namely reading the object content export of the page object. Therefore, the effects that partial content of the unauthorized user can be exported and partial content is not exported can be realized according to the user roles and the export settings, plaintext is exported for the exportable part, the partial object and ciphertext is exported for the partial object.

In one or more alternative embodiments of the present invention, the output class operation is a semantic tree derivation, and the performing, for an unauthorized user, the output class operation on the OFD document based on the semantic tree file includes:

if the derived attribute is refusal, skipping the semantic node;

In practical application, referring to fig. 5, when the semantic tree is exported, each semantic node in the semantic tree file is traversed, namely the semantic node is traversed, and judgment is performed by combining the roles of the current user, namely whether the user authorizes the user is judged. And judging whether the derived attribute of the semantic node is false or not for the unauthorized user, if yes, skipping the semantic node to derive, otherwise, reading the object content of the page object under the semantic node to derive, namely reading the object content of the page object to derive. Note that at this point, whether or not the ChiperText attribute and the ChiperText attribute have values true or false, the object content of the page object is read and exported. Therefore, the effects that partial content of the unauthorized user can be exported and partial content is not exported can be realized according to the user roles and the export settings, plaintext is exported for the exportable part, the partial object and ciphertext is exported for the partial object.

clearing node authority attributes of the semantic nodes;

In practical application, referring to fig. 6, fig. 6 is a schematic flow chart of a document restoration provided by the invention, in which an authorized user can restore an OFD document with set authority to an original state by traversing each semantic node in a semantic tree file, namely traversing the semantic node, deleting the semantic node if the semantic node has a semantic authority attribute, such as ChiperText, inPrintable, extractable, and the like, namely deleting the semantic authority attribute, judging whether a page object under the semantic node has a corresponding document identification, namely judging whether a backup document exists, if so, copying the object content and the object authority attribute of the backup page object corresponding to the document identification to the corresponding page object under the semantic node to replace corresponding data, namely restoring the object content in the backup document to the page object, deleting the document identification corresponding to the page object recorded under the semantic node, namely deleting the recorded document ID, and if not, ending. Therefore, the recovery accuracy can be improved while the efficiency of recovering the document is ensured.

In one or more optional embodiments of the invention, after copying the object content and the authority attribute of the page object to the backup document under the semantic node, the method further comprises:

In practical application, most of the existing OFD readers have the function of encrypting and decrypting the OFD documents, all files except individual files such as ofd.xml and document.xml in the OFD documents are encrypted/decrypted, and because the encryption and decryption are not in the OFD specification, different OFD readers cannot mutually decrypt the other encrypted OFD documents, and as a result, the other OFD readers can only display the other encrypted OFD documents as blank when opening the other encrypted OFD documents.

The above-mentioned authority-set OFD document, the original contents of the page objects thereof are stored in the backup file, and therefore the backup file needs to be encrypted to prevent the unauthorized user from seeing the plain text in a manner of directly opening xml in the OFD document. In the prior art, the encryption and decryption of the backup file are independent of the encryption and decryption of the OFD document. According to the embodiment of the invention, authority setting is combined with encryption and decryption of the OFD document, and the user considers that the user has performed finer control (semantic node level or page object level control) on the page object of the OFD document according to own requirements on the OFD document with the authority setting, instead of simply performing integral encryption to cause that other readers cannot display the whole (the whole document is displayed as blank) or performing integral non-encryption to cause that other readers can completely display original contents.

The encryption strategy of the OFD is adjusted to be that if the authority is set by the semantic node of the OFD document, only the backup file storing the object content is encrypted, and the rest files are not encrypted. The cipher/certificate and algorithm used for encryption and decryption uses the cipher/certificate mechanism in the OFD document encryption mechanism, namely the key associated with the authorized user.

Because the page object in the OFD document is not removed from the page, and the object content and the object authority attribute in the page object are changed into the authority content corresponding to the unauthorized user during the authority setting. Thus, when the OFD document is viewed by other standard OFD readers, the effect is that the content seen by the unauthorized user is consistent, but not completely blank, and the object printing authority is also consistent with the authority of the unauthorized user.

The method for controlling the authority of the page object in the open layout document OFD provided by the invention is further described below with reference to fig. 7.

Referring to fig. 7, fig. 7 is a second flowchart of the authority control method of the page object in the open layout document OFD provided by the present invention.

For an OFD document containing a plurality of pages, wherein the pages are provided with various objects such as characters, pictures and the like, authority control needs to be carried out on the OFD document so as to ensure that users (authorized users and unauthorized users) with different roles can see and operate different levels of content.

1) Permission settings including node permission attribute settings of semantic nodes and object permission settings of page objects.

And setting node authority attributes of the semantic nodes.

Illustratively, a semantic node represents a confidential information portion of an enterprise for which a user is authorized to set rights. The semantic node attribute is set to "plaintext/ciphertext" by setting "ChiperText" to "true" indicating that the content under the semantic node is ciphertext, "printable/unprintable" by setting "InPrintable" to "true" indicating that the content under the semantic node is unprintable, and "exportable/undelayable" by setting "Extractable" to "false" indicating that the content under the node is undelayable.

The semantic node contains a text object below, and the "OriginalObjID" attribute of the semantic node is set to "100", and the original content data (object content) representing the page object is stored in the backup document (document ID is "100").

And analyzing the page object data. The data contained in the page object is divided into three parts, taking the text object as an example:

the object content is that the character string (TextCode) of the text object is "enterprise core technical material" whose CGTransform records the index of the character in the embedded font for accurately displaying the text, the display attribute (regular attribute data) is that the font is Song Ti, the font size is 12, the color is black, the position is the upper left corner of the page (x=10, y=20), and the like, and the object authority attribute is that the "InPrintable" attribute is set to "true", indicating that the text object is not printable.

Setting ciphertext or nonprintable operation of the object, for example, setting the above-mentioned text object to ciphertext and nonprintable, constructing a data backup file "BackupFile _100", copying content data of the text object ("enterprise core technical material" and corresponding CGTransform) and rights related attribute ("InPrintable =true") into a first page object (ID of "100"), "modifying content data of the page object, replacing text content with"", And delete CGTransform thereof, while setting the" InPrintable "attribute to" true ".

The object permission setting of the page object is illustrated with the object set as plain text or printable operation, and with whether the semantic node is exportable.

The object is set to plaintext or printable operation, assuming that the subsequent authorized user changes the semantic node from ciphertext to plaintext and the printable right from unprintable to printable, setting the "ChiperText" attribute of the semantic node to "false", copying the literal content ("enterprise core technical material") and CGTransform in the backup document ("100" document ID) back to the page object, replacing "in the page object""InPrintable" attribute of the semantic node is set to "false", and "InPrintable" attribute value of the page object is also set to "false".

Setting whether the semantic node is exportable, namely setting the attribute of 'Extractable' as 'true' on the semantic node by an authorized user, wherein the attribute indicates that the node is exportable.

2) Document display (with settings as ciphertext).

It is determined whether the user is an authorized user.

If the user is authorized, the user is authorized to open the OFD document, and the rendering engine firstly obtains the display attribute (such as font, font size and the like) of the page object according to the normal flow. Because the user is an authorized user, ignoring the 'ChiperText' attribute of the semantic node, finding that the text object has a corresponding backup document (the document ID is 100), reading the object content (plaintext 'enterprise core technical material') in the backup document and the object attribute of the page object to form complete object data, and delivering the complete object data to a rendering engine for rendering and displaying, wherein the authorized user sees the original text.

If the user is not an authorized user, the user is displayed according to the operation flow of the unauthorized user, wherein an external unauthorized person tries to open the OFD document, and the rendering engine also obtains the general attribute data. Since it is an unauthorized user, the object content of the read page object is fixed (the "object content") "") And display attributes, and the displayed object content is ciphertext.

3) Document printing (set to ciphertext + printable, for example).

It is determined whether the user is an authorized user.

If the user is authorized, printing is performed according to the operation flow of the unauthorized user, wherein the authorized user clicks a printing button, and the printing engine starts to work. Because the character object is an authorized user, ignoring the 'InPrintable' attribute of the node, finding that the character object has a corresponding backup document (the document ID is 100), reading the object content (plaintext 'enterprise core technical material') in the backup document and the display attribute of the page object to form complete object data, and delivering the complete object data to a print engine for printing, wherein the printed content is original text.

If the document is not an authorized user, printing is carried out according to the operation flow of the unauthorized user, wherein the unauthorized user tries to print the document, and the printing engine fixedly reads InPrintable attributes of the page object and object content (the' operation flow of the unauthorized user is that) "") And display attributes, currently InPrintable is false, the description is printable, but only ciphertext is printed.

4) Semantic tree derivation (set to ciphertext + non-derivable, for example).

It is determined whether the user is an authorized user.

If the user is authorized, the semantic tree is exported according to the operation flow of the unauthorized user, and the exporter traverses all semantic nodes of the semantic tree file. Because the text object is an authorized user, ignoring the 'Exprotable' attribute and the 'ChiperText' attribute of the node, finding that the text object has a corresponding backup document (the document ID is 100), and reading the object content (the plaintext 'enterprise core technical material') in the copy document for export.

If the semantic tree is not exported by the authorized user, namely according to the operation flow of the unauthorized user, the unauthorized person tries to export the semantic tree, the exporter judges the attribute 'Exprotable' of the semantic node first, and the semantic node is skipped and is not exported because the semantic node 'Extractable' is 'false'.

5) The original document is restored.

The authorized user selects the OFD document with set authority to restore the original state, namely traversing semantic tree nodes, finding semantic nodes with the authority set before, deleting authority attributes such as ChiperText, inPrintable, extractable, and the like, wherein text objects under the semantic nodes have corresponding backup documents (ID is 100), copying object contents ("enterprise core technical materials") and object authority attributes ("InPrintable =false") in the backup documents into corresponding page objects to replace corresponding data, and deleting document IDs ("100") of the questions corresponding to the page objects recorded under the semantic nodes.

6) And combining encryption and decryption and roles of the existing OFD document, namely combining the existing OFD document.

Because the OFD document is provided with semantic rights, only the backup document 'BackupFile _100' storing the object content and the object rights attribute of the page object is encrypted, and the rest files are not encrypted. The cipher/certificate and algorithm used for encryption and decryption multiplex the cipher/certificate mechanism in the current OFD document encryption mechanism. When the OFD document is viewed by other standard OFD readers, the effect seen is consistent with the content seen by unauthorized users, i.e. the text object is displayed as'The object printing authority is also consistent with the authority of the unauthorized user.

When the embodiment of the invention sets the rights, a specific backup document is required to be constructed for storing copies of the page objects with the set rights, only simple object contents and object rights attributes are required to be copied, complex and numerous display attributes are not required to be copied, and further common drawing parameters referenced by the copy attributes are not required to be processed, so that the problem caused by missing or error copying of complete objects in the prior art is avoided. Through this step, the original object content (plaintext) and the original value of the object rights attribute are always saved in the backup document.

The embodiment of the invention does not remove the original page object, but directly modifies the data influenced by the right on the original page object. When a page object is designated as ciphertext, for example, the text object content is changed to ciphertext (replaced with ""Etc. replacement characters) or vice versa. Therefore, the original page object position is unchanged, and the layer ID, the direction index and the like of the object do not need to be recorded and maintained, so that the system structure and logic are greatly simplified.

For other standard OFD readers, the embodiment of the invention does not reduce the content of the original OFD document, only modifies the data of part of the objects (mainly plaintext is changed into ciphertext), and simultaneously increases the content (mainly a specific backup document) which is not in the OFD standard, the standard OFD reader normally analyzes the document according to the OFD standard, ignores the increased non-standard content, and the page object is rewritten into the effect which can be seen by an unauthorized user (the content data of the page object can be kept in plaintext and also can be changed into substitute characters, namely ciphertext (for example'"Etc.), the standard OFD reader opens the OFD document, the result seen is just an effect that can be seen by an unauthorized user, and the operation is also an operation that can be performed by an unauthorized user, not becoming blank.

The embodiment of the invention combines the widely supported document encryption, decryption and roles in the existing OFD reader with the semantic permission setting and improves the former. On one hand, the existing encryption and decryption logic is multiplexed, and comprises protocols of different roles in opening documents and setting various rights, management and algorithm support of keys/certificates and the like, and on the other hand, the OFD documents in the prior art are improved to be completely encrypted, so that other readers can only see blank pages or not be completely encrypted, and other readers can see all plaintext and perform rough policies of all operations without limit, so that other standard OFD readers can obtain contents and operations which can be seen by the same rights of unauthorized users.

The authority control device for the page object in the open format document OFD provided by the invention is described below, and the authority control device for the page object in the open format document OFD described below and the authority control method for the page object in the open format document OFD described above can be referred to correspondingly.

Fig. 8 is a schematic structural diagram of a right control device for a page object in an open layout document OFD provided by the present invention, as shown in fig. 8, the device includes:

An obtaining module 801, configured to obtain a semantic tree file corresponding to an OFD document, where the semantic tree file includes at least one semantic node, and the semantic node includes at least one page object in the OFD document;

a setting module 802 configured to set a corresponding target authority for any one of the semantic nodes when an authority setting operation for the semantic node is detected;

and the control module 803 is configured to perform authority control operation on the object content and the object authority attribute of each page object according to the target authority and the backup document corresponding to each page object under the semantic node.

Optionally, the target authority is a hidden authority;

The control module 803 is specifically configured to:

Creating a backup file for the page object;

Optionally, the apparatus further comprises a first response module configured to:

Responsive to an output class operation for the OFD document:

Optionally, the output class operates as document display and/or document printing;

The first response module is specifically configured to:

Reading the semantic tree file for an authorized user;

The first response module is specifically configured to:

for unauthorized users, reading the semantic tree file;

Optionally, the output class operation is a semantic tree derivation;

The first response module is specifically configured to:

Reading the semantic tree file for an authorized user;

if not, reading the object content of the page object from the semantic node and exporting the object content;

optionally, the output class operation is a semantic tree derivation;

The first response module is specifically configured to:

if the derived attribute is refusal, skipping the semantic node;

Optionally, the apparatus further comprises a second response module configured to:

clearing node authority attributes of the semantic nodes;

Optionally, the apparatus further comprises an encryption module configured to:

Fig. 9 illustrates a physical schematic diagram of an electronic device, which may include a processor (processor) 910, a communication interface (Communications Interface) 920, a memory 930, and a communication bus 940, where the processor 910, the communication interface 920, and the memory 930 perform communication with each other through the communication bus 940, as shown in fig. 9. The processor 910 may call a logic instruction in the memory 930 to execute a permission control method of a page object in an open format document OFD, where the method includes obtaining a semantic tree file corresponding to the OFD document, where the semantic tree file includes at least one semantic node, where the semantic node includes at least one page object in the OFD document, setting a corresponding target permission for a semantic node when a permission setting operation for any of the semantic nodes is detected, and performing a permission control operation on object contents and object permission attributes of each of the page objects according to the target permission and a backup document corresponding to each of the page objects under the semantic node.

Further, the logic instructions in the memory 930 described above may be implemented in the form of software functional units and may be stored in a computer-readable storage medium when sold or used as a stand-alone product. Based on this understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present invention. The storage medium includes a U disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, an optical disk, or other various media capable of storing program codes.

In another aspect, the invention further provides a computer program product, the computer program product comprises a computer program, the computer program can be stored on a non-transitory computer readable storage medium, when the computer program is executed by a processor, the computer can execute the authority control method of the page objects in the open format document OFD provided by the methods, the method comprises the steps of obtaining a semantic tree file corresponding to the OFD document, the semantic tree file comprises at least one semantic node, the semantic node comprises at least one page object in the OFD document, setting corresponding target authorities for the semantic node when detecting authority setting operation for any semantic node, and performing authority control operation on object content and object authority attributes of each page object according to the target authorities and backup documents corresponding to each page object under the semantic node.

In still another aspect, the present invention further provides a non-transitory computer readable storage medium, on which a computer program is stored, where the computer program is implemented when executed by a processor to perform the method for controlling the authority of a page object in an open format document OFD provided by the above methods, where the method includes obtaining a semantic tree file corresponding to the OFD document, where the semantic tree file includes at least one semantic node, where the semantic node includes at least one page object in the OFD document, setting a corresponding target authority for the semantic node when an authority setting operation for any one of the semantic nodes is detected, and performing, under the semantic node, an authority control operation on an object content and an object authority attribute of each of the page objects according to the target authority and a backup document corresponding to each of the page objects.

The apparatus embodiments described above are merely illustrative, wherein the elements illustrated as separate elements may or may not be physically separate, and the elements shown as elements may or may not be physical elements, may be located in one place, or may be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment. Those of ordinary skill in the art will understand and implement the present invention without undue burden.

From the above description of the embodiments, it will be apparent to those skilled in the art that the embodiments may be implemented by means of software plus necessary general hardware platforms, or of course may be implemented by means of hardware. Based on this understanding, the foregoing technical solution may be embodied essentially or in a part contributing to the prior art in the form of a software product, which may be stored in a computer readable storage medium, such as ROM/RAM, a magnetic disk, an optical disk, etc., including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method described in the respective embodiments or some parts of the embodiments.

It should be noted that the above-mentioned embodiments are merely for illustrating the technical solution of the present invention, and not for limiting the same, and although the present invention has been described in detail with reference to the above-mentioned embodiments, it should be understood by those skilled in the art that the technical solution described in the above-mentioned embodiments may be modified or some technical features may be equivalently replaced, and these modifications or substitutions do not make the essence of the corresponding technical solution deviate from the spirit and scope of the technical solution of the embodiments of the present invention.

Claims

1. A method for controlling the permissions of page objects in an open format document OFD, comprising:

Acquire a semantic tree file corresponding to an OFD document, wherein the semantic tree file includes at least one semantic node, and the semantic node includes at least one page object in the OFD document;

When a permission setting operation for any of the semantic nodes is detected, a corresponding target permission is set for the semantic node;

Under the semantic node, according to the target permission and the backup document corresponding to each of the page objects, a permission control operation is performed on the object content and the object permission attribute of each of the page objects.

2. The permission control method for page objects in an open format document OFD according to claim 1, wherein the target permission is a hidden permission;

Under the semantic node, according to the target permission and the backup document corresponding to each of the page objects, the permission control operation is performed on the object content and the object permission attribute of each of the page objects, including:

For each of the page objects under the semantic node, the following operations are performed:

Creating a backup file for the page object;

Under the semantic node, copying the object content and the object permission attributes of the page object to the backup document;

Recording the identifier of the backup document as the document identifier corresponding to the page object under the semantic node;

According to the target authority, the object content of the page object is hidden under the semantic node, and the object authority attribute of the page object is changed.

3. The method for controlling the rights of page objects in an open format document OFD according to claim 2, characterized in that after performing the rights control operation on the object content and the object rights attribute of each of the page objects, the method further comprises:

In response to the output class operation on the OFD document:

For authorized users, based on the semantic tree file and the backup documents corresponding to all the recorded document identifiers, the output type operation is performed on the OFD document;

For unauthorized users, the output operation is performed on the OFD document based on the semantic tree file.

4. The permission control method for page objects in an open format document OFD according to claim 3, characterized in that the output type operation is document display and/or document printing;

The step of performing the output operation on the OFD document for the authorized user based on the semantic tree file and the backup documents corresponding to all the recorded document identifiers includes:

For authorized users, read the semantic tree file;

For any page object included in each of the semantic nodes in the semantic tree file, checking whether the page object has a corresponding document identifier;

If yes, then read the object content of the page object from the backup file corresponding to the document identifier, and read the display attribute of the page object from under the semantic node;

If not, read the object content and display attributes of the page object from the semantic node;

An output operation is performed on the page object according to the object content and the display attribute of the page object.

5. The method for controlling the permissions of page objects in an open format document OFD according to claim 3 or 4, wherein the output operation is document display and/or document printing;

The performing the output operation on the OFD document based on the semantic tree file for the unauthorized user includes:

For unauthorized users, read the semantic tree file;

For any page object contained in each of the semantic nodes in the semantic tree file, read the object content and display attributes of the page object from under the semantic node;

6. The permission control method for page objects in an open format document OFD according to claim 3, characterized in that the output class operation is semantic tree export;

For authorized users, read the semantic tree file;

If yes, then read the object content of the page object from the backup file corresponding to the document identifier and export it;

If not, the object content of the page object is read from the semantic node and exported.

7. The permission control method for page objects in an open format document OFD according to claim 3 or 4, characterized in that the output class operation is semantic tree export;

For each of the semantic nodes in the semantic tree file, read a derived attribute from a node authority attribute of the semantic node;

If the derived attribute is reject, skip the semantic node;

If the export attribute is allowed, the object content of the page object is read from the semantic node and exported.

8. The method for controlling the rights of page objects in an open format document OFD according to claim 2, characterized in that after performing the rights control operation on the object content and the object rights attribute of each of the page objects, the method further comprises:

In response to a restore operation of the OFD document by an authorized user, the following operations are performed for each semantic node in the semantic tree file:

Clearing the node permission attribute of the semantic node;

For any page object included in the semantic node, checking whether the page object has a corresponding document identifier;

If so, the object content and permission attributes of the page object in the backup file corresponding to the document identifier are used to replace the object content and permission attributes of the page object under the semantic node, and the document identifier corresponding to the page object under the semantic node is deleted.

9. The method for controlling the permissions of page objects in an open format document OFD according to claim 2, characterized in that after the object content and permission attributes of the page object are copied to the backup document under the semantic node, the method further comprises:

The backup file is encrypted using a key associated with a user, the user being an authorized user or an unauthorized user.

10. A permission control device for page objects in an open format document OFD, comprising:

An acquisition module is configured to acquire a semantic tree file corresponding to an OFD document, wherein the semantic tree file includes at least one semantic node, and the semantic node includes at least one page object in the OFD document;

A setting module, configured to set a corresponding target permission for any of the semantic nodes when a permission setting operation for the semantic nodes is detected;

The control module is configured to perform permission control operations on the object content and object permission attributes of each of the page objects under the semantic node according to the target permission and the backup documents corresponding to each of the page objects.