| 发明名称 | Techniques for processing group membership data in a multi-tenant database system | ||
| 摘要 | In accordance with embodiments, there are provided techniques for processing group membership data in a multi-tenant database system. These techniques for processing group membership data in a multi-tenant database system may enable embodiments to provide great flexibility to a tenant of the architecture to select the content that may be perceived by the tenant users while allowing the owner of the architecture control over the content. | ||
| 申请公布号 | US9411852(B2) | 申请公布日期 | 2016.08.09 |
| 申请号 | US201313916441 | 申请日期 | 2013.06.12 |
| 申请人 | salesforce.com, inc. | 发明人 | Yancey Scott;Doshi Kedar;Wu Yongsheng |
| 分类号 | G06F17/30;G06F21/60 | 主分类号 | G06F17/30 |
| 代理机构 | Blakely Sokoloff Taylor & Zafman LLP | 代理人 | Blakely Sokoloff Taylor & Zafman LLP |
| 主权项 | 1. A system having at least a processor and a memory therein to execute instructions to process group membership data of a database system, wherein the system comprises: a portal user interface to allow users access to the database system over a network; the database system to store content; the database system to store the group membership data within a first dataset at the database system associating individual users as members of one or more groups or sub-groups; the database system to store Access Authorization Relationship (AAR) data within a second dataset at the database system, wherein the AAR data defines additional access rights for one or more users of a first sub-group to data which is accessible to one or more users of a second sub-group due to a managerial relationship between the one or more users of the first and second sub-groups; wherein the AAR data is independent of the group membership data stored by the first dataset which associates the individual users to the one or more groups or sub-groups and further wherein the AAR data exists independent of any individual users associated with the first and second sub-groups; the system to receive a request for access to a sub-portion of the content stored within the database system, wherein the request includes requester identification data uniquely identifying an individual user of the database system; the database system to determine the one or more groups and sub-groups having access to the sub-portion of the content stored at the database system; the database system to determine the users associated with the one or more groups and sub-groups via a join operation between the first dataset having the group membership data and the second dataset having the AAR data; and the database system to compare the identification of the user that provided the request for access to the sub-portion of the content with the users associated with the determined users associated with the one or more groups and sub-groups to determine whether access should be granted; and the portal user interface to transmit the sub-portion of the content in response to the request for access when determined that access should be granted. | ||
| 地址 | San Francisco CA US | ||