Method and System for Managing Object Level Security Using an Object Definition Hierarchy
First Claim
Patent Images
1. A computer-implemented method comprising:
- receiving a request from a user to perform an action on a first object in a plurality of objects in a software application;
accessing a predefined hierarchy of a plurality of different object definitions, wherein said first object is an instance of a first object definition in the predefined hierarchy;
accessing user authorization data;
determining permission of the user to perform said action; and
granting the user permission to perform the action on said first object, wherein the permission is determined from the predefined hierarchy and the user authorization data, andwherein the user is granted permission to perform the action on said first object if the user authorization data grants the user permission to perform the action on the first object based on the first object definition and an associated second object, wherein the second object is an instance of a second object definition, and wherein said second object definition is an ancestor of said first object definition in the predefined hierarchy.
2 Assignments
0 Petitions
Accused Products
Abstract
In one embodiment the present invention includes a computer-implemented method comprising receiving a request from a user to perform an action on a first object in a software application, accessing a predefined hierarchy of a plurality of different object definitions, accessing user authorization data, and granting the user permission to perform the action on said first object, wherein the permission is determined from the predefined hierarchy and the user authorization data, wherein determining the permission includes traversing the predefined hierarchy.
76 Citations
20 Claims
-
1. A computer-implemented method comprising:
-
receiving a request from a user to perform an action on a first object in a plurality of objects in a software application; accessing a predefined hierarchy of a plurality of different object definitions, wherein said first object is an instance of a first object definition in the predefined hierarchy; accessing user authorization data; determining permission of the user to perform said action; and granting the user permission to perform the action on said first object, wherein the permission is determined from the predefined hierarchy and the user authorization data, and wherein the user is granted permission to perform the action on said first object if the user authorization data grants the user permission to perform the action on the first object based on the first object definition and an associated second object, wherein the second object is an instance of a second object definition, and wherein said second object definition is an ancestor of said first object definition in the predefined hierarchy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer-readable medium containing instructions for controlling a computer system to perform a method, the method comprising:
-
receiving a request from a user to perform an action on a first object in a plurality of objects in a software application; accessing a predefined hierarchy of a plurality of different object definitions, wherein said first object is an instance of a first object definition in the predefined hierarchy; accessing user authorization data; and determining permission of the user to perform said action; and granting the user permission to perform the action on said first object, wherein the permission is determined from the predefined hierarchy and the user authorization data, and wherein the user is granted permission to perform the action on said first object if the user authorization data grants the user permission to perform the action on the first object based on the first object definition and an associated second object, wherein the second object is an instance of a second object definition, and wherein said second object definition is an ancestor of said first object definition in the predefined hierarchy. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification