METHODS AND SYSTEMS FOR CONTROLLING ACCESS TO CUSTOM OBJECTS IN A DATABASE
First Claim
1. A method for controlling access to diverse custom objects in a custom entity share table, including:
- storing a plurality of custom object types for a plurality of shared database tenants in a custom entity share table, wherein;
a first custom object for a first tenant has a first schema including a first set of custom fields;
a second custom object for a second tenant has a second schema including a second set of custom fields;
the first and second custom objects are both stored in the same table despite having different sets of custom fields;
the first and second custom objects are both associated with fields for tenant id and object type;
receiving a request on behalf of a user belonging to a particular tenant for access to custom objects of a particular custom object type;
identifying a particular tenant and a particular group within the particular organization to which the user belongs;
determining whether the particular group has access to the particular custom object type requested and, if it does, filtering custom objects in the custom entity share table by at least tenant id and by custom object type to select custom objects responsive to the request received; and
responding to the request with at least some selected custom objects of the particular custom object type responsive to the request received and to which the user is entitled to have access.
1 Assignment
0 Petitions
Accused Products
Abstract
In embodiments, methods and systems for controlling access to custom objects are provided. These techniques for controlling access to custom objects can enable embodiments to utilize a key for the protection of the security of data that is to remain private while not compromising efficiency of a query. The key for a requested custom object is identified and then used so that only an appropriate portion of a custom entity share table is searched to locate access information. It is then determined whether the user can access at least a portion of the custom object, and the appropriate and allowed data is sent to the user.
-
Citations
3 Claims
-
1. A method for controlling access to diverse custom objects in a custom entity share table, including:
-
storing a plurality of custom object types for a plurality of shared database tenants in a custom entity share table, wherein; a first custom object for a first tenant has a first schema including a first set of custom fields; a second custom object for a second tenant has a second schema including a second set of custom fields; the first and second custom objects are both stored in the same table despite having different sets of custom fields; the first and second custom objects are both associated with fields for tenant id and object type; receiving a request on behalf of a user belonging to a particular tenant for access to custom objects of a particular custom object type; identifying a particular tenant and a particular group within the particular organization to which the user belongs; determining whether the particular group has access to the particular custom object type requested and, if it does, filtering custom objects in the custom entity share table by at least tenant id and by custom object type to select custom objects responsive to the request received; and responding to the request with at least some selected custom objects of the particular custom object type responsive to the request received and to which the user is entitled to have access. - View Dependent Claims (2, 3)
-
Specification