Techniques for processing group membership data in a multi-tenant database system
First Claim
Patent Images
1. A method comprising:
- receiving a request for access to a sub-portion of content represented as an account stored within a multi-tenant database system to be processed as a query on the multi-tenant database system, the request having requester identification data;
identifying a group having access to the sub-portion of content represented as the account based on an associational data registry which associates groups with accounts and further identifying a sub-group having a user of a higher permission level dictated by a contractual relationship of the user with other users within the group of a lower permission level;
determining that access should be granted to the sub-portion of the content represented as the account based on a comparison of the requester identification data of the user that provided the request with the user associated with the sub-group identified as having access to the sub-portion of the content represented as the account due to the user'"'"'s higher permission level dictated by the contractual relationship of the user with the other users within the group; and
granting the access requested in response to determining that access should be granted.
1 Assignment
0 Petitions
Accused Products
Abstract
In accordance with embodiments, there are provided techniques for processing group membership data in a multi-tenant database system. These techniques for processing group membership data in a multi-tenant database system may enable embodiments to provide great flexibility to a tenant of the architecture to select the content that may be perceived by the tenant users while allowing the owner of the architecture control over the content.
-
Citations
18 Claims
-
1. A method comprising:
-
receiving a request for access to a sub-portion of content represented as an account stored within a multi-tenant database system to be processed as a query on the multi-tenant database system, the request having requester identification data; identifying a group having access to the sub-portion of content represented as the account based on an associational data registry which associates groups with accounts and further identifying a sub-group having a user of a higher permission level dictated by a contractual relationship of the user with other users within the group of a lower permission level; determining that access should be granted to the sub-portion of the content represented as the account based on a comparison of the requester identification data of the user that provided the request with the user associated with the sub-group identified as having access to the sub-portion of the content represented as the account due to the user'"'"'s higher permission level dictated by the contractual relationship of the user with the other users within the group; and granting the access requested in response to determining that access should be granted. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A non-transitory machine-readable storage medium having instructions stored thereon that, when executed by one or more processors, the instructions cause a multi-tenant database system to perform operations comprising:
-
receiving a request for access to a sub-portion of content represented as an account stored within a multi-tenant database system to be processed as a query on the multi-tenant database system, the request having requester identification data identifying a group having access to the sub-portion of content represented as the account based on an associational data registry which associates groups with accounts and further identifying a sub-group having a user of a higher permission level dictated by a contractual relationship of the user with other users within the group of a lower permission level; determining that access should be granted to the sub-portion of the content represented as the account based on a comparison of the requester identification data of the user that provided the request with the user associated with the sub-group identified as having access to the sub-portion of the content represented as the account due to the user'"'"'s higher permission level dictated by the contractual relationship of the user with the other users within the group; and granting the access requested in response to determining that access should be granted. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A multi-tenant database system which stores data for multiple tenants in the same physical database object in which tenant data is arranged so that data of one tenant is kept logically separate from that of other tenants so that the one tenant does not have access to the other tenants'"'"' data, unless such data is expressly shared, wherein the multi-tenant database system comprises:
-
a processor; and a memory having a sequence of instructions which, when executed by the processor, the sequence of instructions cause the processor to perform operations comprising; receiving a request for access to a sub-portion of content represented as an account stored within a multi-tenant database system to be processed as a query on the multi-tenant database system, the request having requester identification data identifying a group having access to the sub-portion of content represented as the account based on an associational data registry which associates groups with accounts and further identifying a sub-group having a user of a higher permission level dictated by a contractual relationship of the user with other users within the group of a lower permission level; determining that access should be granted to the sub-portion of the content represented as the account based on a comparison of the requester identification data of the user that provided the request with the user associated with the sub-group identified as having access to the sub-portion of the content represented as the account due to the user'"'"'s higher permission level dictated by the contractual relationship of the user with the other users within the group; and granting the access requested in response to determining that access should be granted.
-
-
18. An apparatus comprising:
-
a processor; and a memory having a sequence of instructions which, when executed by the processor, the sequence of instructions cause the processor to perform operations comprising; receiving a request for access to a sub-portion of content represented as an account stored within a multi-tenant database system to be processed as a query on the multi-tenant database system, the request having requester identification data identifying a group having access to the sub-portion of content represented as the account based on an associational data registry which associates groups with accounts and further identifying a sub-group having a user of a higher permission level dictated by a contractual relationship of the user with other users within the group of a lower permission level; determining that access should be granted to the sub-portion of the content represented as the account based on a comparison of the requester identification data of the user that provided the request with the user associated with the sub-group identified as having access to the sub-portion of the content represented as the account due to the user'"'"'s higher permission level dictated by the contractual relationship of the user with the other users within the group; and granting the access requested in response to determining that access should be granted.
-
Specification