Transaction-aware caching for access control metadata
First Claim
1. A method for determining authorization to operate on a file, the method comprising computer-implemented steps of:
- receiving a request, associated with a session, for an operation on the file;
looking in one or more session caches that are associated with said session for an entry that contains permissions metadata for said file;
wherein said one or more session caches store a first set of permissions metadata that has been modified within said session but has not yet been committed for a transaction to a repository;
wherein said permissions metadata for said file includes information that specifies which users can perform which operations on said file;
wherein one or more sets of permissions metadata in said one or more session caches are posted to one or more shared caches in response to committing said one or more sets of permissions metadata, said one or more shared caches having entries that are accessible to multiple sessions;
if said entry is not in said one or more session caches, then performing the steps of;
looking for said entry in said one or more shared caches;
wherein said one or more shared caches store a second set of permissions metadata that has been committed to the repository; and
if said entry is not in said one or more shared caches, then obtaining said permissions metadata for said file from the repository that is different than said one or more session caches and said one or more shared caches; and
using said permissions metadata for said file to determine whether said operation may be performed on said file;
wherein the steps of the method are performed by one or more computer systems.
0 Assignments
0 Petitions
Accused Products
Abstract
Techniques are provided for performing transaction-aware caching of metadata in an electronic file system. A mechanism is described for providing transaction-aware caching that uses a cache hierarchy, where the cache hierarchy includes uncommitted caches associated with sessions in an application and a committed cache that is shared among the sessions in that application. Techniques are described for caching document metadata, access control metadata and folder path metadata. Also described is a technique for using negative cache entries to avoid unnecessary communications with a server when applications repeatedly request non-existent data.
-
Citations
30 Claims
-
1. A method for determining authorization to operate on a file, the method comprising computer-implemented steps of:
-
receiving a request, associated with a session, for an operation on the file; looking in one or more session caches that are associated with said session for an entry that contains permissions metadata for said file; wherein said one or more session caches store a first set of permissions metadata that has been modified within said session but has not yet been committed for a transaction to a repository; wherein said permissions metadata for said file includes information that specifies which users can perform which operations on said file; wherein one or more sets of permissions metadata in said one or more session caches are posted to one or more shared caches in response to committing said one or more sets of permissions metadata, said one or more shared caches having entries that are accessible to multiple sessions; if said entry is not in said one or more session caches, then performing the steps of; looking for said entry in said one or more shared caches; wherein said one or more shared caches store a second set of permissions metadata that has been committed to the repository; and if said entry is not in said one or more shared caches, then obtaining said permissions metadata for said file from the repository that is different than said one or more session caches and said one or more shared caches; and using said permissions metadata for said file to determine whether said operation may be performed on said file; wherein the steps of the method are performed by one or more computer systems. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A non-transitory computer-readable storage medium storing one or more sequences of instructions for determining authorization to operate on a file, which instructions, when executed by one or more processors, cause the one or more processors to perform:
-
receiving a request, associated with a session, for an operation on the file; looking in one or more session caches that are associated with said session for an entry that contains permissions metadata for said file; wherein said one or more session caches store a first set of permissions metadata that has been modified within said session but has not yet been committed for a transaction to a repository; wherein said permissions metadata for said file includes information that specifies which users can perform which operations on said file; wherein one or more sets of permissions metadata in said one or more session caches are posted to one or more shared caches in response to committing said one or more sets of permissions metadata, said one or more shared caches having entries that are accessible to multiple sessions; if said entry is not in said one or more session caches, then performing the steps of; looking for said entry in said one or more shared caches; wherein said one or more shared caches store a second set of permissions metadata that has been committed to the repository; and if said entry is not in said one or more shared caches, then obtaining said permissions metadata for said file from the repository that is different than said one or more session caches and said one or more shared caches; and using said permissions metadata for said file to determine whether said operation may be performed on said file. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
Specification