Security in enterprise level business information networking

US 9,275,094 B2
Filed: 11/12/2010
Issued: 03/01/2016
Est. Priority Date: 11/12/2009
Status: Active Grant

First Claim

Patent Images

1. A method of displaying a feed to a user of a database system, the method comprising:

receiving at the database system, a request from a first user to view a record feed of a record that the first user is following;

identifying, by the database system, a plurality of feed items associated with the record for the record feed;

determining whether a first feed item of the plurality of feed items includes an update by a second user to a first field of a first record;

determining, by the database system, whether the first user has authorization to view each of the plurality of feed items by;

determining whether the first user has authorization to view a record type of the record based upon at least one of a profile type of the first user and a profile hierarchy of the first user, anddetermining whether the first user has authorization to view the record that is the subject of the record feed, the determination being based on a plurality of rules, wherein the plurality of rules comprise a rule based on a profile type of the first user, a rule based on a profile hierarchy of the first user, and a rule based on the manual sharing of the record that is the subject of the record feed with the first user by an owner of the record, the rule based on the second user manually sharing being used when the rules based on profile type and profile hierarchy do not provide authorization for the first user to view the record such that the manual sharing of the record that is the subject of the record feed, by itself, provides the first user the authorization to view the record; and

determining, by the database system, whether the first user has authorization to view the first feed item by;

determining whether the first user has authorization to view the first field of the record that is the subject of the record feed based on a plurality of rules, wherein the plurality of rules comprise a rule based on a profile type of the first user, a rule based on a profile hierarchy of the first user, and a rule based on the second user manually sharing the first field of the record that is the subject of the record feed with the first user, the rule based on the second user manually sharing being used when the rules based on profile type and profile hierarchy do not provide authorization for the first user to view the first field such that the manual sharing of the field of the record that is the subject of the record feed, by itself, provides the first user the authorization to view the record; and

displaying the feed items of the plurality of feed items that the first user is authorized to view.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, apparatus, and methods for implementing enterprise level social and business information networking are provided. Users can receive relevant information about a database system and its users at an appropriate time. Users can then use this relevant information to reduce errors and limit redundant efforts. For example, an update of a record in the database can be identified, and a story created automatically about the update and sent to the users that are following the record. Which updates have stories created and which stories are to be sent to which users can be configured. Other events besides updating of records can also be tracked. For example, actions of a user that result in an event can be tracked, where such tracking can also be configurable. Subscriptions to follow an object can be automatic, and access checks can be used to ensure that unauthorized users do not see certain data.

Citations

30 Claims

1. A method of displaying a feed to a user of a database system, the method comprising:
- receiving at the database system, a request from a first user to view a record feed of a record that the first user is following;
  
  identifying, by the database system, a plurality of feed items associated with the record for the record feed;
  
  determining whether a first feed item of the plurality of feed items includes an update by a second user to a first field of a first record;
  
  determining, by the database system, whether the first user has authorization to view each of the plurality of feed items by;
  
  determining whether the first user has authorization to view a record type of the record based upon at least one of a profile type of the first user and a profile hierarchy of the first user, anddetermining whether the first user has authorization to view the record that is the subject of the record feed, the determination being based on a plurality of rules, wherein the plurality of rules comprise a rule based on a profile type of the first user, a rule based on a profile hierarchy of the first user, and a rule based on the manual sharing of the record that is the subject of the record feed with the first user by an owner of the record, the rule based on the second user manually sharing being used when the rules based on profile type and profile hierarchy do not provide authorization for the first user to view the record such that the manual sharing of the record that is the subject of the record feed, by itself, provides the first user the authorization to view the record; and
  
  determining, by the database system, whether the first user has authorization to view the first feed item by;
  
  determining whether the first user has authorization to view the first field of the record that is the subject of the record feed based on a plurality of rules, wherein the plurality of rules comprise a rule based on a profile type of the first user, a rule based on a profile hierarchy of the first user, and a rule based on the second user manually sharing the first field of the record that is the subject of the record feed with the first user, the rule based on the second user manually sharing being used when the rules based on profile type and profile hierarchy do not provide authorization for the first user to view the first field such that the manual sharing of the field of the record that is the subject of the record feed, by itself, provides the first user the authorization to view the record; and
  
  displaying the feed items of the plurality of feed items that the first user is authorized to view.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein identifying the plurality of feed items for the record feed includes:
    - determining an identifier of the first record; and
      
      identifying, with the identifier of the first record, events in an event history table that are associated with the first record, wherein the events include information of the feed items.
  - 3. The method of claim 1, wherein the record feed is a news feed of the first user, the news feed being an aggregation of feeds of a plurality of records that the first user is following.
  - 4. The method of claim 3, wherein identifying a plurality of feed items for the record feed includes:
    - identifying records that the first user is following;
      
      determining events associated with the identified records; and
      
      retrieving the feed items for the determined events.
  - 5. The method of claim 1, wherein checking whether the first user has authorization to view the first feed item includes:
    - analyzing the first feed item to determine that the first feed item is associated with at least one of a record and field of the record that the first user lacks authorization to view.

6. A computer program product comprising a non-transitory computer readable medium storing a plurality of instructions capable of controlling a processor to perform an operation of displaying a feed to a user of a database system, the instructions comprising:
- receiving at the database system, a request from a first user to view a record feed of a record that the first user is following;
  
  identifying, by the database system, a plurality of feed items associated with the record for the record feed;
  
  determining whether a first feed item of the plurality of feed items includes an update by a second user to a first field of a first record;
  
  determining whether the first user has authorization to view each of the plurality of feed items, the checking performed by;
  
  determining whether the first user has authorization to view a record type of the record based upon at least one of a profile type of the first user and a profile hierarchy of the first user, anddetermining whether the first user has authorization to view the record that is the subject of the record feed, the determination being based on a plurality of rules, wherein the plurality of rules comprise a rule based on a profile type of the first user, a rule based on a profile hierarchy of the first user, and a rule based on the manual sharing of the record that is the subject of the record feed with the first user by an owner of the record, the rule based on the second user manually sharing being used when the rules based on profile type and profile hierarchy do not provide authorization for the first user to view the record such that the manual sharing of the record that is the subject of the record feed, by itself, provides the first user the authorization to view the record; and
  
  determining, by the database system, whether the first user has authorization to view the first feed item by;
  
  determining whether the first user has authorization to view the first field of the record that is the subject of the record feed based on a plurality of rules, wherein the plurality of rules comprise a rule based on a profile type of the first user, a rule based on a profile hierarchy of the first user, and a rule based on the second user manually sharing the first field of the record that is the subject of the record feed with the first user, the rule based on the second user manually sharing being used when the rules based on profile type and profile hierarchy do not provide authorization for the first user to view the first field such that the manual sharing of the field of the record that is the subject of the record feed, by itself, provides the first user the authorization to view the record; and
  
  displaying the feed items of the plurality of feed items that the first user is authorized to view.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The computer program product of claim 6, wherein identifying the plurality of feed items for the record feed includes:
    - determining an identifier of the record; and
      
      identifying, with the identifier of the record, events in an event history table that are associated with the record, wherein the events include information associated with the feed items.
  - 9. The computer program product of claim 6, wherein the record feed is a news feed of the first user, the news feed being an aggregation of feeds of a plurality of records that the first user is following.
  - 10. The computer program product of claim 9, wherein identifying a plurality of feed items for the record feed includes:
    - identifying records that the first user is following;
      
      determining events associated with the identified records; and
      
      retrieving the feed items for the determined events.
  - 11. The computer program product of claim 6, wherein checking whether the first user has authorization to view the first feed item includes:
    - analyzing the first feed item to determine that the first feed item is associated with at least one of a record and field of the record that the first user lacks authorization to view.

7. A database system that displays a feed to a user of a database system, the database system comprising:
- a database storing data for a plurality of records;
  
  one or more processors;
  
  a non-transitory computer readable medium storing a plurality of instructions, which when executed, cause the one or more processors to;
  
  receive, from a request from a first user to view a record feed of a record that the first user is following;
  
  identify a plurality of feed items associated with the record for the record feed;
  
  determine whether a first feed item of the plurality of feed items includes an update by a second user to a first field of a first record;
  
  determine whether the first user has authorization to view each of the feed items, the checking performed by;
  
  determining whether the first user has authorization to view a record type of the record based upon at least one of a profile type of the first user and a profile hierarchy of the first user, anddetermining whether the first user has authorization to view the record that is the subject of the record feed, the determination being based on a plurality of rules, wherein the plurality of rules comprise a rule based on a profile type of the first user, a rule based on a profile hierarchy of the first user, and a rule based on the manual sharing of the record that is the subject of the record feed with the first user by an owner of the record, the rule based on the second user manually sharing being used when the rules based on profile type and profile hierarchy do not provide authorization for the first user to view the record such that the manual sharing of the record that is the subject of the record feed, by itself, provides the first user the authorization to view the record; and
  
  determine whether the first user has authorization to view the first feed item by;
  
  determining whether the first user has authorization to view the first field of the record that is the subject of the record feed based on a plurality of rules, wherein the plurality of rules comprise a rule based on a profile type of the first user, a rule based on a profile hierarchy of the first user, and a rule based on the second user manually sharing the first field of the record that is the subject of the record feed with the first user, the rule based on the second user manually sharing being used when the rules based on profile type and profile hierarchy do not provide authorization for the first user to view the first field such that the manual sharing of the field of the record that is the subject of the record feed, by itself, provides the first user the authorization to view the record; and
  
  display the feed items of the plurality of feed items that the first user is authorized to view.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The database system of claim 7, wherein identifying a plurality of feed items for the record feed includes:
    - determining an identifier of the record; and
      
      identifying, with the identifier of the record, events in an event history table that are associated with the record, wherein the events include information associated with the feed items.
  - 13. The database system of claim 7, wherein the record feed is a news feed of the first user, the news feed being an aggregation of feeds of a plurality of records that the first user is following.
  - 14. The database system of claim 7, wherein identifying the plurality of feed items for the record feed includes:
    - identifying records that the first user is following;
      
      determining events associated with the identified records; and
      
      retrieving the feed items for the determined events.
  - 15. The database system of claim 7, wherein checking whether the first user has authorization to view the first feed item includes:
    - analyzing the first feed item to determine that the first feed item is associated with at least one of a record and field of the record that the first user lacks authorization to view.

16. A method of displaying a feed to a user of a database system, the method comprising:
- receiving at the database system, a request from a user to view a record feed of a record that the user is following;
  
  identifying, by the database system, a plurality of feed items for the record feed;
  
  determining, by the database system, whether the user has authorization to view each of the plurality of record feed items by;
  
  determining whether the user has authorization to view a record type of the record based upon at least one of a profile type of the user and a profile hierarchy of the user, anddetermining whether the first user has authorization to view the record that is the subject of the record feed, the determination being based on a plurality of rules, wherein the plurality of rules comprise a rule based on a profile type of the first user, a rule based on a profile hierarchy of the first user, and a rule based on the manual sharing of the record that is the subject of the record feed with the first user by an owner of the record, the rule based on the second user manually sharing being used when the rules based on profile type and profile hierarchy do not provide authorization for the first user to view the record such that the manual sharing of the record that is the subject of the record feed, by itself, provides the first user the authorization to view the record; and
  
  displaying the plurality of feed items in response to a determination that the first user has authorization to view the record.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The method of claim 16, wherein identifying a plurality of feed items for the record feed includes:
    - determining an identifier of the record; and
      
      identifying, with the identifier of the record, events in an event history table that are associated with the record, wherein the events include information associated with the feed items.
  - 18. The method of claim 17, wherein the record feed is a news feed of the user, the news feed being an aggregation of feeds of a plurality of records that the user is following.
  - 19. The method of claim 18, wherein identifying a plurality of feed items for the record feed includes:
    - identifying records that the user is following;
      
      determining events associated with the identified records; and
      
      retrieving the feed items for the determined events.
  - 20. The method of claim 16, wherein checking whether the user has authorization to view the first feed item includes:
    - analyzing the first feed item to determine that the first feed item is associated with at least one of a record or a field of the record that the user lacks authorization to view.

21. A computer program product comprising a non-transitory computer readable medium storing a plurality of instructions capable of controlling a processor to perform an operation of displaying a feed to a user of a database system, the instructions comprising:
- receiving at the database system, a request from the user to view a record feed of a record that the user is following;
  
  identifying, by the database system, a plurality of feed items for the record feed;
  
  determining, by the database system, whether the user has authorization to view each of the plurality of feed items by;
  
  determining whether the user has authorization to view a record type of the record based upon at least one of a profile type of the user and a profile hierarchy of the user, anddetermining whether the first user has authorization to view the record that is the subject of the record feed, the determination being based on a plurality of rules, wherein the plurality of rules comprise a rule based on a profile type of the first user, a rule based on a profile hierarchy of the first user, and a rule based on the manual sharing of the record that is the subject of the record feed with the first user by an owner of the record, the rule based on the second user manually sharing being used when the rules based on profile type and profile hierarchy do not provide authorization for the first user to view the record such that the manual sharing of the record that is the subject of the record feed, by itself, provides the first user the authorization to view the record; and
  
  displaying the plurality of feed items in response to a determination that the first user has authorization to view the first record.
- View Dependent Claims (22, 23, 24, 25)
- - 22. The computer program product of claim 21, wherein identifying the plurality of feed items for the feed includes:
    - determining an identifier of the record; and
      
      identifying, with the identifier of the record, events in an event history table that are associated with the record, wherein the events include information associated with the feed items.
  - 23. The computer program product of claim 22, wherein the record feed is a news feed of the user, the news feed being an aggregation of feeds of a plurality of records that the user is following.
  - 24. The computer program product of claim 23, wherein identifying the plurality of feed items for the record feed includes:
    - identifying records that the user is following;
      
      determining events associated with the identified records; and
      
      retrieving the feed items for the determined events.
  - 25. The computer program product of claim 21, wherein checking whether the user has authorization to view the first feed item includes:
    - analyzing the first feed item to determine that the first feed item is associated with at least one of a record or a field of the record that the user lacks authorization to view.

26. A database system that displays a feed to a user of a database system, the database system comprising:
- a database storing data for a plurality of records;
  
  one or more processors;
  
  a non-transitory computer readable medium storing a plurality of instructions, which when executed, cause the one or more processors to;
  
  receive at the database system, a request from the user to view a record feed of a record that the user is following;
  
  identify, by the database system, a plurality of feed items for the record feed;
  
  determine, by the database system, whether the user has authorization to view each of the plurality of feed items by;
  
  determining whether the user has authorization to view a record type of the record based upon at least one of a profile type of the user and a profile hierarchy of the user, anddetermining whether the first user has authorization to view the record that is the subject of the record feed, the determination being based on a plurality of rules, wherein the plurality of rules comprise a rule based on a profile type of the first user, a rule based on a profile hierarchy of the first user, and a rule based on the manual sharing of the record that is the subject of the record feed with the first user by an owner of the record, the rule based on the second user manually sharing being used when the rules based on profile type and profile hierarchy do not provide authorization for the first user to view the record such that the manual sharing of the record that is the subject of the record feed, by itself, provides the first user the authorization to view the record; and
  
  display the plurality of feed items in response to a determination that the user has authorization to view the record.
- View Dependent Claims (27, 28, 29, 30)
- - 27. The database system of claim 26, identifying the plurality of feed items for the feed includes:
    - determining an identifier of the first record; and
      
      identifying, with the identifier of the first record, events in an event history table that are associated with the first record, wherein the events include information of the feed items.
  - 28. The database system of claim 27, wherein the feed is a news feed of the user, the news feed being an aggregation of feeds of a plurality of records that the user is following.
  - 29. The computer program product of claim 28, wherein identifying the plurality of feed items for the feed includes:
    - identifying records that the user is following;
      
      determining events associated with the identified records; and
      
      retrieving the feed items for the determined events.
  - 30. The database system of claim 26, wherein checking whether the user has authorization to view the first feed item includes:
    - analyzing the first feed item to determine that the first feed item is associated with at least one of a record or a field of the record that the user lacks authorization to view.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Salesforce.com, Inc.
Original Assignee
Salesforce.com, Inc.
Inventors
Lee, Peter, Mehra, Vinod, Woollen, Rob
Primary Examiner(s)
Lu, Charles

Application Number

US12/945,715
Publication Number

US 20110113059A1
Time in Patent Office

1,936 Days
Field of Search

707/694
US Class Current

1/1
CPC Class Codes

G06F 16/122   using management policies b...

G06F 16/176   Support for shared access t...

G06F 16/185   Hierarchical storage manage...

G06F 16/1873   Versioning file systems, te...

G06F 16/2282   Tablespace storage structur...

G06F 16/245   Query processing

G06F 21/6227   where protection concerns t...

G06Q 10/10   Office automation; Time man...

G06Q 30/02   Marketing; Price estimation...

G06Q 50/01   Social networking

Security in enterprise level business information networking

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Security in enterprise level business information networking

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links