System and method for logical deletion of stored data objects
First Claim
1. A system, comprising:
- a data store that stores a plurality of objects, wherein each of the plurality of objects comprises a user key and a version identifier, wherein at least two of the plurality of objects further comprise object data, and wherein at least two versions of at least two of the plurality of objects correspond to respective access control lists;
one or more processors;
a memory coupled to the one or more processors and storing program instructions that when executed by the one or more processors cause the one or more processors to perform;
receiving a request, from a requester, to retrieve a particular access control list corresponding to a particular object version of a particular object from the data store, wherein the request specifies a user key; and
in response to receiving the request to retrieve the particular access control list;
determining whether the particular object version is a delete marker object comprising the specified user key, wherein the presence of a delete marker object comprising the specified user key in the data store indicates a prior logical deletion of the particular object from the data store;
determining whether the requester has permission to retrieve the particular access control list;
in response to determining that the particular object version is a delete marker object comprising the specified user key, returning an error indication;
in response to determining that the requester does not have permission to retrieve the particular access control list, returning an error indication; and
in response to determining that the particular object version is not a delete marker object and that the requester has permission to retrieve the particular access control list, returning the particular access control list.
0 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for providing object versioning in a storage system may support the logical deletion of stored objects. In response to a delete operation specifying both a user key and a version identifier, the storage system may permanently delete the specified version of an object having the specified key. In response to a delete operation specifying a user key, but not a version identifier, the storage system may create a delete marker object that does not contain object data, and may generate a new version identifier for the delete marker. The delete marker may be stored as the latest object version of the user key, and may be addressable in the storage system using a composite key comprising the user key and the new version identifier. Subsequent attempts to retrieve the user key without specifying a version identifier may return an error, although the object was not actually deleted.
-
Citations
20 Claims
-
1. A system, comprising:
-
a data store that stores a plurality of objects, wherein each of the plurality of objects comprises a user key and a version identifier, wherein at least two of the plurality of objects further comprise object data, and wherein at least two versions of at least two of the plurality of objects correspond to respective access control lists; one or more processors; a memory coupled to the one or more processors and storing program instructions that when executed by the one or more processors cause the one or more processors to perform; receiving a request, from a requester, to retrieve a particular access control list corresponding to a particular object version of a particular object from the data store, wherein the request specifies a user key; and in response to receiving the request to retrieve the particular access control list; determining whether the particular object version is a delete marker object comprising the specified user key, wherein the presence of a delete marker object comprising the specified user key in the data store indicates a prior logical deletion of the particular object from the data store; determining whether the requester has permission to retrieve the particular access control list; in response to determining that the particular object version is a delete marker object comprising the specified user key, returning an error indication; in response to determining that the requester does not have permission to retrieve the particular access control list, returning an error indication; and in response to determining that the particular object version is not a delete marker object and that the requester has permission to retrieve the particular access control list, returning the particular access control list. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A non-transitory, computer-readable storage medium storing program instructions that when executed on one or more computers cause the one or more computers to perform:
-
receiving a request, from a requester, to add an access control list to a particular object version of a particular object stored in a data store on one or more of the one or more computers, wherein the request specifies a user key, wherein the data store stores a plurality of objects, wherein each of the plurality of objects comprises a user key and a version identifier, and wherein the presence of a delete marker object comprising a particular user key in the data store indicates a prior logical deletion of a corresponding object from the data store; and in response to receiving the request to add the access control list, in response to determining that the particular object version is not a delete marker object and in response to determining that the requester has permission to add the access control list to the particular object version, setting the access control list for the particular object version. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A method, comprising:
-
receiving a request, from a requester, to modify a particular access control list that corresponds to a particular object version of a particular object stored in a data store on one or more computers, wherein the request specifies a user key, wherein the data store stores a plurality of objects, wherein each of the plurality of objects comprises a user key and a version identifier, and wherein the presence of a delete marker object comprising a particular user key in the data store indicates a prior logical deletion of a corresponding object from the data store; and in response to receiving the request to modify the particular access control list, in response to determining that the particular object version is not a delete marker object and in response to determining that the requester has permission to modify the particular access control list, overwriting at least a portion of the particular access control list for the particular object version. - View Dependent Claims (19, 20)
-
Specification