×

Modifying permission trees in a virtualization environment

  • US 9,712,534 B2
  • Filed: 11/02/2015
  • Issued: 07/18/2017
  • Est. Priority Date: 08/29/2012
  • Status: Active Grant
First Claim
Patent Images

1. A method comprising:

  • receiving a permission request, the request indicating a user and an entity;

    flattening, by a processing device, a permissions database to generate a flattened database view, wherein flattening the permissions database comprises;

    identifying a first set of entities for which either the user or a role to which the user is assigned has explicit permissions defined in the permissions database;

    identifying a second set of entities that inherit the explicit permissions; and

    creating a separate entry in the flattened database view for each unique combination of the user and one of the entities in the first or second sets of entities, wherein the flattened database view comprises a stored query accessible as a virtual table in the permissions database computed from data stored in the permissions database;

    determining, using the flattened database view, whether the user has permission to access the entity by querying the flattened database view for a single entry associated with a combination of the user and the entity; and

    returning an indication of whether the user has permission to access the entity.

View all claims
  • 0 Assignments
Timeline View
Assignment View
    ×
    ×