公开(公告)号：US11086844B2

公开(公告)日：2021-08-10

申请号：US16192335

申请日：2018-11-15

Applicant: SAP SE

Inventor： Michael Aakolk ,  Andrea Waldi

IPC: G06F16/23 ,  G06F16/9538 ,  G06F16/28

Abstract: Systems, methods, and computer programmable products are described herein for tracking modifications of a hierarchical database table of an application. Data including a modification to the hierarchical database table having a plurality of database entries is received. A change trigger table having a record corresponding to the modification of a database entry of the plurality of database entries is defined. The change trigger table is provided to a unified instance authorization application for further definition of an explosion database table.

公开(公告)号：US20180144150A1

公开(公告)日：2018-05-24

申请号：US15358176

申请日：2016-11-22

Applicant: SAP SE

Inventor： Michael Aakolk ,  Bernhard Drabant ,  Andrea Waldi

IPC: G06F21/62 ,  G06F17/30

CPC classification number: G06F21/6218 ,  G06F16/2282 ,  G06F16/245 ,  G06F16/282 ,  G06F16/289 ,  G06F21/604

Abstract: A data model is defined to describe objects. Attributes from the data model are associated with providing authorization right for executing actions on object instances of the objects. A hierarchy of object groups is declared. Objects group collections are defined on top of the hierarchy. A vocabulary including definitions of attributes of objects and including definitions of assignments of objects to object groups is created. The vocabulary is related to determining authorization rights for executing actions based on attributes and hierarchy organization of objects. A capability to determine authorization to perform an action by a user on a set of objects is defined based on the vocabulary. When a request for performing an action by a user on object instances is received, a filtering expression based on the capability is generated to be included in a where clause of a query.

公开(公告)号：US20200159715A1

公开(公告)日：2020-05-21

申请号：US16192335

申请日：2018-11-15

Applicant: SAP SE

Inventor： Michael Aakolk ,  Andrea Waldi

IPC: G06F16/23 ,  G06F16/28 ,  G06F16/9538

Abstract: Systems, methods, and computer programmable products are described herein for tracking modifications of a hierarchical database table of an application. Data including a modification to the hierarchical database table having a plurality of database entries is received. A change trigger table having a record corresponding to the modification of a database entry of the plurality of database entries is defined. The change trigger table is provided to a unified instance authorization application for further definition of an explosion database table.

公开(公告)号：US10769294B2

公开(公告)日：2020-09-08

申请号：US15652308

申请日：2017-07-18

Applicant: SAP SE

Inventor： Michael Aakolk ,  Andrea Waldi

IPC: G06F21/62 ,  G06F21/60 ,  G06Q20/22 ,  H04L29/06

Abstract: A hierarchy of object groups is defined. Objects group collections are defined on top of the hierarchy. Authorization rights for executing actions are defined through the object group collection definitions. A request for a change associated with assignments of an object group in a hierarchy of a plurality of object groups may be received, where the assignments are related to object group collections. A change trigger is stored at an explosion update trigger table. The change trigger is stored synchronously with updating definitions of the object group collections and/or updating the hierarchy organization. The explosion update trigger table is processed to determine changes for the explosion table. The change trigger may be processed together with one or more other triggers associated with the object group. The explosion table is updated to reflect changes to the object group and other object groups hierarchically inherent for the object group.

公开(公告)号：US10740483B2

公开(公告)日：2020-08-11

申请号：US15358176

申请日：2016-11-22

Applicant: SAP SE

Inventor： Michael Aakolk ,  Bernhard Drabant ,  Andrea Waldi

IPC: G06F7/04 ,  G06F21/62 ,  G06F16/245 ,  G06F16/28 ,  G06F16/22 ,  G06F21/60 ,  H04N7/16

Abstract: A data model is defined to describe objects. Attributes from the data model are associated with providing authorization right for executing actions on object instances of the objects. A hierarchy of object groups is declared. Objects group collections are defined on top of the hierarchy. A vocabulary including definitions of attributes of objects and including definitions of assignments of objects to object groups is created. The vocabulary is related to determining authorization rights for executing actions based on attributes and hierarchy organization of objects. A capability to determine authorization to perform an action by a user on a set of objects is defined based on the vocabulary. When a request for performing an action by a user on object instances is received, a filtering expression based on the capability is generated to be included in a where clause of a query.

公开(公告)号：US20190026484A1

公开(公告)日：2019-01-24

申请号：US15652308

申请日：2017-07-18

Applicant: SAP SE

Inventor： Michael Aakolk ,  Andrea Waldi

IPC: G06F21/62

Abstract: A hierarchy of object groups is defined. Objects group collections are defined on top of the hierarchy. Authorization rights for executing actions are defined through the object group collection definitions. A request for a change associated with assignments of an object group in a hierarchy of a plurality of object groups may be received, where the assignments are related to object group collections. A change trigger is stored at an explosion update trigger table. The change trigger is stored synchronously with updating definitions of the object group collections and/or updating the hierarchy organization. The explosion update trigger table is processed to determine changes for the explosion table. The change trigger may be processed together with one or more other triggers associated with the object group. The explosion table is updated to reflect changes to the object group and other object groups hierarchically inherent for the object group.