In some application programs, users are authorized to access only certain functions and data. Often times, these application programs interact with a database system, which implements security policies to ensure that a particular user accesses only those functions and data, which he/she is permitted to access based on predetermined security privileges.
As an example, applications involving Human Resource Management (“HRM”) may provide each authorized user with limited access to a particular set of data and functions within the application program. These restrictions may be based on predetermined security privileges that are set forth in accordance with a user's assigned role. For example, a manager may have permission to access only those employees that he supervises. In addition, the manager may be permitted to perform a limited menu of actions, such as promoting his employee, evaluating his employee, and viewing employment information concerning his employee. To implement these security policies, some HRM application programs may interact with a database system to determine if certain functions and/or data are accessible to a particular user in a given instance.
For example, for a given session, an HRM application program may provide an authorized user with the ability to select at least one data item from a user interface. Each data item may refer to the name of an employee within a company. Upon selecting a set of data items, the HRM application program may be configured to interact with a database system to determine a menu of actions, if any, that the current user is permitted to perform on the entire set of selected data items. In other words, the HRM application program may be configured to render and display a menu of actions that are permitted for the current user for a given instance when the user selects a number of data items. One implementation of an HRM application program interacting with a database system to render a menu of privileges for a set of selected data items in a user interface is illustrated in FIG. 1.
In FIG. 1, user U1 selects a number of data items 102 in the application program, which is associated with system 130. To render a menu of actions that the user is permitted to perform on the selected data items, system 130 is configured to initiate a privilege check for all potential privileges (e.g., privileges P1-P10), which may be displayed in menu M1. In general, a privilege is a permission to perform at least one action. If it is determined that the current privilege Pi, which is being checked, has been granted to the user in this particular instance for the entire set of selected data items, then the privilege will be displayed in menu M1. The following general scenario discusses a privilege check, which is being performed for privilege P1.
To determine if user U1 has the privilege P1 for the set of selected data items (e.g., set of employee names), system 130 executes a query 104 to the database system 30. System 130 is set up to execute the query upon receiving the user's selection of data items 102. The query is configured to determine all authorized data items that are available to user U1 for privilege P1 in this instance. In response to an executed query, database system 30 checks privilege P1 based on user U1 and returns all of authorized data items. System 130 performs an evaluation 108 by comparing the selected data items with the list of authorized data items, received from the result set.
If each of the selected data items from 102 is listed as an authorized data item, then system 130 permits the user to render that particular action 110, associated with privilege P1, for the set of selected data items. At 112, system 130 performs a privilege check for the next privilege within the potential set of privileges, which may be displayed in menu M1, by executing a query for the next privilege.
If at least one of the selected items from 102 is not in the query result set, then system 130 indicates that privilege P1 is not available to user U1 by not providing privilege P1 as an option in menu M1. At 114, system 130 performs a privilege check for the next privilege within the potential set of privileges, which may be displayed in menu M1, by executing a query for the next privilege.
In order to render and display menu M1, system 130 needs to perform a privilege check for each privilege within the set of potential privileges. Each privilege check involves executing a query for the privilege, which is being checked. If the set of privileges to be checked is large, then a large number of queries will be performed.
As explained above, such a configuration experiences many drawbacks. Since these application programs require at least one query to the database system in each instance that the system needs to determine if an action, associated with a particular privilege, is available for a selected set of data items, these application programs may experience relatively slow response times. In addition, the user may have to wait a relatively long time to receive a menu for the selected data items. Overall, the user interfaces (“UIs”) associated with the application program may be sluggish, thereby providing an overall poor experience. In addition, the network itself may be impacted and overloaded by the overwhelming number of communications between the application program and the database system.