1. The Field of the Invention
The present invention relates to electrical computers and data processing systems. Specifically, the present invention relates to the efficient computation of aggregated data in containers supporting item level access control.
2. The Prior State of the Art
Most computer systems have some sort of data storage system involving the storage of data items in particular data containers, For example, in messaging systems, messages might be stored within folders. In filing systems, items might be stored within directories. If a particular folder or directory is selected, the item titles in the folder or directory are typically displayed. It is often desirable to also display, or at least keep track of, summary aggregated data about the items in the container such as the count of items in the container and/or the total size of all the items in the container. There are several methods for providing this summary data.
One simple method is to enumerate the summary data each time the summary data is requested such as when the item titles are displayed. Thus, for example, if the count of the items is the summary data to be displayed, the items are literally counted. If the total size of the items is the summary data to be displayed, the memory size corresponding to each item is summed. This approach requires extensive counting and summing calculations for all the items in a container each time the summary data is requested. Thus, this approach can take significant processing time especially if there are hundreds or thousands of items in the container.
Another more efficient approach is to keep a running aggregate summary of the items in the container. For example, the total number of items and the total size of all the items in the container at any given time are stored in memory. Subsequently, if an item is added to or deleted from the container, a value representing the count of the items is incremented or decremented as appropriate. Furthermore, a value representing the total size of all the items in the container is decreased or increased by the size of the item deleted or added, respectively. Furthermore, if an item is altered, the value representing the total size of all the items is changed by the size change of the altered item. For example, suppose the total size of all the items is 500 kilobytes, which includes a particular item having a size of 10 kilobytes. If the size of the item is expanded from 10 kilobytes to 14 kilobytes, the total size of all the items increases by 4 kilobytes to a total size of 504 kilobytes. The latter running aggregate approach is more efficient since all that is required is to update the summary data when the items are deleted, added, or updated.
The running aggregate approach works fine if there are no item level security controls for the container. However, it is often desirable to set a security access for each item such that the viewing or editing of some items is restricted to certain users. For example, a template might be restricted to being viewable, but not editable by most users. Some highly confidential documents might be restricted to be viewable to only some users. Typically, if an item is not to be viewed by a user, the item title will not be displayed to the user when the container is selected, and the user should not even know of the existence of the item. However, the running aggregate approach tallies summary data which includes items that are not to be viewed by the user. For example, suppose that a container has 20 items total, 19 of which are viewable to anyone, and 1 of which is not to be viewed by a given user. As the user views the container, the user will only see 19 item titles. However, the summary data will indicate there are 20 items. Thus, the user can infer that an item exists in the container that is not visible to the user.
Imparting such knowledge, even by inference, to a user who does not have security access to view the document is undesirable. In light of the above, a method and structure are desired for efficiently computing summary aggregated data in containers having item level security controls without disclosing the existence of non-viewable items.
In accordance with the present invention, a computer system data container such as a directory or data folder supports item level security settings and includes various items such as e-mail messages. One item in the container may have a liberal security setting which allows everyone to read and edit the item. Another might restrict everyone from reading the item except for the author or addressee. Between these two extremes are an infinite variety of security settings that may be tailored as desired by one who controls the security setting. For example, if the subject matter of the message is a general reminder of a surprise party to be held for an individual, the author might post the message with a security setting indicating that everyone can view the message except for the individual for whom the surprise party is held. The present invention allows for the computer system to ignore files for which the viewer has no viewing rights when summary data about the data container is displayed on the viewer""s monitor. Thus, the viewer cannot infer from the summary data that any non-viewable items exist within the container.
For each security setting, a running total is kept of an aggregate property of all the items in the container of that security setting. For example, if the aggregate property is a total count of items of that security setting, a summary data table associated with the container includes data fields representing each security setting, and the number of items of that security setting in the folder. If an item is added (or deleted) of a given security setting, the count for that security setting is increased (or decreased) by one. If the aggregate property is the total size of items of that security setting, the total size for that security setting in the summary data table is increased by the size of any added item, or decreased by the size of any deleted item. Changes in sizes due to editing of existing items are also considered in changing the total size associated with a given security setting.
Regardless of what the aggregated data is, it is sometimes appropriate to compute the aggregated data corresponding to only those items in the container for which the user has viewing rights. For example, when the user selects a container to view the items in the container, the computer system might compute the sum of the running totals of the aggregate property for all of the security settings for which the user has viewing rights. As an illustration, suppose that a folder contains 4 items of security type #1, 1 item of security type #2, 1 item of security type #3, and 1 item of security type #4. Now suppose the user has viewing rights to only items of security types #1 and #2. When the user selects the folder to see the items in the container, the user will see only the five items. Furthermore, to determine the count of items in the data container, the computer will add the count of items of the security type #1 (i.e., four) to the count of items of the security type #2 (i.e., one) to display that the data container containers five items total. Thus, the user is not notified of the existence of items in the data container for which the user does not have viewing rights.
Additional objects and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by the practice of the invention. The objects and advantages of the invention may be realized and obtained by means of the instruments and combinations particularly pointed out in the appended claims. These and other objects and features of the present invention will become more fully apparent from the following description and appended claims, or may be learned by the practice of the invention as set forth hereinafter.