Search

US-20260127303-A1 - WEB-BASED DATABASE SYSTEMS AND METHODS

US20260127303A1US 20260127303 A1US20260127303 A1US 20260127303A1US-20260127303-A1

Abstract

Systems and methods for providing a web-based application, that interacts with a flat structure cloud database (i.e., a bucket database) to provide data to client systems, with a file-browser plug-in which presents a file browser tool to users which allows the users to browse the data objects in the flat structure cloud database via a virtual folder hierarchy set forth by the data object key names and controls access to specific data objects and folders based on user role-based permissions.

Inventors

  • Hirak CHATTERJEE
  • Florian GONTIER
  • Charles Richard MOLLO
  • Minh Toan VU

Assignees

  • THE TORONTO-DOMINION BANK

Dates

Publication Date
20260507
Application Date
20241101

Claims (20)

  1. 1 . A web-based database system, the system comprising: server comprising: a server memory; a server communication interface; and a server processor operatively coupled to the server memory and the server communication interface, the server processor configured to: provide a web-based application including a file browser plugin; authenticate a user of the web-based application using a user credential, the user credential associated with at least one role; in response to authenticating the user: obtain data from one or more bucket databases stored in a cloud computing system using a provider credential associated with the web-based application, wherein each bucket database of the one or more bucket databases stores one or more data objects in a flat data structure and each data object of the one or more data objects is associated with a key name, wherein at least one of the key names comprises a sequence of names separated by a predefined symbol, the sequence of names comprising one or more folder names, and a data object name, and display, using the file browser plugin, a file browser tool for browsing the one or more data objects in the one or more bucket databases; in response to one or more user selections in the file browser tool that identifies a particular bucket database of the one or more bucket databases and a particular folder name, determine whether the at least one role has permission to access the particular bucket database and the particular folder name; in response to determining that the at least one role has permission to access the particular bucket database and the particular folder name, automatically generate and send a search request to the cloud computing system, the search request comprising information identifying the particular bucket database and the particular folder name; subsequent to sending the search request, receive one or more key names for data objects in the particular bucket database, wherein each key name of the received one or more key names comprises a first portion that comprises names in the sequence of names up to and including the particular folder name, and a second portion that comprises names in the sequence of names following the particular folder name; and for at least one key name of the received one or more key names, display, in the file browser tool, a first name in the second portion of that key name.
  2. 2 . The web-based database system of claim 1 , wherein the second portion of the key name comprises a subfolder name and a data object name; and the first name in the second portion of that key name is the subfolder name.
  3. 3 . The web-based database system of claim 2 , wherein the server processor is further configured to: in response to the user selecting, via the file browser tool, the subfolder name, determine whether the at least one role has permission to access the subfolder name; in response to determining that the at least one role of the user has permission to access the subfolder name, search all the second portions in the received one or more key names for the subfolder name; and display all or a portion of each key name in the one or more key names that comprises the subfolder name in the second portion of the key name.
  4. 4 . The web-based database system of claim 2 , wherein the subfolder name is displayed in a manner that indicates that the subfolder name is a subfolder that comprises downstream data.
  5. 5 . The web-based database system of claim 1 , wherein the second portion of the key name comprises the data object name; and the first name in the second portion is the data object name.
  6. 6 . The web-based database system of claim 5 , wherein the server processor is further configured to: in response to the user indicating, via the file browser tool, that an operation is to be to be performed on the object associated with the data object name, determine whether the at least one role has permission to perform the operation on the object; and in response to determining that the at least one role has permission to perform the operation on the object, cause the operation to be performed on the object.
  7. 7 . The web-based database system of claim 6 , wherein the server processor is further configured to record, in a history record for the particular bucket database, that the operation was performed on the object, wherein the history record for the particular bucket database is saved in the server memory.
  8. 8 . The web-based database system of claim 7 , wherein the server processor is further configured to, in response to the user selecting, via the file browser tool, the history record for the particular bucket database, display the history record for the particular bucket database.
  9. 9 . The web-based database system of claim 6 , wherein the operation is one of an edit operation, a download operation and a delete operation.
  10. 10 . The web-based database system of claim 1 , wherein: the file browser tool displays a search field for receiving a search term for a key name; and the server processor is further configured to, in response to the user entering a search term in the search field: receive the search term via the search field, determine whether the at least one role has permission to conduct a search, in response to determining that the at least one role has permission to conduct the search, search the second portions of the received one or more key names for the search term, and display all or a portion of at least one key name in the one or more key names that comprises the search term in the second portion of the key name.
  11. 11 . The web-based database system of claim 10 , wherein the second portion of the key name includes the data object name.
  12. 12 . The web-based database system of claim 1 , wherein the server processor is further configured to display, in the file browser tool, a name of the particular bucket database and the particular folder name.
  13. 13 . The web-based database system of claim 1 , wherein the server processor is configured to generate and send the search request comprising the information identifying the particular bucket database and the particular folder name to the cloud computing system by generating and sending one or more requests to an application programming interface of the cloud computing system.
  14. 14 . The web-based database system of claim 1 , wherein the one or more requests sent to the application programming interface of the cloud computing system comprises a GET request.
  15. 15 . The web-based database system of claim 1 , wherein the server processor is configured to authenticate the user of the web-based application using the user credential by authenticating the user using the user credential to a single sign on authentication service associated with the user.
  16. 16 . The web-based database system of claim 1 , wherein at least one of the one or more data objects in the particular bucket database is a file.
  17. 17 . The web-based database system of claim 1 , where the at least one of the one or more bucket databases is a certificate bucket database that stores a plurality of authentication certificates.
  18. 18 . The web-based database system of claim 17 , wherein the server processor is further configured to execute a configuration file that includes names of one or more authentication certificates, and the executing of the configuration file comprises storing the one or more authentication certificates in the certificate bucket database.
  19. 19 . A method for accessing a web-based database, the method executed in a computing environment comprising a server comprising: a server memory; a server communication interface; and a server processor operatively coupled to the server memory and the server communication interface, and the method comprising: providing a web-based application including a file browser plugin; authenticating a user of the web-based application using a user credential, the user credential associated with at least one role; in response to authenticating the user: obtaining data from one or more bucket databases stored in a cloud computing system using a provider credential associated with the web-based application, wherein each bucket database of the one or more bucket databases stores one or more data objects in a flat data structure and each data object of the one or more data objects is associated with a key name, wherein at least one of the key names comprises a sequence of names separated by a predefined symbol, the sequence of names comprising one or more folder names, and a data object name, and displaying, using the file browser plugin, a file browser tool for browsing the one or more data objects in the one or more bucket databases; in response to one or more user selections in the file browser tool that identifies a particular bucket database of the one or more bucket databases and a particular folder name, determining whether the at least one role has permission to access the particular bucket database and the particular folder name; in response to determining that the at least one role has permission to access the particular bucket database and the particular folder name, automatically generating and sending a search request to the cloud computing system, the search request comprising information identifying the particular bucket database and the particular folder name; subsequent to sending the search request, receiving one or more key names for data objects in the particular bucket database, wherein each key name of the received one or more key names comprises a first portion that comprises names in the sequence of names up to and including the particular folder name, and a second portion that comprises names in the sequence of names following the particular folder name; and for at least one key name of the received one or more key names, displaying, in the file browser tool, a first name in the second portion of that key name.
  20. 20 . A non-transitory computer readable medium storing computer executable instructions which, when executed by at least one computer processor, cause the at least one computer processor to carry out a method for accessing a web-based database, the method comprising: providing a web-based application including a file browser plugin; authenticating a user of the web-based application using a user credential, the user credential associated with at least one role; in response to authenticating the user: obtaining data from one or more bucket databases stored in a cloud computing system using a provider credential associated with the web-based application, wherein each bucket database of the one or more bucket databases stores one or more data objects in a flat data structure and each data object of the one or more data objects is associated with a key name, wherein at least one of the key names comprises a sequence of names separated by a predefined symbol, the sequence of names comprising one or more folder names, and a data object name, and displaying, using the file browser plugin, a file browser tool for browsing the one or more data objects in the one or more bucket databases; in response to one or more user selections in the file browser tool that identifies a particular bucket database of the one or more bucket databases and a particular folder name, determining whether the at least one role has permission to access the particular bucket database and the particular folder name; in response to determining that the at least one role has permission to access the particular bucket database and the particular folder name, automatically generating and sending a search request to the cloud computing system, the search request comprising information identifying the particular bucket database and the particular folder name; subsequent to sending the search request, receiving one or more key names for data objects in the particular bucket database, wherein each key name of the received one or more key names comprises a first portion that comprises names in the sequence of names up to and including the particular folder name, and a second portion that comprises names in the sequence of names following the particular folder name; and for at least one key name of the received one or more key names, displaying, in the file browser tool, a first name in the second portion of that key name.

Description

TECHNICAL FIELD The disclosed example embodiments relate to web-based database systems with file browser functionality and role-based permissioning. BACKGROUND A cloud database is a database that is built, deployed, and run in a cloud environment. Some cloud databases, such as, but not limited to, Amazon Web Services (AWS)™ Simple Storage Service (S3)™ (which may also be referred to as Amazon S3), store data in in a flat data structure instead of a hierarchical data structure. Specifically, such cloud databases store objects (e.g., files and their associated metadata) in containers which are referred to as buckets. For example, in AWS S3, to store data, a bucket is created, and a bucket name and an AWS region are selected; then, data is uploaded to that bucket as objects. Buckets can be used to organize data, but unlike conventional hierarchical desktop file systems, buckets cannot be nested. Thus, there is no hierarchy of buckets or sub-buckets. There are a number of intermediate web services, such as, but not limited to Guidewire ™ InsuranceSuite™, which interact with cloud databases with flat data structures to provide data to client systems. However, these intermediate web services are often limited because of the flat data structure. In particular, as a result of the inherent flat data structure, it may be difficult for users of such intermediate web services to organize data in the flat data structure and/or search for data stored in the flat data structure leading to inefficient file accesses and searches. It may also be difficult for an intermediate web service to display data and group data that has been stored as a flat data structure. SUMMARY The following summary is intended to introduce the reader to various aspects of the detailed description, but not to define or delimit any invention. A first aspect provides web-based database system, the system comprising: a server comprising: a server memory; a server communication interface; and a server processor operatively coupled to the server memory and the server communication interface, the server processor configured to: provide a web-based application including a file browser plugin; authenticate a user of the web-based application using a user credential, the user credential associated with at least one role; in response to authenticating the user: obtain data from one or more bucket databases stored in a cloud computing system using a provider credential associated with the web-based application, wherein each bucket database of the one or more bucket databases stores one or more data objects in a flat data structure and each data object of the one or more data objects is associated with a key name, wherein at least one of the key names comprises a sequence of names separated by a predefined symbol, the sequence of names comprising one or more folder names, and a data object name, and display, using the file browser plugin, a file browser tool for browsing the one or more data objects in the one or more bucket databases; in response to one or more user selections in the file browser tool that identifies a particular bucket database of the one or more bucket databases and a particular folder name, determine whether the at least one role has permission to access the particular bucket database and the particular folder name; in response to determining that the at least one role has permission to access the particular bucket database and the particular folder name, automatically generate and send a search request to the cloud computing system, the search request comprising information identifying the particular bucket database and the particular folder name; subsequent to sending the search request, receive one or more key names for data objects in the particular bucket database, wherein each key name of the received one or more key names comprises a first portion that comprises names in the sequence of names up to and including the particular folder name, and a second portion that comprises names in the sequence of names following the particular folder name; and for at least one key name of the received one or more key names, display, in the file browser tool, a first name in the second portion of that key name. The second portion of the key name may comprise a subfolder name and a data object name; and the first name in the second portion of that key name may be the subfolder name. The server processor may be further configured to: in response to the user selecting, via the file browser tool, the subfolder name, determine whether the at least one role has permission to access the subfolder name; in response to determining that the at least one role has permission to access the subfolder name, search all the second portions in the received one or more key names for the subfolder name; and display all or a portion of each key name in the one or more key names that comprises the subfolder name in the second portion of the key name. The subfolder name