CN112181975A - Method and apparatus for creating a database in a data warehouse - Google Patents

Method and apparatus for creating a database in a data warehouse Download PDF

Info

Publication number
CN112181975A
CN112181975A CN201910604045.2A CN201910604045A CN112181975A CN 112181975 A CN112181975 A CN 112181975A CN 201910604045 A CN201910604045 A CN 201910604045A CN 112181975 A CN112181975 A CN 112181975A
Authority
CN
China
Prior art keywords
user
database
identification information
name
subdirectory
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910604045.2A
Other languages
Chinese (zh)
Inventor
马赛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Jingdong Century Trading Co Ltd
Beijing Jingdong Shangke Information Technology Co Ltd
Original Assignee
Beijing Jingdong Century Trading Co Ltd
Beijing Jingdong Shangke Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Jingdong Century Trading Co Ltd, Beijing Jingdong Shangke Information Technology Co Ltd filed Critical Beijing Jingdong Century Trading Co Ltd
Priority to CN201910604045.2A priority Critical patent/CN112181975A/en
Publication of CN112181975A publication Critical patent/CN112181975A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/28Databases characterised by their database models, e.g. relational or object models
    • G06F16/283Multi-dimensional databases or data warehouses, e.g. MOLAP or ROLAP
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/22Indexing; Data structures therefor; Storage structures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Storage Device Security (AREA)

Abstract

Embodiments of the present disclosure disclose methods and apparatus for creating a database in a data repository. One embodiment of the method comprises: in response to receiving a request for instructing creation of a database in a data repository, obtaining identification information of a user who sent the request; determining paths of the database in the data warehouse according to the identification information, wherein the paths corresponding to different identification information are different; a database is created at the location indicated by the determined path. This embodiment enables data isolation between data of different users.

Description

Method and apparatus for creating a database in a data warehouse
Technical Field
Embodiments of the present disclosure relate to the field of computer technology, and in particular, to a method and apparatus for storing data in a data warehouse.
Background
A data warehouse is a data collection that provides all types of data support for all levels of decision-making processes of an enterprise. Data warehouses are typically created for enterprise analytical reporting and decision support purposes, allowing for the screening and consolidation of diverse business data to guide business process improvement, monitoring time, cost, quality, and control.
Currently, commonly used data repositories include HIVE and Teradata data repositories. The HIVE is an open source data warehouse tool based on Hadoop, and can query and analyze a data set stored in an HDFS (Hadoop Distributed File System). Meanwhile, the HIVE also provides an inquiry function to the outside. The Teradata data warehouse supports a large-scale parallel processing platform and can process mass data at high speed.
Disclosure of Invention
Embodiments of the present disclosure propose methods and apparatuses for creating a database in a data repository.
In a first aspect, embodiments of the present disclosure provide a method for creating a database in a data repository, the method comprising: in response to receiving a request for instructing creation of a database in a data repository, obtaining identification information of a user who sent the request; determining paths of the database in the data warehouse according to the identification information, wherein the paths corresponding to different identification information are different; a database is created at the location indicated by the determined path.
In some embodiments, the identification information includes a user name and a user instance name, wherein the user instance indicated by the user instance name is an instance of the user indicated by the user name.
In some embodiments, determining a path of the database in the data warehouse based on the identification information comprises: acquiring a path of a data warehouse for storing data as a root directory; determining subdirectories under the root directory according to the identification information, wherein the subdirectories corresponding to different identification information are different; and determining the path of the database according to the subdirectories, wherein the path of the database comprises the path where the subdirectories are located.
In some embodiments, determining subdirectories under the root directory based on the identification information includes: encrypting the identification information to obtain encrypted identification information; and determining the subdirectory by taking the encrypted identification information as the name of the subdirectory.
In some embodiments, determining subdirectories under the root directory based on the identification information includes: encrypting the user name to obtain the encrypted user name; determining the subdirectory as a first subdirectory by taking the encrypted user name as the name of the subdirectory; and determining the path of the database according to the subdirectories, comprising: encrypting the user instance name to obtain an encrypted user instance name; and determining the subdirectory of the first subdirectory as a second subdirectory and determining the path of the second subdirectory as the path of the database by taking the encrypted user instance name as the name of the subdirectory.
In some embodiments, the above method further comprises: in response to receiving a request indicating access to data in the data repository, determining whether a user sending the request has corresponding access rights; in response to determining that the user sending the request does not have the corresponding access right, sending a prompt for prompting that the user sending the request does not have the corresponding access right.
In some embodiments, after creating the database at the location indicated by the determined path, further comprising: and constructing the corresponding relation between the user instance indicated by the user instance name and the database.
In some embodiments, after creating the database at the location indicated by the determined path, further comprising: and recording the updating information of the user instance indicated by the user instance name, wherein the updating information comprises the updating time of the user instance indicated by the user instance name.
In a second aspect, embodiments of the present disclosure provide an apparatus for creating a database in a data repository, the apparatus comprising: an acquisition unit configured to acquire identification information of a user who sent a request in response to receiving the request for instructing creation of a database in a data repository; the first determining unit is configured to determine paths of the database in the data warehouse according to the identification information, wherein the paths corresponding to different identification information are different; a creation unit configured to create a database at a location indicated by the determined path.
In some embodiments, the identification information includes a user name and a user instance name, wherein the user instance indicated by the user instance name is an instance of the user indicated by the user name.
In some embodiments, the first determination unit is further configured to: acquiring a path of a data warehouse for storing data as a root directory; determining subdirectories under the root directory according to the identification information, wherein the subdirectories corresponding to different identification information are different; and determining the path of the database according to the subdirectories, wherein the path of the database comprises the path where the subdirectories are located.
In some embodiments, the first determination unit is further configured to: encrypting the identification information to obtain encrypted identification information; and determining the subdirectory by taking the encrypted identification information as the name of the subdirectory.
In some embodiments, the first determination unit is further configured to: encrypting the user name to obtain the encrypted user name; determining the subdirectory as a first subdirectory by taking the encrypted user name as the name of the subdirectory; encrypting the user instance name to obtain an encrypted user instance name; and determining the subdirectory of the first subdirectory as a second subdirectory and determining the path of the second subdirectory as the path of the database by taking the encrypted user instance name as the name of the subdirectory.
In some embodiments, the above apparatus further comprises: a second determining unit configured to determine, in response to receiving a request indicating access to data in the data repository, whether a user who sent the request has a corresponding access right; a transmitting unit configured to transmit prompt information for prompting that the user who transmitted the request does not have the corresponding access right, in response to determining that the user who transmitted the request does not have the corresponding access right.
In some embodiments, the above apparatus further comprises: and the construction unit is configured to construct the corresponding relation between the user instance indicated by the user instance name and the database.
In some embodiments, the above apparatus further comprises: and the recording unit is configured to record the updating information of the user instance indicated by the user instance name, wherein the updating information comprises the updating time of the user instance indicated by the user instance name.
In a third aspect, an embodiment of the present disclosure provides a server, including: one or more processors; storage means for storing one or more programs; when the one or more programs are executed by the one or more processors, the one or more processors are caused to implement the method as described in any implementation of the first aspect.
In a fourth aspect, embodiments of the present disclosure provide a computer-readable medium on which a computer program is stored, which computer program, when executed by a processor, implements the method as described in any of the implementations of the first aspect.
According to the method and the device for creating the database in the data warehouse, the path of the database created by the user in the data warehouse is determined through the identification information of the user, and the paths of the databases corresponding to different identification information are different, so that the paths of the databases of different users are different, namely the data of each user is isolated from the data of other users, the isolation of the data among different users is ensured, and the data safety of the users stored in the data warehouse under a multi-user environment is enhanced.
Drawings
Other features, objects and advantages of the disclosure will become more apparent upon reading of the following detailed description of non-limiting embodiments thereof, made with reference to the accompanying drawings in which:
FIG. 1 is an exemplary system architecture diagram in which one embodiment of the present disclosure may be applied;
FIG. 2 is a flow diagram of one embodiment of a method for creating a database in a data warehouse, according to the present disclosure;
FIG. 3 is a schematic diagram of one application scenario of a method for creating a database in a data repository, according to an embodiment of the present disclosure;
FIG. 4 is a flow diagram of yet another embodiment of a method for creating a database in a data warehouse in accordance with the present disclosure;
FIG. 5 is a schematic block diagram illustrating one embodiment of an apparatus for creating a database in a data warehouse in accordance with the present disclosure;
FIG. 6 is a schematic structural diagram of an electronic device suitable for use in implementing embodiments of the present disclosure.
Detailed Description
The present disclosure is described in further detail below with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the relevant invention and not restrictive of the invention. It should be noted that, for convenience of description, only the portions related to the related invention are shown in the drawings.
It should be noted that, in the present disclosure, the embodiments and features of the embodiments may be combined with each other without conflict. The present disclosure will be described in detail below with reference to the accompanying drawings in conjunction with embodiments.
Fig. 1 shows an exemplary architecture 100 to which embodiments of the method for creating a database in a data repository or the apparatus for creating a database in a data repository of the present disclosure may be applied.
As shown in fig. 1, the system architecture 100 may include terminal devices 101, 102, 103, a network 104, and a data repository 105. The network 104 is used to provide a medium of communication links between the terminal devices 101, 102, 103 and the data repository 105. Network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few.
The terminal devices 101, 102, 103 may access the data warehouse 105 through the network 104 based on a command line or a Web manner to implement operations such as creating a corresponding database in the data warehouse 105 or querying data.
The terminal apparatuses 101, 102, and 103 may be hardware or software. When the terminal devices 101, 102, 103 are hardware, they may be various electronic devices including, but not limited to, smart phones, tablet computers, e-book readers, laptop portable computers, desktop computers, and the like. When the terminal apparatuses 101, 102, 103 are software, they can be installed in the electronic apparatuses listed above. It may be implemented as multiple pieces of software or software modules (e.g., multiple pieces of software or software modules to provide distributed services) or as a single piece of software or software module. And is not particularly limited herein.
Data warehouse 105 may be deployed in the cloud. Data warehouse 105 may be a variety of data warehouses. Such as the HIVE, Teradata data warehouse, etc. The data warehouse 105 may receive a request sent by the terminal device 101, 102, 103 for instructing to create a database, and determine a path of the database corresponding to the terminal device 101, 102, 103 in the data warehouse according to the received request, thereby creating the database at a position indicated by the determined path.
It should be noted that the method for creating a database in a data warehouse provided by the embodiment of the present disclosure is generally performed by the data warehouse 105, and accordingly, the apparatus for creating a database in a data warehouse is generally disposed in the data warehouse 105.
It should be noted that the data warehouse 105 may be hardware or software. When data warehouse 105 is hardware, it may be implemented based on a distributed server cluster of multiple servers, or a single server. When the data store 105 is software, it may be implemented as multiple pieces of software or software modules (e.g., multiple pieces of software or software modules used to provide distributed services), or as a single piece of software or software module. And is not particularly limited herein.
It should be understood that the number of terminal devices and networks in fig. 1 is merely illustrative. There may be any number of terminal devices and networks, as desired for implementation.
With continued reference to FIG. 2, a flow 200 of one embodiment of a method for creating a database in a data warehouse in accordance with the present disclosure is shown. The method for creating a database in a data warehouse comprises the steps of:
in response to receiving a request for instructing creation of a database in a data repository, identification information of a user who sent the request is acquired, step 201.
In the present embodiment, an executing body of the method for creating a database in a data warehouse (such as the data warehouse 105 shown in fig. 1) may acquire identification information of a user who sent a request when receiving the request for indicating creation of the database in the data warehouse.
In different application scenarios, different data warehouses may have different access modes, and thus, the mode in which a user sends a request for instructing to create a database in the data warehouse may also be different.
For example, a user may use a terminal device (such as terminal devices 101, 102, 103 shown in FIG. 1) to send a command line command through a command line interface to send a request to instruct the creation of a database in a data warehouse. For another example, the user may use the terminal device to send a request for instructing creation of a database in the data repository by operating an interactive portal provided by the Web page based on a Web interactive manner.
The identification information may be various information that can be used to identify the user. For example, the identification information may include a username. Since different users typically have different usernames, the usernames may be used as identification information of the users to distinguish the different users.
Generally, a user may send a request to the execution main body through a terminal device, and therefore, the execution main body may distinguish the user according to a sender of the received request, and further obtain identification information of the user.
In some optional implementations of this embodiment, the identification information may include a user name and a user instance name. The user instance indicated by the user instance name may be an instance of the user indicated by the corresponding user name. In other words, a user may have one or more user instances.
Generally, a user may create one or more user instances according to actual application requirements. Therefore, the user name and the user instance name are jointly used as identification information, so that the user instance level differentiation can be realized.
And step 202, determining the path of the database in the data warehouse according to the identification information.
In this embodiment, the paths of the databases corresponding to different identification information may be different. Thus, the paths of the databases of different users in the data warehouse can be made different. Of course, when the identification information includes the user name and the user instance name, not only the paths of the databases of different users in the data warehouse may be made different, but also the paths of the databases of different user instances of the same user in the data warehouse may be made different.
The names of all levels of directories included in the paths of the databases of different users in the data warehouse can be determined by flexibly adopting various methods. For example, a directory name indicated by a user may be received, or the directory name may be determined by the execution agent. For another example, a root directory name may be determined by the execution principal, and a directory name indicated by a user may be received as a name of a subdirectory of the root directory.
Step 203, a database is created at the location indicated by the determined path.
In this embodiment, after determining the path of the database corresponding to the identification information, if the path already exists in the data warehouse, the database may be directly created at the position indicated by the path. If the path does not already exist in the data warehouse, the path may be created first, and then a database may be created at the location indicated by the path.
In some optional implementations of this embodiment, the path of the database in the data warehouse may be determined according to the identification information by:
step one, a path of a data warehouse for storing data is obtained to serve as a root directory.
In this step, the path of the data warehouse for storing data may refer to a storage path preset by the data warehouse. For example, in some cases, some data warehouses may pre-specify a uniform path and control all users' data to root on the specified path.
Taking the HIVE data warehouse as an example, a uniform data storage path is usually pre-specified in the configuration file "live-site. For example, the configuration in the configuration file is as follows:
Figure BDA0002120218060000071
Figure BDA0002120218060000081
it can be seen that the attribute "live. metadata. ware house. dir" is specified in the configuration file to take on the value "hdfs:// prod". I.e., with "hdfs:// prod" as the unified data storage path. At this time, "hdfs:// prod" can be determined as the root directory.
And step two, determining subdirectories under the root directory according to the identification information.
In this step, the sub-directories corresponding to different identification information may be different, so that the paths of the sub-directories corresponding to different users are different. The names of the subdirectories corresponding to different identification information can be determined by flexibly adopting various methods. For example, the name of the subdirectory indicated by the user may be received, or the name of the subdirectory may be determined by the execution subject.
Alternatively, the identification information may be used as the name of the subdirectory. Taking the identification information as a user name as an example, each user name can be directly used as the name of the subdirectory corresponding to each user.
Alternatively, the identification information may be encrypted to obtain encrypted identification information, and then the encrypted identification information may be used as the name of the subdirectory. Various encryption algorithms can be flexibly selected to encrypt the identification information. For example, the Message Digest Algorithm (Message Digest Algorithm MD 5).
It should be understood that if there is a corresponding subdirectory under the root directory, the existing subdirectory can be determined as the subdirectory corresponding to the identification information. If there is no corresponding subdirectory under the root directory, the subdirectory can be created with the determined name of the subdirectory.
And step three, determining the path of the database according to the determined subdirectory.
In this step, the path of the database may include the path where the subdirectory is located.
Alternatively, the path where the subdirectory is located may be used as the path of the database.
Optionally, when the identification information includes a user name and a user instance name, in the second step, the sub-directory may be determined as the first sub-directory according to the user name. A subdirectory of the first subdirectory can then be determined as the second subdirectory based on the user instance name. Thereafter, a path along which the second subdirectory is located may be determined as a path of the database in the data warehouse.
For example, a user name may be used as the name of the sub-directory to determine the sub-directory as the first sub-directory. Then, the name of the user instance may be used as the name of the subdirectory of the first subdirectory to determine the subdirectory of the first subdirectory as the second subdirectory. At this time, the path in which the second subdirectory is located may be determined as the path of the database.
Optionally, the user name may be encrypted first to obtain an encrypted user name. The encrypted user name may then be used as the name of the subdirectory to determine the subdirectory as the first subdirectory. Then, the user instance name may be encrypted to obtain an encrypted user instance name. The encrypted user instance name may then be used as the name of the subdirectory to determine the subdirectory of the first subdirectory as the second subdirectory. At this time, the path in which the second subdirectory is located may be determined as the path of the database.
The security of the user data in the data repository can be further enhanced by using the encrypted user name or the encrypted user instance name as the name of the subdirectory.
In some optional implementations of this embodiment, after the database is created, a corresponding relationship between the user instance indicated by the user instance name and the database may be created. For example, the correspondence between the identification information of the user instance indicated by the user instance name and the identification information of the database may be stored by a data table. Wherein, the identification information of the user instance and the identification information of the database can be generated by the execution subject.
Alternatively, the corresponding relationship between the user instance and the corresponding user can also be constructed. Specifically, the data table can be designed according to actual application requirements to maintain the corresponding relation between the user instance and the database, between the user instance and the user, and the like, which is beneficial to realizing better user management.
In some optional implementations of this embodiment, after the database is created, the update information of the user instance indicated by the user instance name may be recorded. The update information may include an update time of the user instance indicated by the user instance name.
It can be understood that, if the user instance corresponding to the created database is newly created, a record of the user instance is newly added, and the creation time of the user instance is recorded.
With continued reference to fig. 3, fig. 3 is a schematic diagram 300 of an application scenario of the method for creating a database in a data repository according to the present embodiment. In the application scenario of FIG. 3, user instance A1 and user instance A2 of user A, and user instance B1 of user B are illustrated as examples.
If user instance A1 sends a request to create a database, then the address of the unified storage data of the data warehouse, "hdfs:// prod," may be used as the root directory. Meanwhile, user A may be encrypted using the MD5 encryption algorithm, and the resulting encryption result "MD 5 (user A)" is taken as a subdirectory of "hdfs:// prod". Thereafter, user instance a1 may be encrypted using MD5 encryption algorithm, and the resulting encryption result "MD 5 (user instance a 1)" is taken as a subdirectory of "MD 5 (user a)". Thus, a database of user instance A1 may be created at the location indicated by path "hdfs:// prod/MD5 (user A)/MD5 (user instance A1)".
Similarly, if user instance A2 sends a request to create a database, then the unified storage data address of the data warehouse "hdfs:// prod" may be used as the root directory. Meanwhile, user A may be encrypted using the MD5 encryption algorithm, and the resulting encryption result "MD 5 (user A)" is taken as a subdirectory of "hdfs:// prod". Thereafter, user instance a2 may be encrypted using MD5 encryption algorithm, and the resulting encryption result "MD 5 (user instance a 2)" is taken as a subdirectory of "MD 5 (user a)". Thus, a database of user instance A2 may be created at the location indicated by path "hdfs:// prod/MD5 (user A)/MD5 (user instance A2)".
Similarly, if user instance B1 sends a request to create a database, then the unified storage data address of the data warehouse "hdfs:// prod" may be used as the root directory. Meanwhile, user B may be encrypted using the MD5 encryption algorithm, and the resulting encryption result "MD 5 (user B)" is taken as a subdirectory of "hdfs:// prod". Thereafter, user instance B1 may be encrypted using MD5 encryption algorithm, and the resulting encryption result "MD 5 (user instance B1)" is taken as a subdirectory of "MD 5 (user B)". Thus, a database of user instance B1 may be created at the location indicated by path "hdfs:// prod/MD5 (user B)/MD5 (user instance B1)".
The method provided by the above embodiment of the present disclosure distinguishes paths of the databases of different users in the data warehouse, thereby providing isolation between data of different users. Therefore, the problem that databases of different users have the same path in a data warehouse, so that databases of the same name cannot be constructed among different users, and meanwhile, malicious users can be prevented from acquiring data of other users in a database collision mode and the like, so that the safety of the data of each user stored in the data warehouse is enhanced.
With further reference to FIG. 4, a flow 400 of yet another embodiment of a method for creating a database in a data warehouse is illustrated. Flow 400 of the method for creating a database in a data warehouse, comprising the steps of:
in response to receiving a request for instructing creation of a database in a data repository, identification information of a user who sent the request is acquired, step 401.
Step 402, determining the path of the database in the data warehouse according to the identification information.
At step 403, a database is created at the location indicated by the determined path.
The specific implementation process of the steps 401, 402, and 403 may refer to the related descriptions of the steps 201, 202, and 203 in the corresponding embodiment of fig. 2, and will not be described herein again.
In response to receiving a request indicating access to data in the data store, a determination is made as to whether the user sending the request has corresponding access rights, step 404.
In this embodiment, a user may perform various operations on data in the data warehouse during the process of using the data warehouse. For example, querying the data in the specified database by an instruction (e.g., an SQL instruction), deleting the specified database, and so forth. The user can send an instruction through a command line to send a request for indicating to access the data in the data warehouse, and can also send a request for indicating to access the data in the data warehouse based on an interactive interface provided in a Web mode.
In this embodiment, different users may have different access rights. It will be appreciated that if a user may have one or more user instances, different user instances may also have different access rights.
Alternatively, the correspondence between the user and the corresponding access right may be stored in advance. At this time, whether the user has a corresponding access right may be determined through a correspondence relationship stored in advance.
Step 405, in response to determining that the user sending the request does not have the corresponding access right, sending prompt information for prompting that the user sending the request does not have the corresponding access right.
In this embodiment, when it is determined that the user does not have the corresponding access right, a prompt message may be sent to the user to prompt that the user does not have the corresponding access right, so that the security of the data in the data warehouse may be ensured.
Still taking the HIVE data warehouse as an example, the existing HIVE data warehouse is simpler to design for the user's right to access the data. Based on the method, the HIVE data warehouse can be updated according to actual application requirements, so that the user authority design with higher security level is realized. When the new user authority of the HIVE data warehouse is designed, the low coupling between the implementation logic corresponding to the new user authority and the original various processing logics of the HIVE data warehouse can be controlled, and the reliability and flexibility of the updated HIVE data warehouse are enhanced.
Since a data warehouse typically has a large number of users, and the data of the users may be massive, the data security problem is an important consideration in using the data warehouse. Based on this, the scheme described in this embodiment may add, on the basis of the embodiment corresponding to fig. 2, authority control over various data access requests of the user, thereby improving the security of data of each user in the data warehouse.
With further reference to fig. 5, as an implementation of the method shown in the above figures, the present disclosure provides an embodiment of an apparatus for creating a database in a data repository, which corresponds to the embodiment of the method shown in fig. 2, and which is particularly applicable in various electronic devices.
As shown in fig. 5, the apparatus 500 for creating a database in a data warehouse provided by the present embodiment includes an obtaining unit 501, a first determining unit 502, and a creating unit 503. Wherein the obtaining unit 501 is configured to obtain, in response to receiving a request for instructing creation of a database in the data repository, identification information of a user who sent the request; the first determining unit 502 is configured to determine paths of the database in the data warehouse according to the identification information, wherein the paths corresponding to different identification information are different; the creation unit 503 is configured to create a database at the location indicated by the determined path.
In the present embodiment, in the apparatus 500 for creating a database in a data warehouse: the specific processing of the obtaining unit 501, the first determining unit 502, and the creating unit 503 and the technical effects thereof can refer to the related descriptions of step 201, step 202, and step 203 in the corresponding embodiment of fig. 2, which are not described herein again.
In some optional implementations of this embodiment, the identification information includes a user name and a user instance name, where the user instance indicated by the user instance name is an instance of the user indicated by the user name.
In some optional implementations of the present embodiment, the first determining unit 502 is further configured to: acquiring a path of a data warehouse for storing data as a root directory; determining subdirectories under the root directory according to the identification information, wherein the subdirectories corresponding to different identification information are different; and determining the path of the database according to the subdirectories, wherein the path of the database comprises the path where the subdirectories are located.
In some optional implementations of the present embodiment, the first determining unit 502 is further configured to: encrypting the identification information to obtain encrypted identification information; and determining the subdirectory by taking the encrypted identification information as the name of the subdirectory.
In some optional implementations of the present embodiment, the first determining unit 502 is further configured to: encrypting the user name to obtain the encrypted user name; determining the subdirectory as a first subdirectory by taking the encrypted user name as the name of the subdirectory; encrypting the user instance name to obtain an encrypted user instance name; and determining the subdirectory of the first subdirectory as a second subdirectory and determining the path of the second subdirectory as the path of the database by taking the encrypted user instance name as the name of the subdirectory.
In some optional implementations of the present embodiment, the apparatus 500 for creating a database in a data warehouse further includes: a second determining unit (not shown in the figure) is configured to determine whether the user sending the request has a corresponding access right in response to receiving the request for indicating access to the data in the data repository; the sending unit (not shown in the figure) is configured to send prompt information for prompting that the user sending the request does not have the corresponding access right in response to determining that the user sending the request does not have the corresponding access right.
In some optional implementations of this embodiment, the apparatus further includes: the construction unit (not shown in the figure) is configured to construct a correspondence of the user instance indicated by the user instance name to the database.
In some optional implementations of this embodiment, the apparatus further includes: the recording unit (not shown in the figure) is configured to record update information of the user instance indicated by the user instance name, wherein the update information comprises an update time of the user instance indicated by the user instance name.
The apparatus provided by the above embodiment of the present disclosure, in response to receiving a request for instructing creation of a database in a data repository, acquires identification information of a user who sent the request; the first determining unit determines paths of the database in the data warehouse according to the identification information, wherein the paths corresponding to different identification information are different; the creating unit creates a database at the position indicated by the determined path, so that the paths of the databases of different users are different, namely the data of each user is isolated from the data of other users, the isolation of the data among different users is ensured, and the data security of the users stored in the data warehouse is enhanced under a multi-user environment.
Referring now to FIG. 6, a schematic diagram of an electronic device (e.g., the server of FIG. 1) 600 suitable for use in implementing embodiments of the present disclosure is shown. The server shown in fig. 6 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present disclosure.
As shown in fig. 6, electronic device 600 may include a processing means (e.g., central processing unit, graphics processor, etc.) 601 that may perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)602 or a program loaded from a storage means 608 into a Random Access Memory (RAM) 603. In the RAM603, various programs and data necessary for the operation of the electronic apparatus 600 are also stored. The processing device 601, the ROM 602, and the RAM603 are connected to each other via a bus 604. An input/output (I/O) interface 605 is also connected to bus 604.
Generally, the following devices may be connected to the I/O interface 605: input devices 606 including, for example, a touch screen, touch pad, keyboard, mouse, camera, microphone, accelerometer, gyroscope, etc.; output devices 607 including, for example, a Liquid Crystal Display (LCD), a speaker, a vibrator, and the like; storage 608 including, for example, tape, hard disk, etc.; and a communication device 609. The communication means 609 may allow the electronic device 600 to communicate with other devices wirelessly or by wire to exchange data. While fig. 6 illustrates an electronic device 600 having various means, it is to be understood that not all illustrated means are required to be implemented or provided. More or fewer devices may alternatively be implemented or provided. Each block shown in fig. 6 may represent one device or may represent multiple devices as desired.
In particular, according to an embodiment of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network via the communication means 609, or may be installed from the storage means 608, or may be installed from the ROM 602. The computer program, when executed by the processing device 601, performs the above-described functions defined in the methods of embodiments of the present disclosure.
It should be noted that the computer readable medium described in the embodiments of the present disclosure may be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In embodiments of the disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In embodiments of the present disclosure, however, a computer readable signal medium may comprise a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, optical cables, RF (radio frequency), etc., or any suitable combination of the foregoing.
The computer readable medium may be embodied in the server; or may exist separately and not be assembled into the server. The computer readable medium carries one or more programs which, when executed by the server, cause the server to: in response to receiving a request for instructing creation of a database in a data repository, obtaining identification information of a user who sent the request; determining paths of the database in the data warehouse according to the identification information, wherein the paths corresponding to different identification information are different; a database is created at the location indicated by the determined path.
Computer program code for carrying out operations for embodiments of the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + +, and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units described in the embodiments of the present disclosure may be implemented by software or hardware. The described units may also be provided in a processor, and may be described as: a processor includes an acquisition unit, a first determination unit, and a creation unit. Where the names of these units do not constitute a limitation on the units themselves in some cases, for example, the acquisition unit may also be described as "a unit that acquires identification information of a user who sent a request in response to receiving a request for instructing creation of a database in a data repository".
The foregoing description is only exemplary of the preferred embodiments of the disclosure and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention in the embodiments of the present disclosure is not limited to the specific combination of the above-mentioned features, but also encompasses other embodiments in which any combination of the above-mentioned features or their equivalents is made without departing from the inventive concept as defined above. For example, the above features and (but not limited to) technical features with similar functions disclosed in the embodiments of the present disclosure are mutually replaced to form the technical solution.

Claims (11)

1. A method for creating a database in a data warehouse, comprising:
in response to receiving a request to instruct creation of a database in a data repository, obtaining identification information of a user who sent the request;
determining paths of the database in the data warehouse according to the identification information, wherein the paths corresponding to different identification information are different;
creating the database at the location indicated by the determined path.
2. The method of claim 1, wherein the identification information comprises a user name and a user instance name, wherein the user instance indicated by the user instance name is an instance of the user indicated by the user name.
3. The method of claim 1 or 2, wherein said determining a path of said database in said data warehouse from said identification information comprises:
acquiring a path of the data warehouse for storing data as a root directory;
determining subdirectories under the root directory according to the identification information, wherein the subdirectories corresponding to different identification information are different;
and determining a path of the database according to the subdirectories, wherein the path of the database comprises the path of the subdirectories.
4. The method of claim 3, wherein the determining subdirectories under the root directory according to the identification information comprises:
encrypting the identification information to obtain encrypted identification information;
and determining the subdirectory by taking the encrypted identification information as the name of the subdirectory.
5. The method of claim 3, wherein the determining subdirectories under the root directory according to the identification information comprises:
encrypting the user name to obtain an encrypted user name;
determining the subdirectory as a first subdirectory by taking the encrypted user name as the name of the subdirectory; and
the determining the path of the database according to the subdirectory comprises:
encrypting the user instance name to obtain an encrypted user instance name;
and determining the subdirectory of the first subdirectory as a second subdirectory by taking the encrypted user instance name as the name of the subdirectory, and determining the path of the second subdirectory as the path of the database.
6. The method of claim 1, wherein the method further comprises:
in response to receiving a request indicating access to data in the data repository, determining whether a user sending the request has corresponding access rights;
and in response to determining that the user sending the request does not have the corresponding access right, sending prompt information for prompting that the user sending the request does not have the corresponding access right.
7. The method of claim 3, wherein after the creating the database at the location indicated by the determined path, further comprising:
and constructing the corresponding relation between the user instance indicated by the user instance name and the database.
8. The method of claim 3, wherein after the creating the database at the location indicated by the determined path, further comprising:
and recording the updating information of the user instance indicated by the user instance name, wherein the updating information comprises the updating time of the user instance indicated by the user instance name.
9. An apparatus for creating a database in a data warehouse, comprising:
an acquisition unit configured to acquire, in response to receiving a request for instructing creation of a database in a data repository, identification information of a user who transmitted the request;
a first determining unit, configured to determine paths of the database in the data warehouse according to the identification information, where paths corresponding to different identification information are different;
a creation unit configured to create the database at a location indicated by the determined path.
10. A server, comprising:
one or more processors;
a storage device having one or more programs stored thereon;
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-8.
11. A computer-readable medium, on which a computer program is stored which, when being executed by a processor, carries out the method according to any one of claims 1-8.
CN201910604045.2A 2019-07-05 2019-07-05 Method and apparatus for creating a database in a data warehouse Pending CN112181975A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910604045.2A CN112181975A (en) 2019-07-05 2019-07-05 Method and apparatus for creating a database in a data warehouse

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910604045.2A CN112181975A (en) 2019-07-05 2019-07-05 Method and apparatus for creating a database in a data warehouse

Publications (1)

Publication Number Publication Date
CN112181975A true CN112181975A (en) 2021-01-05

Family

ID=73915475

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910604045.2A Pending CN112181975A (en) 2019-07-05 2019-07-05 Method and apparatus for creating a database in a data warehouse

Country Status (1)

Country Link
CN (1) CN112181975A (en)

Similar Documents

Publication Publication Date Title
CN113711536B (en) Extracting data from a blockchain network
US11516288B2 (en) Synchronized content library
US11372990B2 (en) Restricting access to content
KR101974288B1 (en) Synchronization of shared folders and files
EP3235213B1 (en) No password user account access
CN108550037B (en) File processing method and device based on block chain
US9344433B2 (en) Unregistered user account generation for content item sharing
US20140304384A1 (en) Uploading large content items
EP3491808B1 (en) Interchangeable retrieval of content
US10824756B2 (en) Hosted application gateway architecture with multi-level security policy and rule promulgations
US20170371625A1 (en) Content delivery method
US9930063B2 (en) Random identifier generation for offline database
JP6343983B2 (en) Virtual memory gate system
CN115934640A (en) Data storage method, system, electronic equipment and storage medium
CN112181975A (en) Method and apparatus for creating a database in a data warehouse
US10412586B2 (en) Limited-functionality accounts
US9961132B2 (en) Placing a user account in escrow
CN113128200B (en) Method and device for processing information
CN113010475A (en) Method and apparatus for storing trajectory data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination