Processing and interface editing method, device and storage medium for graph database metadata
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- ALIPAY (HANGZHOU) INFORMATION TECH CO LTD
- Filing Date
- 2026-01-16
- Publication Date
- 2026-06-05
AI Technical Summary
Existing graph database systems face collaboration interference and security issues when dealing with ultra-large-scale schemas, making it difficult to effectively manage permissions and data security for multiple teams or individuals in large-scale graph data collaboration scenarios.
When creating node and edge metadata, graph database systems automatically grant users delete, read, and write permissions. They also allow users to refine permissions through permission granting, achieving fine-grained permission isolation and restricting users to work within the scope of their related data.
Fine-grained permission isolation reduces collaboration interference in multi-person collaboration scenarios, improving data operation security and collaboration efficiency.
Smart Images

Figure CN122152302A_ABST
Abstract
Description
Technical Field
[0001] This specification relates to the field of computer technology, and in particular to a method, device, and storage medium for processing and editing the metadata of a graph database. Background Technology
[0002] With the development of complex applications such as enterprise knowledge graphs, social network analysis, and financial risk control systems, the size of the metadata schema corresponding to a single graph in modern graph database systems has expanded dramatically. A typical industry-grade graph data system may define thousands of node types and relationship types, forming a highly complex semantic network structure. In such large-scale graph data environments, multiple professional teams or individuals often need to collaborate on data maintenance, analysis, and application, forming a new data collaboration paradigm.
[0003] However, the current collaboration mechanism of graph database systems suffers from collaboration interference and security issues when faced with ultra-large-scale schemas.
[0004] Therefore, there is a need to provide a large-scale graph data collaboration solution that can reduce collaboration interference and improve data security. Summary of the Invention
[0005] This specification provides a method, device, and storage medium for processing and editing graph database metadata, which can reduce collaboration interference and improve data security in large-scale graph data collaboration scenarios.
[0006] The first aspect of this specification provides a method for processing metadata in a graph database, including: Receive a first metadata operation request from a first user for a graph; the first metadata operation request includes: creating node metadata for the graph; In response to the first metadata operation request, the graph database system creates node metadata for the graph and grants the first user deletion, read, and write permissions for the node metadata. Receive a first permission grant operation request from a first user, the first permission grant operation request being generated in response to the first user's permission grant operation for a second user; In response to the first permission granting operation request, the graph database system grants the second user read and / or write permissions for the node metadata.
[0007] The second aspect of this specification provides a method for editing the metadata interface of a graph database, including: The first screen displays the entry point for creating graph node metadata; In response to the first user's trigger operation to create an entry for the node metadata, the first configuration area is displayed; Based on the node metadata input by the first user in the first configuration area, a first metadata operation request is sent to the server. The first metadata operation request is used to request the graph database system to create the node metadata of the graph. Based on the permission granting operation of the first user for the second user in the first configuration area, a first permission granting operation request is sent to the server. The first permission granting operation request is used to request the graph database system to grant the second user read permissions and / or write permissions for the node metadata.
[0008] A third aspect of this specification provides a graph database metadata processing system, including a client and a server; wherein the client is configured to: display a graph node metadata creation entry on a first interface; display a first configuration area in response to a trigger operation by a first user on the node metadata creation entry; send a first metadata operation request to the server based on the first user's permission granting operation on a second user in the first configuration area; and send a first permission granting operation request to the server based on the first user's permission granting operation on a second user in the first configuration area. The server is configured to receive the first metadata operation request; in response to the first metadata operation request, the graph database system creates node metadata of the graph and grants the first user deletion, read, and write permissions for the node metadata; receive the first permission grant operation request; and in response to the first permission grant operation request, the graph database system grants the second user read and / or write permissions for the node metadata.
[0009] A fourth aspect of this specification provides an apparatus for processing graph database metadata, comprising: A receiving module is configured to receive a first metadata operation request from a first user for a graph; the first metadata operation request includes: creating node metadata for the graph; A creation module is used to respond to the first metadata operation request, the graph database system creates the node metadata of the graph, and grants the first user deletion, read and write permissions for the node metadata; The receiving module is used to receive the first user's request for granting a first permission to the second user; The permission granting module is used to grant the second user read and / or write permissions for the node metadata in response to the first permission granting operation.
[0010] The fifth aspect of this specification provides an interface editing device for graph database metadata, comprising: The display module is used to display the entry point for creating node metadata of the graph on the first interface; The display module is used to display a first configuration area in response to a trigger operation by the first user for creating an entry point for the node metadata; The sending module is used to send a first metadata operation request to the server based on the node metadata input by the first user in the first configuration area. The first metadata operation request is used to request the graph database system to create the node metadata of the graph. The sending module is used to send a first permission granting operation request to the server based on the permission granting information entered by the first user in the first configuration area. The first permission granting operation request is used to request the graph database system to grant the second user read permission and / or write permission for the node metadata.
[0011] A sixth aspect of this specification provides an electronic device, comprising: a memory and a processor, wherein, The memory is used to store programs; The processor, coupled to the memory, is configured to execute the program stored in the memory to implement the method described in any of the preceding embodiments.
[0012] A seventh aspect of this specification provides a computer-readable storage medium storing a computer program that, when executed by a computer, enables the implementation of any of the methods described above.
[0013] An eighth aspect of this specification provides a computer program product including a computer program that, when executed by a processor, implements the method described in any of the preceding descriptions.
[0014] In the technical solutions provided in the embodiments of this specification, the graph database system responds to a user's metadata operation request, creates node metadata, and grants the user deletion, read, and write permissions for that node metadata. That is, the graph database system automatically grants the deletion, read, and write permissions for the node metadata to the creating user when the node metadata is created. Furthermore, the creating user can also grant read and / or write permissions for the node metadata they created to other users through permission granting operations. It is evident that the technical solutions provided in the embodiments of this specification refine permissions down to each node metadata level, thereby achieving fine-grained permission isolation. Through fine-grained permission isolation, multiple teams or individuals are restricted to working within the data scope relevant to themselves, reducing collaboration interference issues in multi-person collaboration scenarios and improving data operation security and collaboration efficiency. Attached Figure Description
[0015] The accompanying drawings, which are included to provide a further understanding of the embodiments described herein and form part of this specification, illustrate embodiments consistent with this specification and, together with the description, serve to explain the principles of this specification.
[0016] Figure 1 A schematic diagram of the structure of a graph database metadata processing system provided as an exemplary embodiment of this specification; Figure 2 A flowchart illustrating a graph database metadata processing method provided as an exemplary embodiment of this specification; Figure 3 An example of a graph pattern provided for an exemplary embodiment of this specification; Figure 4 A flowchart illustrating an exemplary embodiment of this specification for a method of editing the interface of graph database metadata; Figure 5 A schematic diagram of a first interface provided for an exemplary embodiment of this specification; Figure 6 A schematic diagram of a second interface provided for an exemplary embodiment of this specification; Figure 7 This is a schematic diagram of the structure of an electronic device provided as another exemplary embodiment of this specification. Detailed Implementation
[0017] To make the objectives, technical solutions, and advantages of this specification clearer, the technical solutions of this specification will be clearly and completely described below in conjunction with specific embodiments and corresponding drawings. Obviously, the described embodiments are only a part of the embodiments, and not all of the embodiments.
[0018] It should be noted that, in the cases involving user information in the embodiments of this specification, the user information (including but not limited to user device information, user personal information, etc.) and data (including but not limited to data used for analysis, stored data, displayed data, etc.) involved in the embodiments of this specification are all information and data authorized by the user or fully authorized by all parties. Furthermore, the collection, use, and processing of related data must comply with the relevant laws, regulations, and standards of the relevant countries and regions, and corresponding operation entry points are provided for users to choose to authorize or refuse. In addition, the various models involved in this specification (including but not limited to language models or large models) comply with relevant laws and standards.
[0019] Before introducing the graph database metadata processing method provided in the embodiments of this specification, the system architecture involved in the graph database metadata processing method provided in the embodiments of this specification will be introduced. Figure 1 This diagram illustrates the structure of a graph database metadata processing system. For example... Figure 1As shown, the metadata processing system for this graph includes: server 1 and client 2. Among them, The client 2 is configured to: display a graph node metadata creation entry on a first interface; display a first configuration area in response to a trigger operation by a first user on the node metadata creation entry; send a first metadata operation request to the server based on the first user's permission grant operation for a second user in the first configuration area; and send a first permission grant operation request to the server based on the first user's permission grant operation for a second user in the first configuration area. The server 1 is configured to: receive the first metadata operation request; in response to the first metadata operation request, the graph database system creates the graph node metadata and grants the first user deletion, read, and write permissions for the node metadata; receive the first permission grant operation request; and in response to the first permission grant operation request, the graph database system grants the second user read and / or write permissions for the node metadata.
[0020] In this embodiment, server 1 can be a server, service cluster, virtual server, or cloud, etc., and this embodiment does not specifically limit it. Server 1 provides corresponding functional services to client 2, such as providing access services and editing services for graph database metadata. Users can access the functional services provided by the server through a browser, client application (APP), web application H5 (HyperText Markup Language 5, fifth generation HTML), mini-application (also known as a mini-program, a lightweight application), or cloud application on the device corresponding to client 2. The corresponding device of the client can be, but is not limited to, smartphones, smart wearable devices, tablets, laptops, desktop computers, etc.
[0021] In this embodiment, the client can implement the steps in the methods provided in the following partial method embodiments, and the server can implement the steps in the methods provided in the following partial method embodiments, which will be explained in detail below.
[0022] Figure 2 A schematic flowchart of a graph data processing method provided in one embodiment of this specification is shown. Optionally, the execution entity of this method includes server 1. For example... Figure 2 As shown, the execution subject of the method provided in this embodiment can be client 2. The method includes: 100. Receive the first metadata operation request from the first user for the graph.
[0023] The first metadata operation request includes: creating node metadata for the graph.
[0024] 102. In response to the first metadata operation request, the graph database system creates node metadata for the graph and grants the first user deletion, read, and write permissions for the node metadata.
[0025] 104. Receive the first user's request to grant first permissions.
[0026] The first permission granting operation request is generated in response to the permission granting operation of the first user to the second user.
[0027] 106. In response to the first permission granting operation request, the graph database system grants the second user read and / or write permissions for the node metadata.
[0028] In the above 100, a graph is a data structure used to represent entities (nodes) and their relationships (edges), which are constructed from nodes and edges. The graph schema is a structured constraint that defines the types of nodes, edge types, and their connection rules in the graph. It can be understood as a constraint and description of the graph, defining the type of nodes and their mathematical properties, the type of edges and their attributes, and the connection rules between nodes and edges.
[0029] In some embodiments, the graph pattern includes: multiple node types and attributes associated with each node type, multiple edge types and directions and attributes associated with each edge type, and connection rules for specifying which node types are connected by which edge types.
[0030] The client can send a user's initial metadata operation request for the graph to the server, which then receives the request. This initial metadata operation request is used to request the creation of node metadata for the graph. The client can display a node metadata configuration interface for the graph, respond to user node metadata configuration operations within this interface, and send the initial metadata operation request to the server. The specific implementation will be described in detail below.
[0031] In some embodiments, node metadata may include: a type identifier for the type of node to be created and a first attribute associated with the type of node to be created, wherein the number of the first attribute may be one or more, and this specification does not specifically limit the number of such attributes. The first attribute associated with the type of node to be created is used to describe the characteristics of nodes under the type of node to be created. Optionally, the node metadata may also include connection rules specifying which edge type the type of node to be created is connected to.
[0032] In section 102 above, the graph database system creates the node metadata of the graph. That is, adding node metadata to the graph schema is equivalent to adding the node type and its attributes to be created to the graph schema.
[0033] Furthermore, when creating the node metadata of the graph, the graph database system automatically grants the creating user (i.e., the first user) deletion, read, and write permissions for the node metadata. Deletion permission refers to the right to delete node metadata; read permission refers to the right to view node metadata, such as the permission to view attributes associated with the type of node to be created; and write permission refers to the right to modify attributes associated with the type of node to be created in the node metadata. Modification can include changing existing attributes, deleting existing attributes, or adding new attributes.
[0034] In sections 104 and 106 above, the first user's first permission granting operation request is generated based on the first user's permission granting operation to the second user, and is used to request read and / or write permissions for node metadata to be granted to the second user. The second user can be understood as any user within their assigned subgraph who needs to use node metadata. Fine-grained node metadata permission granting ensures that each node's metadata is shared within a reasonable and secure scope. Upon the first user's permission granting operation request, read and / or write permissions for node metadata are granted to the second user. This allows the second user to view and / or modify the node metadata.
[0035] In practical applications, when a user lacks certain permissions regarding a node's metadata, that user cannot perform the corresponding operation on that metadata. For example, if user A does not have delete permission for node metadata 'a', that user cannot delete node metadata 'a'. As another example, if user A does not have write permission for node metadata 'a', that user cannot modify node metadata 'a'. And as yet another example, if user A does not have read permission for node 'a', that user cannot view node metadata 'a'.
[0036] In the technical solutions provided in the embodiments of this specification, the graph database system responds to a user's metadata operation request, creates node metadata, and grants the user deletion, read, and write permissions for that node metadata. That is, the graph database system automatically grants the deletion, read, and write permissions for the node metadata to the creating user when the node metadata is created. Furthermore, the creating user can also grant read and / or write permissions for the node metadata they created to other users through permission granting operations. It is evident that the technical solutions provided in the embodiments of this specification refine permissions down to each node metadata level, thereby achieving fine-grained permission isolation. Through fine-grained permission isolation, multiple teams or individuals are restricted to working within the data scope relevant to themselves, reducing collaboration interference issues in multi-person collaboration scenarios and improving data operation security and collaboration efficiency.
[0037] In some embodiments, the step 102 above, "in response to the first metadata operation request, the graph database system grants the first user deletion, read, and write permissions for the node metadata," can be implemented using the following steps: 1020. In response to the first metadata operation request, the graph database system generates the deletion permission configuration, read permission configuration, and write permission configuration of the node metadata based on the user information of the first user.
[0038] 1022. Associate the storage with the node metadata and its deletion permission configuration, read permission configuration and write permission configuration.
[0039] In step 1020 above, in response to the first metadata operation request, the graph database system generates three permission configurations for the node metadata, each corresponding to a delete permission, a read permission, and a write permission. The permission configuration corresponding to the delete permission is called the delete permission configuration, the permission configuration corresponding to the read permission is called the read permission configuration, and the permission configuration corresponding to the write permission is called the write permission configuration. Each of the delete permission configuration, read permission configuration, and write permission configuration of the node metadata records the user information of the first user. This user information may include a user identifier used to uniquely identify the first user, such as a username or user ID number.
[0040] In the above 1022, the specific implementation method of associated storage can be set according to actual needs, and this specification does not specifically limit it in this way. Associated storage may include physical associated storage or logical associated storage. Physical associated storage stores two sets of data in contiguous storage space or the same file block. Logical associated storage establishes a reference relationship between data through unique identifiers, pointers, or indexes, maintaining independent storage locations but logical binding.
[0041] In this manual, corresponding delete permission configuration, read permission configuration, and write permission configuration are generated and associated with the metadata of each node, which helps to achieve fine-grained permission management.
[0042] In some embodiments, the step 106 above, "in response to the first permission granting operation request, the graph database system grants the second user read and / or write permissions for the node metadata," can be implemented using the following steps: 1060. In response to the first permission granting operation request, the graph database system adds the user information of the second user to the read permission configuration and / or write permission configuration of the node metadata.
[0043] In some specific embodiments, when a first permission granting operation request is used to request granting a second user read permission for node metadata, the graph database system responds to the request and adds the second user's user information to the node metadata read permission configuration. Thus, the node metadata read permission configuration records the user information of both the first and second users.
[0044] In other specific embodiments, when a first permission granting operation request is used to request granting a second user write permissions to node metadata, the graph database system responds to the request and adds the second user's user information to the write permission configuration of the node metadata. Thus, the write permission configuration of the node metadata records the user information of both the first and second users.
[0045] In some specific embodiments, when a first permission granting operation request is used to request granting a second user read and write permissions to node metadata, the graph database system responds to the request by adding the second user's user information to the read and write permission configurations of the node metadata. Thus, the write permission configuration of the node metadata records the user information of both the first and second users, and the read permission configuration of the node metadata also records the user information of both users.
[0046] In the embodiments described in this specification, the permission grant can be completed by adding the user information of the second user in the corresponding permission configuration of the node metadata, and the solution is simple to implement.
[0047] In some embodiments, the above method may further include: 108. Receive a second metadata operation request from the first user for the graph.
[0048] The second metadata operation request includes: creating edge metadata for the graph.
[0049] 110. In response to the second metadata operation request, the graph database system creates edge metadata of the graph and grants the first user deletion, read and write permissions for the edge metadata.
[0050] 112. Receive the second permission granting operation request from the first user.
[0051] The second permission granting operation request is generated in response to the permission granting operation of the first user to the third user.
[0052] 120. In response to the second permission granting operation request, the graph database system grants the third user read and / or write permissions for the edge metadata.
[0053] In step 108 above, the client can send a user's request for second metadata operations on the graph to the server, and the server receives the request. This second metadata operation request is used to request the creation of edge metadata for the graph. The client can display an edge metadata configuration interface for the graph, respond to user edge metadata configuration operations in the interface, and send a second metadata operation request to the server. The specific implementation will be described in detail below.
[0054] In some embodiments, the edge metadata may include: a type identifier for the edge type to be created and a second attribute associated with the edge type to be created, wherein the number of the second attribute may be one or more, and this specification does not specifically limit the number of such attributes. The second attribute associated with the edge type to be created is used to describe the characteristics of the edges under the edge type to be created. Optionally, the edge metadata may also include: connection constraints used to limit which type of node the edge type to be created connects to.
[0055] In 110 above, the graph database system creates edge metadata for the graph, that is, adding edge metadata to the graph schema is equivalent to adding the edge type to be created and its attributes to the graph schema.
[0056] Furthermore, when creating the edge metadata of a graph, the graph database system automatically grants the creating user (i.e., the first user) deletion, read, and write permissions for the edge metadata. Deletion permission refers to the right to delete edge metadata; read permission refers to the right to view edge metadata, such as the permission to view attributes associated with the type of edge to be created; and write permission refers to the right to modify attributes associated with the type of edge to be created in the edge metadata. Modification can include changing existing attributes, deleting existing attributes, or adding new attributes.
[0057] In sections 112 and 114 above, the first user's first permission granting operation request is generated based on the first user's permission granting operation to the third user. This request requests read and / or write permissions for edge metadata to be granted to the third user. The third user can be understood as any user within their assigned subgraph who needs to use the edge metadata. Fine-grained metadata permission granting ensures that each piece of edge metadata is shared within a reasonable and secure scope. Upon the first user's permission granting operation request, read and / or write permissions for the edge metadata are granted to the third user. This allows the third user to view and / or modify the edge metadata.
[0058] In practical applications, when a user lacks certain permissions for a specific piece of edge metadata, that user cannot perform the corresponding operation on that edge metadata. For example, if user A does not have delete permission for edge metadata 'a', that user cannot delete edge metadata 'a'. As another example, if user A does not have write permission for edge metadata 'a', that user cannot modify edge metadata 'a'. And as yet another example, if user A does not have read permission for edge metadata 'a', that user cannot view edge metadata 'a'.
[0059] In the technical solutions provided in the embodiments of this specification, the graph database system responds to a user's metadata operation request, creates edge metadata, and grants the user deletion, read, and write permissions for that edge metadata. That is, the graph database system automatically grants these permissions to the creating user when the edge metadata is created. Furthermore, the creating user can also grant read and / or write permissions for the edge metadata they created to other users through permission granting operations. Therefore, the technical solutions provided in the embodiments of this specification refine permissions down to each edge metadata element, thereby achieving fine-grained permission isolation. Through fine-grained permission isolation, multiple teams or individuals are restricted to working within the data scope relevant to themselves, reducing collaboration interference issues in multi-person collaboration scenarios and improving data operation security and collaboration efficiency.
[0060] In some embodiments, the step 110 above, "in response to the second metadata operation request, the graph database system grants the first user deletion, read, and write permissions for the edge metadata," can be implemented using the following steps: 1100. In response to the second metadata operation request, the graph database system generates the deletion permission configuration, read permission configuration, and write permission configuration of the edge metadata based on the user information of the first user.
[0061] 1102. Associate the storage of the edge metadata and its deletion permission configuration, read permission configuration and write permission configuration.
[0062] The user information of the first user is recorded in the deletion permission configuration, read permission configuration and write permission configuration of the edge metadata.
[0063] In step 1100 above, in response to the second metadata operation request, the graph database system generates three permission configurations for the edge metadata, each corresponding to a delete permission, a read permission, and a write permission. The permission configuration corresponding to the delete permission is called the delete permission configuration, the permission configuration corresponding to the read permission is called the read permission configuration, and the permission configuration corresponding to the write permission is called the write permission configuration. Each of the delete permission configuration, read permission configuration, and write permission configuration for the edge metadata records the user information of the first user. This user information may include a user identifier used to uniquely identify the first user, such as a username or user ID number.
[0064] In the above 1022, the specific implementation method of associated storage can be set according to actual needs, and this specification does not specifically limit it in this way. Associated storage may include physical associated storage or logical associated storage. Physical associated storage stores two sets of data in contiguous storage space or the same file block. Logical associated storage establishes a reference relationship between data through unique identifiers, pointers, or indexes, maintaining independent storage locations but logical binding.
[0065] In this specification, corresponding delete permission configuration, read permission configuration, and write permission configuration are generated and associated with each edge metadata, which helps to achieve fine-grained permission management.
[0066] In some embodiments, the step 120 above, "in response to the second permission granting operation request, the graph database system grants the third user read and / or write permissions for the edge metadata," can be implemented using the following steps: 1200. In response to the second permission granting operation request, the graph database system adds the user information of the third user to the read permission configuration and / or write permission configuration of the edge metadata.
[0067] In some specific embodiments, when a second permission granting operation request is used to request granting a third user read permission for edge metadata, the graph database system responds to the request and adds the third user's user information to the edge metadata read permission configuration. Thus, the edge metadata read permission configuration records the user information of both the first and third users.
[0068] In other specific embodiments, when a second permission granting operation request is used to request granting a third user write permissions to the edge metadata, the graph database system responds to the request and adds the third user's user information to the edge metadata write permission configuration. Thus, the edge metadata write permission configuration records the user information of both the first and third users.
[0069] In some specific embodiments, when a second permission granting operation request is used to request granting a third user read and write permissions to the edge metadata, the graph database system responds to the request by adding the third user's user information to the read and write permission configurations of the edge metadata. Thus, the write permission configuration of the edge metadata records the user information of both the first and third users, and the read permission configuration of the edge metadata also records the user information of both the first and third users.
[0070] In the embodiments described in this specification, the permission granting can be completed by adding the user information of the third user in the corresponding permission configuration of the edge metadata, and the solution is simple to implement.
[0071] In some embodiments, the graph corresponds to multiple node metadata and multiple edge metadata. That is, the graph schema of the graph records multiple node metadata and multiple edge metadata. The above method may further include: 122. In response to the first user's request to view the metadata of the graph, based on the deletion permission configuration, read permission configuration and write permission configuration of the plurality of node metadata, determine the target node metadata for which the first user has deletion permission, read permission or write permission from the plurality of node metadata, and based on the deletion permission configuration, read permission configuration and write permission configuration of the plurality of edge metadata, determine the target edge metadata for which the first user has deletion permission, read permission or write permission from the plurality of edge metadata.
[0072] 124. Output the target node metadata and the target edge metadata to the first user for the first user to view.
[0073] In section 122 above, the metadata viewing request is used to request to view the metadata of the graph, that is, to request to view the graph schema.
[0074] If at least one of the delete, read, and write permission configurations for a node's metadata contains user information of the first user, then that node's metadata is identified as the target node's metadata. In other words, at least one of the delete, read, and write permission configurations for the target node's metadata contains user information of the first user.
[0075] When at least one of the delete, read, and write permission configurations for a certain edge metadata contains user information of the first user, that edge metadata is identified as the target edge metadata. In other words, at least one of the delete, read, and write permission configurations for the target edge metadata contains user information of the first user.
[0076] The target node metadata can be one or more, and the target edge metadata can be one or more.
[0077] In the above 124, the target node metadata and target edge metadata can be sent to the first user's client so that the first user's client can display the target node metadata and target edge metadata on the interface. In some optional embodiments, the first user's client can display the target node metadata and target edge metadata in a visual manner on the interface, thereby increasing data visualization and improving the user's viewing experience. The visualization form can be designed according to actual needs, and the embodiments in this specification do not specifically limit it.
[0078] In the embodiments of this specification, when a user views the graph mode, the default view is of the node metadata and edge metadata that the user has permission to access. In this way, in the multi-user collaboration mode, not only can the interference of node metadata and edge metadata that are irrelevant to the user in the graph mode be avoided, effectively improving the user's graph editing efficiency and user editing experience, but also the security and isolation of the graph metadata can be improved.
[0079] In some embodiments, the graph schema is created collaboratively by multiple users. For example, such as... Figure 3 The graph pattern shown was jointly created by user x and user y. Node type A, edge type B, vertex type C, edge type E, and vertex type D were created by user x, while vertex type AA, edge type BB, and vertex type CC were created by user y.
[0080] like Figure 3 As shown, the deletion permission configurations for point type A, edge type B, point type C, edge type E, and node type D created by user x include user x; the write permission configurations include user x; and the read permission configurations include user x. User x grants read permission for point D to user y; therefore, the read permission configuration for point D created by user x also includes user y. User x grants both read and write permissions for point type D to user y; therefore, the read and write permission configurations for point D created by user x also include user y.
[0081] User y's deletion permission configuration for point type AA, edge type BB, and node type CC includes user y; its write permission configuration includes user y; and its read permission configuration includes user y. User y grants read permission for point type CC to user x; therefore, the read permission configuration for node type CC also includes user x.
[0082] In some embodiments, the graph includes a graph in a graph database. A graph database is a data management system designed for efficient storage and querying of graphs, with nodes and edges as the basic storage units. In a graph database, relationships between data are just as important as the data itself; they are stored as part of the data. This architecture enables graph databases to quickly respond to complex relational queries because the relationships between entities are pre-stored in the database. Graph databases can intuitively visualize relationships and are an effective method for storing, querying, and analyzing highly interconnected data.
[0083] Figure 4 This is a flowchart illustrating a method for editing graph database metadata using an interface, as provided in one embodiment of this specification. In some embodiments, the method is executed by a client. Figure 3 As shown, the method may include: 200. On the first screen, the entry point for creating graph node metadata is displayed.
[0084] 202. In response to the first user's trigger operation for creating an entry point for the node metadata, the first configuration area is displayed.
[0085] 204. Based on the node metadata input by the first user in the first configuration area, send a first metadata operation request to the server.
[0086] The first metadata operation request is used to request the graph database system to create node metadata for the graph.
[0087] 206. Based on the permission granting operation of the first user for the second user in the first configuration area, send a first permission granting operation request to the server.
[0088] The first permission granting operation request is used to request the graph database system to grant the second user read and / or write permissions for the node metadata.
[0089] In the above 200, the entry point for creating node metadata may include interactive controls or links.
[0090] For example, such as Figure 5 As shown, the first interface 300 can display the "Add Node" control 31.
[0091] In the above 202, for example, such as Figure 5 As shown, in response to the first user's trigger operation for creating an entry point for the node metadata, such as a click operation, the first configuration area 32 is displayed on the first interface 300.
[0092] In step 204 above, the first user can input node metadata in the first configuration area 32, including at least the type identifier (e.g., node type name) of the node type to be created and its corresponding attribute information.
[0093] In some optional implementations, after the first user enters node metadata in the first configuration area 32, he / she can click the "Save" control 38 in the interface 300. In response to the user's trigger operation on the "Save" control 38, a first metadata operation request is sent to the server based on the node metadata entered by the first user in the first configuration area. The first metadata operation request is used to request the graph database system to create the node metadata of the graph.
[0094] In the above 206, the first user can input permission granting operations for the second user in the first configuration area 32. The operation includes at least: inputting the user information of the second user and inputting the permissions to be granted to the second user.
[0095] In some optional implementations, after the first user enters a permission granting operation for the second user in the first configuration area 32, they can click the "Save" control 43 in the first interface 300. In response to the user's triggering operation on the "Save" control 38, a first permission granting operation request is sent to the server based on the first user's permission granting operation for the second user in the first configuration area. The first permission granting operation request may carry the second user's user information and the permission information for granting the second user, such as the permission name.
[0096] In this embodiment, users can not only create node metadata but also configure permissions for newly created node metadata on the same interface. Therefore, this solution can achieve fine-grained permission configuration with low operational costs.
[0097] In some embodiments, such as Figure 5 and Figure 6 As shown, the first configuration area 32 is used to display the input sub-area 33 for the type identifier of the node type to be created, the attribute input sub-area 35, and the permission granting sub-area 42.
[0098] In some embodiments, the attribute input sub-region 35 and the permission granting sub-region 42 may be displayed simultaneously in the first configuration region 32.
[0099] In other exemplary embodiments, the first configuration area 32 may display the corresponding sub-area in response to a user's sub-area selection operation. That is, at any given time, the first configuration area 32 displays only one of the sub-areas: the attribute input sub-area 35 and the permission granting sub-area 42. For example, as... Figure 4As shown, in response to a user's triggering action on the "Attribute" selection control 34 within the first configuration area 32, such as a click, the node metadata configuration sub-area 35 is displayed. For example, as shown... Figure 5 As shown, in response to a user's triggering operation on the "Permissions" selection control 39 within the first configuration area 32, such as a click operation, permission is granted to the sub-area 42.
[0100] In some optional implementations, the permission granting sub-area 42 may include a user selection box and a permission selection box. The user selection box is used to select a second user from multiple users, and the permission selection box is used to select the target permission to be granted to the second user from multiple alternative permissions.
[0101] In some embodiments, the multiple alternative permissions may include, but are not limited to, deletion permission, read permission, and write permission.
[0102] In some embodiments, such as Figure 5 As shown, the first interface 300 can also display a graph mode visualization area 45, which is used to visualize the graph mode of the graph.
[0103] In the above 1044, the operation permission information of the first image element is used to limit the authorized user of the first image element and the operation permissions that the authorized user has for the first image element. For example, the operation permission information of the first image element may include the authorized user and the operation permissions that the authorized user has for the first image element.
[0104] In the embodiments of this specification, users can access an interactive permission configuration interface through the permission configuration entry point. Users can complete complex permission configuration tasks through simple interface operations, which can reduce the complexity and technical threshold of permission configuration.
[0105] In some embodiments, the above method may further include: 208. On the first interface, the edge metadata creation entry for the graph is displayed.
[0106] 210. In response to the first user's trigger operation for creating an entry point for the edge metadata, display the second configuration area.
[0107] 212. Based on the edge metadata input by the first user in the second configuration area, a second metadata operation request is sent to the server. The second metadata operation request is used to request the graph database system to create the edge metadata of the graph.
[0108] 214. Based on the permission granting operation of the first user for the third user in the second configuration area, send a second permission granting operation request to the server. The second permission granting operation request is used to request the graph database system to grant the third user read permission and / or write permission for the edge metadata.
[0109] In section 208 above, the edge metadata creation entry point may include interactive controls and / or links.
[0110] For example, such as Figure 5 As shown, the entry point for edge metadata creation is the "Add Edge" control 44.
[0111] In step 210 above, in response to the first user's triggering operation for creating the edge metadata entry, such as a click operation, the second configuration area is displayed.
[0112] In 212 above, the first user can input edge metadata in the second configuration area (not shown), which includes at least the type identifier (e.g., edge type name) of the edge type to be created and its corresponding attribute information.
[0113] In some optional implementations, after the first user enters edge metadata in the second configuration area, he / she can click the "Save" control in the second configuration area. In response to the user's triggering operation on the "Save" control, a second metadata operation request is sent to the server based on the edge metadata entered by the first user in the second configuration area. The second metadata operation request is used to request the graph database system to create the edge metadata of the graph.
[0114] In 214 above, the first user can enter permission granting operations for the third user in the second configuration area. The operation includes at least: entering the user information of the third user and entering the permissions to be granted to the third user.
[0115] In some optional implementations, after the first user enters a permission granting operation for the second user in the second configuration area, they can click the "Save" control in the second configuration area. In response to the user's triggering operation on the "Save" control, a second permission granting operation request is sent to the server based on the first user's permission granting operation for the third user in the second configuration area. The second permission granting operation request may carry the third user's user information and the permission information for granting the third user, such as the permission name.
[0116] In this embodiment, users can not only create edge metadata but also configure permissions for newly created edge metadata on the same interface. Therefore, this solution can achieve fine-grained permission configuration with low operational costs.
[0117] In some embodiments, the second configuration area is used to display the input sub-area of the type identifier of the edge type to be created, the attribute input sub-area, and the permission granting sub-area.
[0118] In some embodiments, the attribute input sub-area and the permission granting sub-area can be displayed simultaneously in the second configuration area, or, based on user interaction events, the attribute input sub-area and the permission granting sub-area can be dynamically switched at the same interface location. For specific implementation, please refer to the sub-area dynamic switching display method in the first configuration area described above.
[0119] It should be noted that any steps in the methods provided in the embodiments of this specification that are not fully described in detail can be found in the corresponding content of the above embodiments, and will not be repeated here. Furthermore, the methods provided in the embodiments of this specification may include other parts or all of the steps in the above embodiments in addition to the steps described above; for details, please refer to the corresponding content of the above embodiments, and will not be repeated here.
[0120] This specification also provides an embodiment of a graph database metadata processing apparatus. The apparatus includes: A receiving module is configured to receive a first metadata operation request from a first user for a graph; the first metadata operation request includes: creating node metadata for the graph; A creation module is used to respond to the first metadata operation request, the graph database system creates the node metadata of the graph, and grants the first user deletion, read and write permissions for the node metadata; The receiving module is used to receive the first user's request for granting a first permission to the second user; The permission granting module is used to grant the second user read and / or write permissions for the node metadata in response to the first permission granting operation.
[0121] One embodiment of this specification also provides a graphical database metadata interface editing device, including: The display module is used to display the entry point for creating node metadata of the graph on the first interface; The display module is used to display a first configuration area in response to a trigger operation by the first user for creating an entry point for the node metadata; The sending module is used to send a first metadata operation request to the server based on the node metadata input by the first user in the first configuration area. The first metadata operation request is used to request the graph database system to create the node metadata of the graph. The sending module is used to send a first permission granting operation request to the server based on the permission granting information entered by the first user in the first configuration area. The first permission granting operation request is used to request the graph database system to grant the second user read permission and / or write permission for the node metadata.
[0122] It should be noted that the devices provided in the above embodiments can implement the technical solutions described in the corresponding method embodiments above. The specific implementation principles and corresponding beneficial effects of the above modules or units can be found in the corresponding content of the above method embodiments, and will not be repeated here.
[0123] This specification also provides an electronic device according to one embodiment. For example... Figure 7 As shown, the electronic device includes a processor 42 and a memory 41. The memory 41 stores one or more computer programs (or instructions); the processor 42 is coupled to the memory 41 and is used for the at least one or more computer programs to implement the steps in the methods provided in the embodiments of this specification.
[0124] Furthermore, the electronic device also includes other components such as a communication component 43, a display 44, a power supply component 45, and an audio component 46. Only some components are shown here for illustrative purposes, and it is not intended that the electronic device contains only these components.
[0125] The methods in this specification can be implemented, in whole or in part, by software, hardware, firmware, or any combination thereof. When implemented in software, they can be implemented, in whole or in part, as a computer program product. Therefore, this specification also provides a computer program product. This computer program product includes a computer program / instructions that, when executed by an electronic component such as a processor, can perform, in whole or in part, the steps or functions of the methods provided in the embodiments of this specification. The computer can be a general-purpose computer, a special-purpose computer, a computer network, network equipment, user equipment, core network equipment, or other programmable device.
[0126] The aforementioned memory can be implemented by any type of volatile or non-volatile storage device or a combination thereof, such as Static Random-Access Memory (SRAM), Electrically Erasable Programmable Read Only Memory (EEPROM), Erasable Programmable Read Only Memory (EPROM), Programmable Read-Only Memory (PROM), Read-Only Memory (ROM), magnetic storage, flash memory, magnetic disk, or optical disk.
[0127] The aforementioned display includes a screen, which may include a Liquid Crystal Display (LCD) and a Touch Panel (TP). If the screen includes a Touch Panel, the screen can be implemented as a touchscreen to receive input signals from the user. The Touch Panel includes one or more touch sensors to sense touches, swipes, and gestures on the Touch Panel. The touch sensors can sense not only the boundaries of touch or swipe actions but also the duration and pressure associated with the touch or swipe operation.
[0128] The aforementioned power supply components provide power to various components within the device in which they reside. These power supply components may include a power management system, one or more power sources, and other components associated with generating, managing, and distributing power to the device in which they reside.
[0129] The aforementioned audio component can be configured to output and / or input audio signals. For example, the audio component includes a microphone (MIC) configured to receive external audio signals when the device containing the audio component is in an operating mode, such as call mode, recording mode, or voice recognition mode. The received audio signals can be further stored in memory or transmitted via a communication component. In some embodiments, the audio component also includes a speaker for outputting audio signals.
[0130] Accordingly, embodiments of this specification also provide a computer-readable storage medium storing a computer program, which, when executed by a processor, enables the processor to implement the steps in the above-described method embodiments. The computer-readable storage medium includes volatile or non-volatile components, or a combination thereof, and can be removable or non-removable. Examples of computer-readable storage media include, but are not limited to, phase-change random access memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random-access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), flash memory or other memory technologies, CD-ROM, Digital Video Disc (DVD) or other optical storage, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other non-transfer medium.
[0131] Accordingly, embodiments of this specification also provide a computer program product, which includes a computer program or instructions that, when executed by a processor, cause the processor to implement the steps in the above-described method embodiments. It should be understood that each step or combination of steps in the above-described method flow can be implemented by the computer program or instructions. Furthermore, these computer programs or instructions can be applied to the processor of a general-purpose computer, a special-purpose computer, an embedded processor, or other programmable data processing device, enabling the processor of the general-purpose computer, special-purpose computer, embedded processor, or other programmable data processing device to function as an apparatus for implementing the corresponding functions in the above-described method embodiments.
[0132] The foregoing has described specific embodiments of this specification. Other embodiments are within the scope of the appended claims. In some cases, the actions or steps recited in the claims may be performed in a different order than that shown in the embodiments and may still achieve the desired result. Furthermore, the processes depicted in the drawings do not necessarily require the specific or sequential order shown to achieve the desired result. In some embodiments, multitasking and parallel processing are possible or may be advantageous.
[0133] The various embodiments in this specification are described in a progressive manner. Similar or identical parts between embodiments can be referred to mutually. Each embodiment focuses on describing the differences from other embodiments. In particular, for embodiments such as devices, electronic devices, storage media, and program products, since they are basically similar to the method embodiments, the descriptions are relatively simple, and relevant parts can be referred to the descriptions of the method embodiments.
[0134] It should also be noted that the terms "comprising," "including," or any other variations thereof are intended to cover non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements includes not only those elements but also other elements not expressly listed, or elements inherent to such process, method, article, or apparatus. Unless otherwise specified, an element defined by the phrase "comprising one..." does not exclude the presence of other identical elements in the process, method, article, or apparatus that includes that element.
[0135] The above are merely embodiments of this specification and are not intended to limit this specification. Various modifications and variations can be made to this specification by those skilled in the art. Any modifications, equivalent substitutions, improvements, etc., made within the spirit and principles of this specification should be included within the scope of the claims of this application.
Claims
1. A method for processing metadata in a graph database, characterized in that, include: Receive the first metadata operation request from the first user for the graph; The first metadata operation request includes: creating node metadata for the graph; In response to the first metadata operation request, the graph database system creates node metadata for the graph and grants the first user deletion, read, and write permissions for the node metadata. Receive a first permission grant operation request from a first user, the first permission grant operation request being generated in response to the first user's permission grant operation for a second user; In response to the first permission granting operation request, the graph database system grants the second user read and / or write permissions for the node metadata.
2. The method according to claim 1, characterized in that, In response to the first metadata operation request, the graph database system grants the first user deletion, read, and write permissions for the node metadata, including: In response to the first metadata operation request, the graph database system generates the deletion permission configuration, read permission configuration, and write permission configuration of the node metadata based on the user information of the first user. Associate the node metadata and its deletion permission configuration, read permission configuration, and write permission configuration; The deletion permission configuration, read permission configuration, and write permission configuration of the node metadata all record the user information of the first user.
3. The method according to claim 2, characterized in that, In response to the first permission granting operation request, the graph database system grants the second user read and / or write permissions for the node metadata, including: In response to the first permission granting operation request, the graph database system adds the second user's user information to the read permission configuration and / or write permission configuration of the node metadata.
4. The method according to claim 1, characterized in that, The node metadata includes: a type identifier for the type of node to be created and a first attribute associated with the type of node to be created, wherein the first attribute is used to describe the characteristics of a node belonging to the type of node.
5. The method according to any one of claims 1 to 4, characterized in that, The method further includes: Receive a second metadata operation request from a first user for the graph; the second metadata operation request includes: creating edge metadata for the graph; In response to the second metadata operation request, the graph database system creates edge metadata for the graph and grants the first user deletion, read, and write permissions for the edge metadata. Receive a second permission grant operation request from the first user, the second permission grant operation request being generated in response to the first user's permission grant operation for the third user; In response to the second permission granting operation request, the graph database system grants the third user read and / or write permissions for the edge metadata.
6. The method according to claim 5, characterized in that, In response to the second metadata operation request, the graph database system grants the first user deletion, read, and write permissions for the edge metadata, including: In response to the second metadata operation request, the graph database system generates the deletion permission configuration, read permission configuration, and write permission configuration of the edge metadata based on the user information of the first user; The associated storage contains the edge metadata and its deletion permission configuration, read permission configuration, and write permission configuration; The user information of the first user is recorded in the deletion permission configuration, read permission configuration and write permission configuration of the edge metadata.
7. The method according to claim 6, characterized in that, In response to the second permission granting operation request, the graph database system grants the third user read and / or write permissions for the edge metadata, including: In response to the second permission granting operation request, the graph database system adds the third user's user information to the read permission configuration and / or write permission configuration of the edge metadata.
8. The method according to claim 5, characterized in that, The edge metadata includes an identifier for the edge type to be created and at least one second attribute field associated with the edge type to be created, the second attribute field being used to describe the characteristics of the edges belonging to the edge type to be created.
9. The method according to any one of claims 1 to 4, characterized in that, The graph corresponds to multiple node metadata and multiple edge metadata; The method further includes: In response to the first user's request to view the metadata of the graph, based on the deletion permission configuration, read permission configuration and write permission configuration of the plurality of node metadata, the target node metadata for which the first user has deletion permission, read permission or write permission is determined from the plurality of node metadata; based on the deletion permission configuration, read permission configuration and write permission configuration of the plurality of edge metadata, the target edge metadata for which the first user has deletion permission, read permission or write permission is determined from the plurality of edge metadata. The target node metadata and the target edge metadata are output to the first user for the first user to view.
10. A method for editing the metadata of a graph database using a user interface, characterized in that, include: The first screen displays the entry point for creating graph node metadata; In response to the first user's trigger operation to create an entry for the node metadata, the first configuration area is displayed; Based on the node metadata input by the first user in the first configuration area, a first metadata operation request is sent to the server. The first metadata operation request is used to request the graph database system to create the node metadata of the graph. Based on the permission granting operation of the first user for the second user in the first configuration area, a first permission granting operation request is sent to the server. The first permission granting operation request is used to request the graph database system to grant the second user read permissions and / or write permissions for the node metadata.
11. The method according to claim 10, characterized in that, Also includes: The first interface displays the entry point for creating graph edge metadata; In response to the first user's trigger operation for creating an entry point for the edge metadata, the second configuration area is displayed; Based on the edge metadata input by the first user in the second configuration area, a second metadata operation request is sent to the server. The second metadata operation request is used to request the graph database system to create the edge metadata of the graph. Based on the permission granting operation of the first user for the third user in the second configuration area, a second permission granting operation request is sent to the server. The second permission granting operation request is used to request the graph database system to grant the third user read permission and / or write permission for the edge metadata.
12. A graph database metadata processing system, characterized in that, Including client and server sides; among which, The client is configured to: display a node metadata creation entry for a graph on a first interface; display a first configuration area in response to a trigger operation by a first user on the node metadata creation entry; send a first metadata operation request to the server based on the permission grant operation by the first user on the second user in the first configuration area; and send a first permission grant operation request to the server based on the permission grant operation by the first user on the second user in the first configuration area. The server is configured to receive the first metadata operation request; in response to the first metadata operation request, the graph database system creates node metadata of the graph and grants the first user deletion, read, and write permissions for the node metadata; receive the first permission grant operation request; and in response to the first permission grant operation request, the graph database system grants the second user read and / or write permissions for the node metadata.
13. A graph database metadata processing apparatus, characterized in that, include: The receiving module is used to receive the first metadata operation request from the first user for the graph; The first metadata operation request includes: creating node metadata for the graph; A creation module is used to respond to the first metadata operation request, the graph database system creates the node metadata of the graph, and grants the first user deletion, read and write permissions for the node metadata; The receiving module is used to receive the first user's request for granting a first permission to the second user; The permission granting module is used to grant the second user read and / or write permissions for the node metadata in response to the first permission granting operation.
14. A graphical user interface editing device for graph database metadata, characterized in that, include: The display module is used to display the entry point for creating node metadata of the graph on the first interface; The display module is used to display a first configuration area in response to a trigger operation by the first user for creating an entry point for the node metadata; The sending module is used to send a first metadata operation request to the server based on the node metadata input by the first user in the first configuration area. The first metadata operation request is used to request the graph database system to create the node metadata of the graph. The sending module is used to send a first permission granting operation request to the server based on the permission granting information entered by the first user in the first configuration area. The first permission granting operation request is used to request the graph database system to grant the second user read permission and / or write permission for the node metadata.
15. An electronic device, characterized in that, include: Memory and processor, among which, The memory is used to store programs; The processor, coupled to the memory, is configured to execute the program stored in the memory to implement the method of any one of claims 1 to 11.
16. A computer-readable storage medium storing a computer program, characterized in that, When the computer program is executed by a computer, it can implement the method of any one of claims 1 to 11.
17. A computer program product, comprising a computer program, characterized in that, When the computer program is executed by a processor, it implements the method of any one of claims 1 to 11.