Business Introduction

Traditional mobile application development , Developers need to build every service from scratch , A lot of development work , High threshold . Developers are writing application logic , Data management also needs to be addressed 、 End cloud data synchronization and server deployment and maintenance .

Cloud DB It is a database product for end cloud collaboration , Provide collaborative management of end cloud data 、 Unified data model and rich data management API Interface and other capabilities . In ensuring the availability of data 、 reliability 、 Uniformity , And security , It can realize the seamless synchronization of data between the client and the cloud , And provide offline support for applications , To help developers quickly build the end cloud 、 Application of multi terminal collaboration . meanwhile ,Cloud DB As AppGallery Connect Part of the solution , by AppGallery Connect The platform builds MBaaS（Mobile Backend as a Service, Mobile backend as a service ） Ability . So that application developers can focus on the business of the application itself , Greatly improve the productivity of developers .

The main function

Cloud DB It is a database product for end cloud collaboration , Support data in the end cloud 、 Seamless synchronization between multiple terminals , And provide offline support for applications , To help you quickly build the end cloud 、 Application of multi terminal collaboration .

• Flexible synchronization mode

  Cloud DB Support cache and local data synchronization modes . In cache mode , End side data is a subset of cloud side data , If persistence is allowed , The results of the query will be automatically cached to the end side ; In local mode , Data is only stored locally , Do not synchronize with cloud side data .

• Powerful query ability

  Cloud DB Support rich predicate queries , It can contain multiple chain filter conditions , You can combine filtering with sorting or limiting the number of returned result set objects . In cache mode , You can specify to query data from cloud side storage or local storage ; In local mode , Query data directly from local storage .

• Real time updates

  Cloud DB In cache mode , You can listen to the data you need to pay attention to , And make use of Cloud DB Data synchronization function , Change the data in the end cloud 、 Real time update between multiple devices .

• Offline Support

  Cloud DB In cache mode , If you allow cache persistence , When the device is offline , Application queries on cloud databases will change to local queries by default . When the device is back online ,Cloud DB All locally written data will be automatically synchronized to the cloud database .

• Extensibility

  Cloud DB It provides the functions of Huawei cloud's powerful infrastructure , Automatic multi region data replication 、 Atomicity of batch operations 、 Consistency assurance and transaction support .

• Security

  Cloud DB Support the whole process encryption data management of the end cloud ,APP、 Triple authentication of users and services , Role based permission management, etc , Ensure data security in an all-round way .

working principle

Cloud DB It supports the collaborative management of end cloud data 、 Extensible Serverless Database products , Provide easy-to-use multi platform native SDK, Your Android application 、iOS application 、Web application 、 Fast applications and fast games can be achieved through SDK Directly access the cloud side database . meanwhile ,Cloud DB It also supports the adoption of Server SDK Directly manage cloud side data , Realize efficient management of cloud side data .

Cloud DB Adopt the data storage structure based on object model . Data is stored in different storage areas in the form of objects , Every object , Is a complete data record . Object types are used to define a collection of stored objects , Different object types correspond to different data structures . A storage area is an independent data storage area , Each store has exactly the same object type definition . You can AppGallery Connect Console , Define object types 、 Create storage and manage data .Cloud DB Support for multiple data type , Include simple strings 、 Values, text, etc .

Cloud DB It also provides multiple data security policies . Full process encryption management capability based on privacy or sensitive data , The data of the encrypted field will be encrypted on the end side , Then it is sent in ciphertext form and stored on the cloud side , Only application users can obtain key information and access their own encrypted data according to the password they enter . Role based Rights management Model , To ensure data security . By preset 4 Kind of characters and 3 Species jurisdiction , Simplify your rights management operations . You can AppGallery Connect The console can simply set unique permissions for each object type .

Platform support description

Data model

Cloud DB Is a database based on object model , Adopt storage area 、 Object type and object three-level structure . When developing applications , Each application will instantiate one Cloud DB example , Based on this example , You can create multiple stores .

Storage area

Storage area （ namely Cloud DB zone） Is an independent data storage area , Multiple data stores are independent of each other . Each store has exactly the same object type definition , You can customize the objects stored in the storage area according to the needs of the application .

object type

object type （ namely ObjectType） Used to define a collection of storage objects , Different object types correspond to different data structures . Every time you create an object type ,Cloud DB An object type corresponding to its structure will be instantiated in each storage area , Used to store corresponding data .

object

object （ namely CloudDBZoneObject） yes Cloud DB The basic operating unit of , Every object , Is a complete data record .

data type

Cloud DB Support multiple data types , Such as surface 1 Shown , Describes the various data types supported and their sorting instructions .

explain

because JavaScript Data type is not supported “Long”,Web SDK Support data types by introducing third-party open source components “Long” The ability of .“Long” For the usage of type, please refer to https://github.com/dcodeIO/long.js.

Rights management

Cloud DB It supports the authentication of all users' access , Ensure the security of application data . Cloud side access Cloud DB The default user role of is “ Administrators ” role , From AppGallery Connect Console 、 Cloud functions and Server End access Cloud DB Role , This role has all permissions by default . The end side is the application running end , The data operation on the end side is restricted by strict security rules , The data read / write permission is controlled according to the cloud side permission management table .

Cloud DB Support application development based on cache mode and local mode , In different modes , The authority management of data is also inconsistent .

• In cache mode , After the data synchronization channel is established on the end side and the cloud side , The end side will synchronize the permission management table on the cloud side to the end side , The end side will perform permission control on the data according to the permission management table .
• In local mode , The data operation on the end side is not affected by the permission management table on the cloud side , The end side has full operation authority for the data it contains .

explain

• In the cache mode, the following scenarios , The data operation authority of the end user is as follows ：

  • After the user installs the application , Before the end side application establishes a synchronization channel with the cloud side for the first time , The end user has no permission . After the end-side application obtains the permission management table from the cloud side , End user permissions are allocated according to the permission configuration table .
  • The end user is due to AppGallery Connect Failure of authentication information （ For example, the offline duration exceeds the effective time of the authentication information ） Or write off AppGallery Connect After certification , The role of the end user is defined by “ Authenticated user ” Turn into “ All the people ”, At this time, the end user has the same permissions as “ All the people ” The permissions of roles are consistent .

Cloud DB Defines everyone 、 Authenticated user 、 Data creators and administrators 4 Roles ,query、upsert（ Including addition and modification ） and delete 3 Species jurisdiction .

• All the people ： On behalf of all users , Including authenticated and non authenticated users . By default, this role has query jurisdiction , Not configurable upsert and delete jurisdiction .
• Authenticated user ： after AppGallery Connect Login authenticated user . By default, this role has query jurisdiction , Customizable configuration upsert and delete jurisdiction .
• Data creator ： Authenticated data creation user , Each data has its corresponding data creator （ That is, the application user ）, Each data creator can only upsert perhaps delete Create your own data , You can't upsert perhaps delete Data created by others . The information of the data creator is saved in the system table of the data record . This role has all permissions by default , All permissions can be customized .
• Administrators ： Application Developer , Mainly means through AppGallery Connect Console or FaaS（Function as a Service, Functions are services ） Side access Cloud DB Role . This role has all permissions by default , All permissions can be customized . Administrators can manage and configure permissions for other roles .

explain

• When developing end-to-side applications , If you want to use the relevant permissions of the authenticated user , Need to open AppGallery Connect Certification services .
• When the encryption field is set in the object type , Indicates that the whole process encryption function is enabled , here “ All the people ” and “ Authenticated user ” The character will not have query、upsert and delete jurisdiction , And modification is not allowed .
• Authenticated users include anonymous authentication and formal registration , It is recommended that you use the full encryption function , This function is only available to officially registered users , It is not recommended to open the whole process encryption function to anonymous users . Because when using this function , The user needs to enter a password ,Cloud DB Will use this password to derive key information , And save the ciphertext of key information and encrypted user data ciphertext on the cloud side , The key information will be bound to the user account , Only the user can obtain the key information and access his own encrypted data according to the password . The account number of an anonymous user changes dynamically after each login , That is, each login is a new user , Even if the key information is stored on the cloud side , The key information saved on the cloud side cannot be used for the next login .

For more information, see Document center