| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Re: Fine Grained Access Control
Thank you for your idea!
Initially I would like to have one function for several tables, but the
drawback with table specific functions is not critical. This solves the
problem easiliy, i.e. I change T to the table name.
Ovind
"Jonathan Lewis" <jonathan_at_jlcomp.demon.co.uk> wrote in message
news:972072400.5954.0.nnrp-02.9e984b29_at_news.demon.co.uk...
>
> Can you clarify this.
> Are you trying to create a function which generates
> the string:
>
> T.ID IN
> ( SELECT P.ID
> FROM PRIVILEGIES P
> WHERE P.READ_OWN = 'Y' )
> AND
> CODE IN
> ( SELECT M.CODE
> FROM MAPPING M,
> PRIVILEGIES P
> WHERE M.CODE = P.CODE
> AND T.ID = P.ID );
>
> so that you can attach it to just about
> any table, or to just one specific table ?
>
>
>
> --
>
> Jonathan Lewis
> Yet another Oracle-related web site: http://www.jlcomp.demon.co.uk
>
> ovind osengen wrote in message <8snaor$dmc$1_at_oslo-nntp.eunet.no>...
> >I am designing a security mechanism with the fine grained access control.
> >The filter should basically look like:
> >
> >SELECT T.ID, T.CODE, T.NAME
> >FROM TABLE T
> >WHERE T.ID IN
> > ( SELECT P.ID
> > FROM PRIVILEGIES P
> > WHERE P.READ_OWN = 'Y' )
> >AND
> > CODE IN
> > ( SELECT M.CODE
> > FROM MAPPING M,
> > PRIVILEGIES P
> > WHERE M.CODE = P.CODE
> > AND T.ID = P.ID );
> >
> >However the security policy function only returns the predicate, but this
> >cause T.ID in the 3rd select statement to be undefined. How can this be
done
> >better?
> >
> >
> >Best Regards
> >Ovind
> >
> >oeo_at_rocketmail.com
> >
> >
> >
>
>
Received on Mon Oct 23 2000 - 05:37:49 CDT
 |
 |