Row Level Security
From: Robert Lippmann <rlippman_at_ipe.com>
Date: 1996/02/01
Message-ID: <3111546F.1172_at_ipe.com>#1/1
Date: 1996/02/01
Message-ID: <3111546F.1172_at_ipe.com>#1/1
I'm trying to implement a simple row level user based security scheme using views. I have the following schema:
create table access_table (id number(9), granted_user varchar2(30));
create table base_table (id number (9), description varchar2(80));
create or replace view base_view
as select *
from base_table
where exists (select 'x'
from access_table where access_table.granted_user=user and access_table.id=base_table.id)with check option;
Thus, I can grant only the view to another user, and grant and revoke access on each row by simply inserting or deleting a row into access_table.
This works on Oracle (7.1.6) because there is no join in the where clause.
I was wondering if this behavior is standard across other databases, or am I exploiting functionality specific to Oracle.
Please e-mail replies.
Thanks in advance,
Rob
-- *****************************************************************************"The ones who love us best / Are the ones we'll lay to rest / And visit their graves on holidays at best. The ones who love us least / Are the ones we'll die to please / And if it's any consolation / I don't begin to understand." -- The Replacements Robert Lippmann Intelligent Interactions 201 N. Union Street, Suite 110 Alexandria VA, 22314 (703) 706-9500Received on Thu Feb 01 1996 - 00:00:00 CET