Row-level security?

From: lawpoop <lawpoop_at_gmail.com>
Date: Thu, 28 May 2009 07:30:10 -0700 (PDT)
Message-ID: <91179759-9b52-48b6-8921-961578cc9f8b_at_l28g2000vba.googlegroups.com>

How does one implement row-level security?

For instance, say you have an internal database for billing. You have a table Clients, a child table Invoices related by client_id to Clients.id, and a child LineItems related to Invoices.id by LineItems.invoice_id. You want to create a web app so that your clients can log on and see the invoices you've sent them. Of course, you only want the clients to see *their own* invoices, and not anyone else's. One way to handle this is in code, so that queries constructed always have "WHERE client_id = x". But is there a way in relational theory to provide different permissions to rows? Received on Thu May 28 2009 - 16:30:10 CEST

This message: [ Message body ]
Next message: Roy Hann: "Re: Row-level security?"
Previous message: Walter Mitty: "Re: Natural keys vs Aritficial Keys"
Next in thread: Roy Hann: "Re: Row-level security?"
Reply: Roy Hann: "Re: Row-level security?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message