Row-level security?
From: lawpoop <lawpoop_at_gmail.com>
Date: Thu, 28 May 2009 07:30:10 -0700 (PDT)
Message-ID: <91179759-9b52-48b6-8921-961578cc9f8b_at_l28g2000vba.googlegroups.com>
How does one implement row-level security?
Date: Thu, 28 May 2009 07:30:10 -0700 (PDT)
Message-ID: <91179759-9b52-48b6-8921-961578cc9f8b_at_l28g2000vba.googlegroups.com>
How does one implement row-level security?
For instance, say you have an internal database for billing. You have a table Clients, a child table Invoices related by client_id to Clients.id, and a child LineItems related to Invoices.id by LineItems.invoice_id. You want to create a web app so that your clients can log on and see the invoices you've sent them. Of course, you only want the clients to see *their own* invoices, and not anyone else's. One way to handle this is in code, so that queries constructed always have "WHERE client_id = x". But is there a way in relational theory to provide different permissions to rows?
Received on Thu May 28 2009 - 16:30:10 CEST