Re: Row-level security?
Date: Thu, 28 May 2009 16:05:20 GMT
>> I don't know if relational theory has a lot to say about permissions >> other than to provide the necessary machinery. What you want is a base >> table to which the user has no access, and a view of that table which is >> restricted to just the rows the user should be able to see. The user >> is then given permission to select only from the view.
> So basically you'd want to do a view for each client? Or, in general,
> a view for every table for every user where you want row-level access?
Theory says no. Some products might say otherwise, as Roy H hinted in the 'fly in the ointment' comment that you didn't quote. Those two questions have a connotation that is a very good clue that most products have failed to implement the RM by being far too restrictive and why most of the industry is hot-tied by spurious problems. Received on Thu May 28 2009 - 18:05:20 CEST