Re: Row-level security?
Date: Thu, 28 May 2009 17:42:29 -0300
> How does one implement row-level security?
> For instance, say you have an internal database for billing. You have
> a table Clients, a child table Invoices related by client_id to
> Clients.id, and a child LineItems related to Invoices.id by
> LineItems.invoice_id. You want to create a web app so that your
> clients can log on and see the invoices you've sent them. Of course,
> you only want the clients to see *their own* invoices, and not anyone
> else's. One way to handle this is in code, so that queries constructed
> always have "WHERE client_id = x". But is there a way in relational
> theory to provide different permissions to rows?
Yes, using views. Received on Thu May 28 2009 - 22:42:29 CEST