Re: Row-level security?

From: Bob Badour <bbadour_at_pei.sympatico.ca>
Date: Thu, 28 May 2009 17:42:29 -0300
Message-ID: <4a1ef727$0$23782$9a566e8b_at_news.aliant.net>

lawpoop wrote:

> How does one implement row-level security?
>
> For instance, say you have an internal database for billing. You have
> a table Clients, a child table Invoices related by client_id to
> Clients.id, and a child LineItems related to Invoices.id by
> LineItems.invoice_id. You want to create a web app so that your
> clients can log on and see the invoices you've sent them. Of course,
> you only want the clients to see *their own* invoices, and not anyone
> else's. One way to handle this is in code, so that queries constructed
> always have "WHERE client_id = x". But is there a way in relational
> theory to provide different permissions to rows?

Yes, using views. Received on Thu May 28 2009 - 22:42:29 CEST

This message: [ Message body ]
Next message: Roy Hann: "Re: Row-level security?"
Previous message: Roy Hann: "Re: Row-level security?"
In reply to: lawpoop: "Row-level security?"
In reply to paul c: "Re: Row-level security?"
Next in thread: lawpoop: "Re: Row-level security?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message