Re: Row-level security?

From: lawpoop <lawpoop_at_gmail.com>
Date: Fri, 29 May 2009 11:29:29 -0700 (PDT)
Message-ID: <b59a77f0-457f-48c1-9ff1-0011fb68fd7f_at_n21g2000vba.googlegroups.com>

On May 28, 7:58�pm, Bob Badour <bbad..._at_pei.sympatico.ca> wrote:
> lawpoop wrote:
> > On May 28, 4:00 pm, lawpoop <lawp..._at_gmail.com> wrote:
>
> >>I don't think it does. The manual says that, for creating views, "The
> >>SELECT statement cannot refer to system or user variables. "http://dev.mysql.com/doc/refman/5.0/en/create-view.html
>
> > I just tried it, and I got the error, "View's SELECT contains a
> > variable or parameter"
>
> Without seeing the exact query, it's hard to say what's wrong.
>
> One can create views that reference the user() function in mysql 5.0

So, USER() returns something like username_at_hostname.com.

What one would need to do, then, is create a table of user permissions that has a column of the MySQL username and the client_id, or whatever column you would want to use in restricting on the query. Then create a view that in some place references a join to that table, and puts WHERE username = USER() or whatever in the view's where clause.

Correct? Received on Fri May 29 2009 - 20:29:29 CEST

This message: [ Message body ]
Next message: David BL: "Re: Natural keys vs Aritficial Keys"
Previous message: Walter Mitty: "Re: A silly analogy"
Maybe in reply to: lawpoop: "Row-level security?"
In reply to Bob Badour: "Re: Row-level security?"
Next in thread: Bob Badour: "Re: Row-level security?"
Reply: Bob Badour: "Re: Row-level security?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message