Re: Row-level security?
From: paul c <toledobythesea_at_oohay.ac>
Date: Thu, 28 May 2009 16:05:20 GMT
Message-ID: <4DyTl.28365$Db2.12094_at_edtnps83>
>
> So basically you'd want to do a view for each client? Or, in general,
> a view for every table for every user where you want row-level access?
>
Date: Thu, 28 May 2009 16:05:20 GMT
Message-ID: <4DyTl.28365$Db2.12094_at_edtnps83>
lawpoop wrote:
> On May 28, 10:48 am, Roy Hann <specia..._at_processed.almost.meat> wrote:
>
>> I don't know if relational theory has a lot to say about permissions >> other than to provide the necessary machinery. What you want is a base >> table to which the user has no access, and a view of that table which is >> restricted to just the rows the user should be able to see. The user >> is then given permission to select only from the view.
>
> So basically you'd want to do a view for each client? Or, in general,
> a view for every table for every user where you want row-level access?
>
Theory says no. Some products might say otherwise, as Roy H hinted in the 'fly in the ointment' comment that you didn't quote. Those two questions have a connotation that is a very good clue that most products have failed to implement the RM by being far too restrictive and why most of the industry is hot-tied by spurious problems. Received on Thu May 28 2009 - 18:05:20 CEST