Re: Row-level security?
From: Bob Badour <bbadour_at_pei.sympatico.ca>
Date: Fri, 29 May 2009 16:27:10 -0300
Message-ID: <4a20370e$0$23765$9a566e8b_at_news.aliant.net>
>
> So, USER() returns something like username_at_hostname.com.
>
> What one would need to do, then, is create a table of user permissions
> that has a column of the MySQL username and the client_id, or whatever
> column you would want to use in restricting on the query. Then create
> a view that in some place references a join to that table, and puts
> WHERE username = USER() or whatever in the view's where clause.
>
> Correct?
Date: Fri, 29 May 2009 16:27:10 -0300
Message-ID: <4a20370e$0$23765$9a566e8b_at_news.aliant.net>
lawpoop wrote:
> On May 28, 7:58 pm, Bob Badour <bbad..._at_pei.sympatico.ca> wrote:
>
>>lawpoop wrote: >> >>>On May 28, 4:00 pm, lawpoop <lawp..._at_gmail.com> wrote: >> >>>>I don't think it does. The manual says that, for creating views, "The >>>>SELECT statement cannot refer to system or user variables. "http://dev.mysql.com/doc/refman/5.0/en/create-view.html >> >>>I just tried it, and I got the error, "View's SELECT contains a >>>variable or parameter" >> >>Without seeing the exact query, it's hard to say what's wrong. >> >>One can create views that reference the user() function in mysql 5.0
>
> So, USER() returns something like username_at_hostname.com.
>
> What one would need to do, then, is create a table of user permissions
> that has a column of the MySQL username and the client_id, or whatever
> column you would want to use in restricting on the query. Then create
> a view that in some place references a join to that table, and puts
> WHERE username = USER() or whatever in the view's where clause.
>
> Correct?
This assumes you connect to the dbms with a different user name for each client. Do you do that? Received on Fri May 29 2009 - 21:27:10 CEST