home *** CD-ROM | disk | FTP | other *** search
- Path: sparky!uunet!ukma!gatech!emory!swrinde!cs.utexas.edu!bcm!mparsons
- From: mparsons@fleming.csc.bcm.tmc.edu (Mark Parsons)
- Newsgroups: comp.databases.sybase
- Subject: Re: Restricting access to rows?
- Date: 28 Jan 1993 18:33:35 GMT
- Organization: Baylor College of Medicine, Houston, Tx
- Lines: 44
- Distribution: world
- Message-ID: <1k98tvINN8sl@gazette.bcm.tmc.edu>
- References: <SPENCER.93Jan27153337@guraldi.med.umich.edu>
- NNTP-Posting-Host: fleming.csc.bcm.tmc.edu
- Originator: mparsons@fleming.csc.bcm.tmc.edu
-
-
- In article <SPENCER.93Jan27153337@guraldi.med.umich.edu>, spencer@med.umich.edu (Spencer W. Thomas) writes:
- > I want to restrict access to a table according to the value of a
- > certain field, by user, according to a second "authorization" table.
- > I.e.,
- >
- > create table base (
- > category int, /* The field to restrict access by. */
- > data int
- > )
- >
- > create table auth (
- > uid smallint,
- > category int
- > )
- >
- > uid category
- > ---- --------
- > 2 1 User 2 can see categories 1&2
- > 2 2
- > 3 3 User 3 can only see category 3
- > 4 1 User 4 can see categories 1,2&3
- > 4 2
- > 4 3
-
- . . . . ideas on view creation deleted . . .
-
- Maybe I'm missing something but . .. . . why do you need or want views?
- Why not put the necessary code in your selects/updates/deletes? i.e.,
- write the appropriate joins?
-
- I've got several places in my application where I need to do this
- very same thing, i.e., limiting selects based on values in another
- table and the user's privileges. I just write the joins into my
- code.
-
- You should be able to just use this as is in your code:
-
- select * from base where category in
- (select category from auth where uid=user_id())
-
- Am I missing something?
-
- Mark
-
