Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

rbac and row level permissions

Posted on 2009-05-06
1
Medium Priority
?
965 Views
Last Modified: 2012-05-06
Hi Experts,
I have been much reading on rbac. A typical rbac sql database schema is described to have...
Users -> Roles -> Permissions structure that act on objects (ie. tables) in a database. This I am fine with (I think)

My question is about permissions given to each row in a resource like tblNews table in order to protect it. So from a Users perspective...

Users Permission = I can edit each row in the tblNews table where the assigned editors of any row are USERTYPE_X

and from the tblNews perspective...

tblNews Permission = This rows editors are USERTYPE_X and USERTYPE_Y

i.e. the data in any one row of a resource is itself protected by a combination of PermissionType (CAN_EDIT_NEWS) and UserType (Club Secretary).

So, rather than a table get protected, it is each row that gets protected.

I hope this makes sense and if you know where I am trying to get to I will appreciate any thoughts and feedback.
0
Comment
Question by:MonCapitan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 31

Accepted Solution

by:
RiteshShah earned 750 total points
ID: 24321942
there is no direct facility for row level permission. however, you can do it manually, like create few groups for permission, assign every user to one or more group, when you insert the row, create one mapping table that will have rowid and permitted group ID. when you execute SELECT, you have to query only those row number which are listed in mapping table for the group who is looking for row.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

What if you have to shut down the entire Citrix infrastructure for hardware maintenance, software upgrades or "the unknown"? I developed this plan for "the unknown" and hope that it helps you as well. This article explains how to properly shut down …
It is possible to export the data of a SQL Table in SSMS and generate INSERT statements. It's neatly tucked away in the generate scripts option of a database.
Using examples as well as descriptions, and references to Books Online, show the documentation available for date manipulation functions and by using a select few of these functions, show how date based data can be manipulated with these functions.
Via a live example, show how to extract insert data into a SQL Server database table using the Import/Export option and Bulk Insert.

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question