We help IT Professionals succeed at work.

rbac and row level permissions

1,027 Views
Last Modified: 2012-05-06
Hi Experts,
I have been much reading on rbac. A typical rbac sql database schema is described to have...
Users -> Roles -> Permissions structure that act on objects (ie. tables) in a database. This I am fine with (I think)

My question is about permissions given to each row in a resource like tblNews table in order to protect it. So from a Users perspective...

Users Permission = I can edit each row in the tblNews table where the assigned editors of any row are USERTYPE_X

and from the tblNews perspective...

tblNews Permission = This rows editors are USERTYPE_X and USERTYPE_Y

i.e. the data in any one row of a resource is itself protected by a combination of PermissionType (CAN_EDIT_NEWS) and UserType (Club Secretary).

So, rather than a table get protected, it is each row that gets protected.

I hope this makes sense and if you know where I am trying to get to I will appreciate any thoughts and feedback.
Comment
Watch Question

This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.