?
Solved

rbac and row level permissions

Posted on 2009-05-06
1
Medium Priority
?
955 Views
Last Modified: 2012-05-06
Hi Experts,
I have been much reading on rbac. A typical rbac sql database schema is described to have...
Users -> Roles -> Permissions structure that act on objects (ie. tables) in a database. This I am fine with (I think)

My question is about permissions given to each row in a resource like tblNews table in order to protect it. So from a Users perspective...

Users Permission = I can edit each row in the tblNews table where the assigned editors of any row are USERTYPE_X

and from the tblNews perspective...

tblNews Permission = This rows editors are USERTYPE_X and USERTYPE_Y

i.e. the data in any one row of a resource is itself protected by a combination of PermissionType (CAN_EDIT_NEWS) and UserType (Club Secretary).

So, rather than a table get protected, it is each row that gets protected.

I hope this makes sense and if you know where I am trying to get to I will appreciate any thoughts and feedback.
0
Comment
Question by:MonCapitan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 31

Accepted Solution

by:
RiteshShah earned 750 total points
ID: 24321942
there is no direct facility for row level permission. however, you can do it manually, like create few groups for permission, assign every user to one or more group, when you insert the row, create one mapping table that will have rowid and permitted group ID. when you execute SELECT, you have to query only those row number which are listed in mapping table for the group who is looking for row.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this blog post, we’ll look at how ClickHouse performs in a general analytical workload using the star schema benchmark test.
Backups and Disaster RecoveryIn this post, we’ll look at strategies for backups and disaster recovery.
Using examples as well as descriptions, and references to Books Online, show the documentation available for datatypes, explain the available data types and show how data can be passed into and out of variables.
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question