<div>
Regarding Oracle database, the feature is called "Virtual Private Database (VDP)"<br>Further information can be found here: <a href="https://www.oracle.com/database/technologies/virtual-private-db.html" rel="ugc">https://www.oracle.com/database/technologies/virtual-private-db.html</a>&nbsp;
</div>


Regarding Oracle database, the feature is called "Virtual Private Database (VDP)"
Further information can be found here: https://www.oracle.com/database/technologies/virtual-private-db.html [https://www.oracle.com/database/technologies/virtual-private-db.html] 

programmer-analyst

Helena Marková

<div>
<div class="content wysiwyg-content">
I need to implement an solution that implements a search against a table where each record can have a different ACL on it. &nbsp;By this I mean the typical definition of an ACL, which is a list of users/groups each of which has a permission level (without the ACL).<br />
<br />
The most critical need is to apply this during search where we need to limit visibility of records in search results to users/groups in the ACL that have at least visibility permissions. &nbsp;We can have something complex during use of the record (modifications, etc.), but search is problematic.<br />
<br />
Is there an approach to this that is commonly used? &nbsp;I have to avoid DB product specific functionality if possible, but understand that's probably not possible.<br />
<br />
The initial use would be for a MongoDB application, so the connections to the DB would be with a single account. &nbsp;We would know the user's though through login and tokens. &nbsp;MongoDB is the priority at this time though.
</div>
</div>


I need to implement an solution that implements a search against a table where each record can have a different ACL on it.  By this I mean the typical definition of an ACL, which is a list of users/groups each of which has a permission level (without the ACL).

The most critical need is to apply this during search where we need to limit visibility of records in search results to users/groups in the ACL that have at least visibility permissions.  We can have something complex during use of the record (modifications, etc.), but search is problematic.

Is there an approach to this that is commonly used?  I have to avoid DB product specific functionality if possible, but understand that's probably not possible.

The initial use would be for a MongoDB application, so the connections to the DB would be with a single account.  We would know the user's though through login and tokens.  MongoDB is the priority at this time though.

ACL limiting/filtering DB search results on a record-by-record basis

Microsoft SQL Server is a suite of relational database management system (RDBMS) products providing multi-user database access functionality.SQL Server is available in multiple versions, typically identified by release year, and versions are subdivided into editions to distinguish between product functionality. Component services include integration (SSIS), reporting (SSRS), analysis (SSAS), data quality, master data, T-SQL and performance tuning.

Microsoft SQL Server

Oracle is an object-relational database management system. It supports a large number of languages and application development frameworks. Its primary languages are SQL, PL/SQL and Java, but it also includes support for C and C++. Oracle also has its own enterprise modules and application server software.

Oracle Database

MongoDB (from humongous) is a free and open-source cross-platform document-oriented database program. Classified as a NoSQL database program, MongoDB uses JSON-like documents with schemas. MongoDB is developed by MongoDB Inc. and is free and open-source, published under a combination of the GNU Affero General Public License and the Apache License.

MongoDB

Apache™ Hadoop® is an  open-source framework that allows large data sets to be processed and distributed across commodity cluster computers.

Hadoop

Databases are organized collections of data, most commonly accessed through management systems including schemas, tables, queries and processes that allow users to enter and manipulate the information or utilize it in other fashions, such as with web applications or for reporting purposes.

Databases

A NoSQL database provides a mechanism for storage and retrieval of data which is modeled in means other than the tabular relations used in relational databases. Motivations for this approach include: simplicity of design, simpler "horizontal" scaling to clusters of machines and finer control over availability. The data structures used by NoSQL databases (e.g. key-value, wide column, graph, or document) are specified from those used by default in relational databases, making some operations faster in NoSQL. Sometimes the data structures used by NoSQL databases are also viewed as "more flexible" than relational database tables.