Re: implement BLP model on Postgresql db

Поиск
Список
Период
Сортировка
От Scott Ribe
Тема Re: implement BLP model on Postgresql db
Дата
Msg-id 418F58E7-A0B5-4F37-A5BB-8E2D0E3B4CBE@elevated-dev.com
обсуждение исходный текст
Ответ на Re: implement BLP model on Postgresql db  ("Pourghorban.S" <aras_h1988@yahoo.com>)
Ответы Re: implement BLP model on Postgresql db
Список pgsql-admin
Дерево обсуждения 
On Nov 21, 2010, at 1:41 AM, Pourghorban.S wrote:

> yes I know the method for implement, but I do  not know where I should implement necessary changes ....
> I know that I should add a additional column in my data base tables that show the level of access of each row.
> these level types is finite.
> and by the way I should add to a sql command which user issues, the condition that it checks whether he / she can
access/ gain the row he/ she want or not.  
> But I don't know these two steps how and where I should implement.

Now at least you're giving us questions of "how do I do this in a database", rather than asking about how to write a
thesison a subject very few (if any) of us know about. That's progress ;-) 

So you want to add a column to a table:

<http://www.postgresql.org/docs/9.0/static/sql-altertable.html>

You might want to create an enum type for the access level and use that as the column type:

<http://www.postgresql.org/docs/9.0/static/sql-createtype.html>

How the command should work is rather vague, you might want to create a stored function to evaluate access:

<http://www.postgresql.org/docs/9.0/static/sql-createfunction.html>
<http://www.postgresql.org/docs/9.0/static/plpgsql.html>

But that would depend on some enforcement in an application or middleware. A function that just checks access is not
enough,you have to enforce it. And that is a more substantial project. You might be able to use rules. You might want
touse view whose statements use current_user(). 

<http://www.postgresql.org/docs/9.0/static/sql-createrule.html>
<http://www.postgresql.org/docs/9.0/static/sql-createview.html>
<http://www.postgresql.org/docs/9.0/static/functions-info.html>

If you have a lot of pre-existing tables to which the access info must be added, you might want to use dynamic sql to
automateadding that column. 

But, given that "I should add a additional column in my data base tables that show the level of access of each row"
seemedto be giving you trouble, you might want to first read an introductory book on SQL. 

--
Scott Ribe
scott_ribe@elevated-dev.com
http://www.elevated-dev.com/
(303) 722-0567 voice

В списке pgsql-admin по дате отправления:

Предыдущее
От: bakkiya raj
Дата:
Сообщение: ERROR: could not open relation with OID
Следующее
От: "Kevin Grittner"
Дата:
Сообщение: Re: implement BLP model on Postgresql db