hi people,
I wanted to implement fine grain authorization.
Which part of backend i should work on ?
to get the idea of VPD(virtual private database /FGA)
there are 2 table nurse and patient;
both of them have attribute floor , which tells about which floor these
nurses work and patients lay.
So if a nurse gives query select * from patient; She should see only
those patients who are on the same floor as hers.
so
select * from patient;
|
|
V
select * from patient where floor in (select floor from nurse
where name=USER);
yes, i want to execute upper query and want result of lower query.
how do is do it?
If we can consider 'patient' as view which store 'select * from where
floor in ......name=USER) then problem is solved.
But new problem is WE CAN NOT CREATE VIEW FOR EVERY TABLE...
SO how do i do it?
SOS
--
```````````o__````````````
``````````_.>/ _``````````
_________(_)_\(_)___________
Life is like riding a bicycle. To keep your balance you must keep moving
--Albert Einstein
__________________________________________________________________________
Yogesh Ashok Powar
http://www.cse.iitb.ac.in/~yogesh
9869922761
_________________________________________________________________________