> which is already something most folks do for filtering views etc. If > there is no entry in _authorization database, the data accessible to > the extent that we have any Readers for database as it is now.
sorry typo - last bit should have read .. the data would be accessible to the extent that we have any Readers for database as it is now. To add to above, it might be good for the system to have a special entity named "ALL" where access to everyone is not implied by the absence of record in _authorization for the _type but could be made explicitly if desired.
