Em 4/4/2013 22:53, Doug Chamberlin escreveu: > So forget the previous discussion for a moment. Especially any parts > about the best ways to implement replication and SELECT * problems. > > Without getting into the details of the use case, essentially the OP > asked for a way to suppress the presence of selected fields in tables. > Seems to me the leading solution would be to extend SQL compliance for > permissions on fields to the SELECT statement such that users would > not be able to SELECT fields for which they did not have permission. > If that was the specific proposal, would you all say "the feature > should not be implemented"? >
I agree that the original question could (and should) be solved by the appplication,.. but taking into consideration your point of view: Once uppon a time ago I used a database called ZIM, if a user is not allowed to "see" the value of a field it returns blank, blank in this case is no value, not an empty string, not a 0 value, not a NULL state, but simply empty, no value at all I don't know the SQL standard, but I think there is no concept of a "empty" value, maybe NULL should be the equivalent... I don't think trowing an error is the best, the select could be performed but no value returned for that column. The engine should provide mechanisms to treat it as a whole like select * from MyTable where MyForbidenField > 0 returns an empty result set, since the user has no privileges to access that field value This way there is no path to guess values by try and error select Name from Employees where Salary > 10000; select Name from Employees where Salary > 11000; and so on.. no way to do a manual binary search just my R$0,02 see you ! ------------------------------------------------------------------------------ Minimize network downtime and maximize team effectiveness. Reduce network management and security costs.Learn how to hire the most talented Cisco Certified professionals. Visit the Employer Resources Portal http://www.cisco.com/web/learning/employer_resources/index.html Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
