On Wed, May 07, 2008 at 08:38:18AM -0400, Garrett Goebel wrote: <snip> > > Also important is how to allow people to limit which sets of tuples and > relationships are publically accessible. For production work the default > should probably require the REST interfaces to be explicitly published. > Otherwise, with any set of tables with more than a handful of records, > it will be fairly simple to bring the database to its knees with a URL > that performs multiple joins on a large set of records. As a compromise, > you might allow primary key candidates (keys which match exactly one > record) and "have one" relationships to be public by default, but not > "have many" or "many to many" relationships.
or ask the database how long the query will take and then limit on that? Regards, Paddy _______________________________________________ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
