Hello! On Mon, Oct 30, 2006 at 07:46:00AM +0100, Gregor Horvath wrote: > Say you have a web application where each user/member can only edit its > own content but read all other's content. > > I have the need for such a row level security in my current project, so > I implemented a thin layer above sqlobject. (There is no change in > SQLObject itself) > > If someone is interested, I am willing to share the code. > > It's implemented like the Unix access file rights. > Each database row has an owner and a group and read/write access rights > for the owner/group/others. > > If you don't have the proper rights, selects don't return the row (like > in Oracles row level security). > > I've implemented a AcSQLObject class which overrides select and selectBy > and adds the necessary where clauses to the db query. (again like > Oracles row level security) > > If a turbogears identity is present the user and groups information is > taken from there, if not the information is required in the select's > call. But there is no integration with TG's permissions. > > It's not complete but a beginning and enough for my current project.
I think code like this fits very well into a wiki. We now have a wiki at http://wiki.sqlobject.org and there is an experimental Trac environment at http://sqlobject.gcu.info/trac Please contribute. Thank you! Oleg. -- Oleg Broytmann http://phd.pp.ru/ [EMAIL PROTECTED] Programmers don't die, they just GOSUB without RETURN. ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ sqlobject-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/sqlobject-discuss
