Jorge Godoy schrieb: >>If someone is interested, I am willing to share the code. > > I am. :-) You can use TG's wiki to share content like this.
I've putted it on the sqlobjects wiki, since it belongs/depends more to SO. http://wiki.sqlobject.org/rowlevelsecurity.html > > I see. And it should be easily adaptable to something like auto-filtering by > customer_id, project_id, etc., right? I believe that both use cases are very > similar... A customer_id or project_id would be a access group, like in Unix. > > So it's a cascade: > > - TG's permissions apply first to allow acessing classes / methods > - row level ACLs are applied to allow retrieving that row exactly. > Will you implement INSERT / UPDATE / DELETE? From the above I am supposing > you just have it for SELECTs... Well, I do always a select before an update and delete in SO. You have to specify in the select if you want write access rights (like in opening a file on unix). So there is basic protection. But you are correct this is not Fort Knox .. yet :-) > Those would be cool to have and might make adjusting permissions easier... Patches are welcome :-) -- Greg --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/turbogears -~----------~----~----~----~------~----~------~--~---
