Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Row level access control

Status
Not open for further replies.
RajD

RajD

Technical User
Aug 23, 2001
53
US
Hi guys,

Is there a way in sybase I can limit access to rows in certain/all tables based on the login-id?

I believe there is a way in Oracle( I just heard. Never used Oracle) something called context which can be used to satisfy this.

Well, the requirement is:
We are managing a database for almost 3 years for a client's business/data as a third-party vendor. Now the client split in two major groups and wants to restrict access to its employees. Group A should have access to Group-A data and Group-B only to Group-B. But at the same time the corporate users wants to have access to both the groups(as it used to be so far).

Currently we are working with Sybase 11.9.2 and possibly go for ASE 12.0. Very difficult to go for ASE 12.5.x.

Partitioning the database in two or more databases and redesining the application is certainly one way of doing it.

Is there a way we can do it at the back-end without creating ripples on the front-end(or may be with minimal changes)

Any help would be appreciated, and ask me if you need to know more specific facts.

thanks,

Raj
RajD
 
Sort by date Sort by votes
Raj,

Just a quick respose

Option 1)Create views based on these tables. Say two views for each group based upon selection criteria. You then create two groups in the database and assign login to each group based upon their business need and then grant permission on the views to each group. The drawback is that you have to modify the application to access views as opposed to tables.

Option 2) create two additional databases plus the main one as it stands. In each new database create view based uopon the table in the main database with the same name as the table name in the main database. Group A will always access database A and group B will access database B. Power users will access the main database tables directly. In either case some work is involved. I prefer option 2 because it allows you to drop and recreate views easily. If I come across other ideas will let you know.

If you have any question come back,

good luck,

Mich
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

cbsm
  • Locked
  • Question
select rows that are not locked
Replies
0
Views
127
cbsm
cbsm
paraglidersd
  • Locked
  • Question
Getting first row
Replies
5
Views
178
level2programmer
level2programmer
maddyforums
  • Locked
  • Question
Concatenation of multiple rows into a single row (sybase)
Replies
5
Views
206
PDreyer
PDreyer
mireles10
  • Locked
  • Question
DELETE SEVERAL ROWS
Replies
2
Views
80
PDreyer
PDreyer
butterfm
  • Locked
  • Question
row level locking
Replies
1
Views
44
DotNetGnat
DotNetGnat

Part and Inventory Search

Sponsor

Back
Top