Hi all,
i was wondering if its possible to do something with permissions in MySQL so
that a user can only see a restricted set of data in all the tables?
For example, if I have 10+ tables with data for several teams - how can i
make it so that a particular team can only see data relating to them? is
this maybe something that can be achieved with a UDF ?
Kind regards
T
toffee wrote:
> Hi all,
>
> i was wondering if its possible to do something with permissions in MySQL so
> that a user can only see a restricted set of data in all the tables?
>
> For example, if I have 10+ tables with data for several teams - how can i
> make it so that a particular team can only see data relating to them? is
> this maybe something that can be achieved with a UDF ?
>
> Kind regards
>
> T
>
>
You can use a view. But you need MySQL 5.0 or later.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================
On Sat, 14 Oct 2006 04:59:21 +0100, "toffee"
wrote:
>i was wondering if its possible to do something with permissions in MySQL so
>that a user can only see a restricted set of data in all the tables?
Rescheme your data so that there is a different (set of) table/s for
each user.
Add a different MySql user for each user.
Allocate MySql table per user table permissions.
PHP script to change user/table name/s used for each logged-in user.
--
Locate your Mobile phone:
Great gifts:
David Quinton wrote:
> On Sat, 14 Oct 2006 04:59:21 +0100, "toffee"
> wrote:
>
> > i was wondering if its possible to do something with permissions in =
MySQL so
> > that a user can only see a restricted set of data in all the tables?
>
> Rescheme your data so that there is a different (set of) table/s for
> each user.
>
> Add a different MySql user for each user.
> Allocate MySql table per user table permissions.
> PHP script to change user/table name/s used for each logged-in user.
In my opinion, that is a lazy (and complicated) method of doing security. =
There is too
much duplication, and the resulting database schema would be illogical.Not =
to mention
the fact that a schema change in one of these 'duplicated' tables would =
require applying
the schema change multiple times.
Also, your solution does not provide an elegant method of hierachical =
security
(operators, supervisors, managers, etc).
--
On Mon, 16 Oct 2006 08:37:29 +0000 (UTC), "Murdoc"
>In my opinion, that is a lazy (and complicated) method of doing security. There is too
>much duplication, and the resulting database schema would be illogical.
I agree with you. Apologies.
--
Locate your Mobile phone:
Great gifts:
Isn't the data for the tables are already linked to teams?
If correct, then you won't need to modify any schema.
You'll just need to modify it's presentation, by triggering the php
scripts to align the logged in user to the team(s) he/she has access
to.
You may need to add a new table that links users to teams (if not
existing already).
correct; but i have groups with 4 sub groups so there are 5 possible columns
for the lookup - at present i have a case switch but thought they might be
some built in features in mysql for that purpose.
Views have been suggested - which am looking into
"Tito"
news:1161137240.231521.267840@h48g2000cwc.googlegroups.com.. .
> Isn't the data for the tables are already linked to teams?
>
> If correct, then you won't need to modify any schema.
> You'll just need to modify it's presentation, by triggering the php
> scripts to align the logged in user to the team(s) he/she has access
> to.
>
> You may need to add a new table that links users to teams (if not
> existing already).
>