I've been trying to consider how Row Level Security could be implemented with the Entity Framework. The idea is to have a database agnostic means that would offer methods to restrict the rows coming from the ObjectContext. Some of my inital ideas have involved modifying the partial classes created by the EDMGEN tool and that has offere...
Hi all, I believe this is more a question about best practices and design than anything else. I tried searching for similar queries regarding this but couldn’t find any. I actually found the Row Level Security with Entity Framework but I believe the context here is a bit different. I will try to explain my scenario first: I have a .ne...
I use the Oracle VPD facility(aka RLS, aka FGAC). Suppose that i use the predicate '(WHERE) id = 'XXXX'' on TableA and then i use the predicate '(WHERE) col in (SELECT col From TableA)' on TableB. Will TableA be filtered or not? Filtering is done only outside of predicate definitions, when you query the tables?. Will i need to make pr...
Task Retrofit an existing application to use a multi-tenant approach. It shall be possible to create tenants and each user's session should reference exactly one active tenant. Each tenant should only be able to see and update his partition of the database schema. Approach Create an Oracle application context that contains the tenan...
Hi, does anybody knows about Java/C# database independent authorization library. This library should support read, write, delete, insert actions across company organizational structure. Something like this: - user can see all documents - user can enter new document assigned to his unit - user can change all documents assig...
If i have a table and a defined policy on it then do I need to redefine the policy if I drop and recreate the table or alter it, provided that the alteration or the recreation of the table does not alter elements that the function needs to see? ...
I'm looking for tips in debugging some of my row-level security predicates in an Oracle database. These predicates use a few concepts to determine whether the current user can see a record: current user's Oracle username current user's assigned Oracle roles current user's affiliation with a record in one or more tables I'm having tr...
I'm struggling with the following problem. I want to restrict access to a table using Oracle VPD. In the where clause that the select policy function returns I need a reference to the table in a subquery as follows: select * from Table t1 where not exists (select 1 from Table t2 where t2.name=t1.name and t2.date=t1.date) (The example ...