Pages: 1

#1 2016-07-04 08:08:25

ianxevcd
Member
Registered: 2016-07-04
Posts: 11

per row access

Hi all,

Does anybody have example of how to implement per row access to table data using this framework?

Alexander

Offline

#2 2016-07-04 08:19:16

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,655
Website

Re: per row access

What do you mean?

Did you check http://synopse.info/files/html/Synopse% … l#TITLE_71 ?

Offline

#3 2016-07-04 10:07:01

ianxevcd
Member
Registered: 2016-07-04
Posts: 11

Re: per row access

Sorry, it wasn't clear. I need to have row level security for users. For example, in your '26 - RESTful ORM' sample I'd like to add e.g. field Owner:

  TSQLNote = class(TSQLRecordWithModTimeAndMetaData)
  protected
    fIdent: RawUTF8;
    fKind: TSQLNoteKind;
    fParent: TSQLNote;
    fOwner: TSQLUser;
  published
    property Ident: RawUTF8 read fIdent write fIdent;
    property Kind: TSQLNoteKind read fKind write fKind;
    property Parent: TSQLNote read fParent write fParent;
    property Owner: TSQLUser read fOwner write fOwner;
  end;

and then show records that authenticated User own.  Should I add to TSQLNote my own function for such filtering or I should do something else? Thanks in advance for your help.

Alexander

Offline

#4 2016-07-04 10:13:50

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,655
Website

Re: per row access

Use CreateAndFillPrepare() with a 'Owner=?' where clause.

Offline

#5 2016-10-06 09:32:56

turrican
Member
From: Barcelona
Registered: 2015-06-05
Posts: 94
Website

Re: per row access

How did you resolve this problem. I have the same problem. I need a row level security, 'CreateAndFillPrepare() with a 'Owner=?' that is i'm doing, but if user knows the way to use the REST API via Javascript for instance he can list all table without limitation. How can I manage this?

Last edited by turrican (2016-10-06 09:33:24)

Offline

Pages: 1

Board footer

Powered by FluxBB