Subject User security
Author Lars Mygh Andersen

A suggestion/question concerning a topic which has annoyed me for quite some
A simple scenario with a table: Assume that a group of users/roles, A, has
select-rights on all fields. Another group, B, has select-rights on a subset
of the fields. The standard solution requiring creating a view with the
sub-set of fields and granting select-rights to B, bothers me for one simple
reason: I need to keep track of the relation-ship between the table and the
view (or consequently views, in case of a group C etc).
To me it would make pretty much sense to be able to have select-rights at
the same level as update-rights, that is on table-level and/or on field
level. Doing this, one could simply omit the corresponding fields from
various SELECT's. Also when focusing on the end-product, it would seem ideal
if it was possible to 'translate' select-rights on a field level into
controlling the visibility of the corresponding DB-GUI-fields-controls.
Presently all one can do it to use update-rights on a field level to control
the read-only ability of the corresponding DB-GUI-fields-controls.
Any comments? Am I simply chasing a wild-goose?

While remaining etc.