| Subject | Re: [firebird-support] Restrict updates to column |
|---|---|
| Author | André Knappstein, Controlling |
| Post date | 2011-06-09T12:15:52Z |
f> Is there something like a restrict command to restrict a user from
f> updating those columns (except in the case of cascades)?
I had the same problem years ago.
Cascades do run with the same user token as the usual update-SQL would, so GRANT was not helping me or I was simply not sharp enough :)
For those tables where I really need this restriction, I replaced cascades (ForeignKey-Constraints) by triggers, where only these triggers when fired would also pass a value for an extra field.
Next you just place a BU-Trigger on the table with the "write protected" field and check if a value for that extra field was passed on. If it was not, throw a custom exception.
These days, I am in the lucky situation that nobody accesses my databases with writing privileges but the applications that I wrote myself, and such things are easier to handle client-sided, at least for me.
f> ------------------------------------
f> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
f> Visit http://www.firebirdsql.org and click the Resources item
f> on the main (top) menu. Try Knowledgebase and FAQ links !
f> Also search the knowledgebases at http://www.ibphoenix.com
f> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
f> Yahoo! Groups Links
---
f> updating those columns (except in the case of cascades)?
I had the same problem years ago.
Cascades do run with the same user token as the usual update-SQL would, so GRANT was not helping me or I was simply not sharp enough :)
For those tables where I really need this restriction, I replaced cascades (ForeignKey-Constraints) by triggers, where only these triggers when fired would also pass a value for an extra field.
Next you just place a BU-Trigger on the table with the "write protected" field and check if a value for that extra field was passed on. If it was not, throw a custom exception.
These days, I am in the lucky situation that nobody accesses my databases with writing privileges but the applications that I wrote myself, and such things are easier to handle client-sided, at least for me.
f> ------------------------------------
f> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
f> Visit http://www.firebirdsql.org and click the Resources item
f> on the main (top) menu. Try Knowledgebase and FAQ links !
f> Also search the knowledgebases at http://www.ibphoenix.com
f> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
f> Yahoo! Groups Links
---