Bruno Wolff III wrote:
> On Wed, Mar 31, 2004 at 12:30:58 -0500,
> John DeSoi <jd@icx.net> wrote:
>
>>I want to have multiple groups A, B, C where each group could only see
>>a subset of a table (any number of groups would be possible). If a user
>>is a member of groups A and B then the rows they can see should be the
>>union of what A and B can see. Ideally I could just write a SELECT rule
>>for a table or view that would somehow intersect the result rows of the
>>query with the result of the security function (I think Oracle has
>>something like this). So is it possible to write independent "access"
>>functions for each group and have them be dynamically combined based on
>>the group membership of the user? I want to do this at the database
>>level so the security can be enforced for any application or report
>>generator that is allowed to connect.
In Oracle, what you are referring to is Row Level Security, or VPD, or
whatever their marketing dept. is calling it this week.