Hi there,
I am writing a VB.NET 2005 application that connects to an MySQL DB
(it could be MS SQL, one day...). One of the window forms contains a
gridview with some rows coming from a table on the DB, basically,
phisical addresses of contacts. I would like to implement a system to
grant/deny read/write permissions on specific rows, so that if the
user, after the log in, has got the necessay privileges he actually
can see/modify some rows, if he hasn't the rows will not even be shown
to him.
I can't think of an easy way to implement that, considering also that
I would like to set persmissions also at group (of users) level.
Any idea would be appreciated.
Regards,
D.
4  2304 
On Apr 23, 3:14 am, nokia33948 <nokia33...@yah oo.itwrote:
Hi there,
I am writing a VB.NET 2005 application that connects to an MySQL DB
(it could be MS SQL, one day...). One of the window forms contains a
gridview with some rows coming from a table on the DB, basically,
phisical addresses of contacts. I would like to implement a system to
grant/deny read/write permissions on specific rows, so that if the
user, after the log in, has got the necessay privileges he actually
can see/modify some rows, if he hasn't the rows will not even be shown
to him.
I can't think of an easy way to implement that, considering also that
I would like to set persmissions also at group (of users) level.
Any idea would be appreciated.
Regards,
D.
I don't know very much about MySql, but if I were using Sql Server, I
would create a View that selected just the rows needed and then set
permissions on the view as appropriate and then deny permissions on
the table itself. The queries would all query the view. I don't know
if MySql supports views or not, but that is the easiest way I know to
do it.
Chris
On 23 Apr, 18:01, Chris Dunaway <dunaw...@gmail .comwrote:
I don't know very much about MySql, but if I were using Sql Server, I
would create a View that selected just the rows needed and then set
permissions on the view as appropriate and then deny permissions on
the table itself. *The queries would all query the view. *I don't know
if MySql supports views or not, but that is the easiest way I know to
do it.
Chris-
Hi Chris,
thank you for your interested: mySQL supports views, almost the same
way as SQL Server; but how could I tell the system that user A can see
row 1 and 3, user B can see all the rows (1,2,3), user C cannot see
any?
Regards,
D.
On Apr 23, 11:41 am, nokia33948 <nokia33...@yah oo.itwrote:
On 23 Apr, 18:01, Chris Dunaway <dunaw...@gmail .comwrote:
I don't know very much about MySql, but if I were using Sql Server, I
would create a View that selected just the rows needed and then set
permissions on the view as appropriate and then deny permissions on
the table itself. The queries would all query the view. I don't know
if MySql supports views or not, but that is the easiest way I know to
do it.
Chris-
Hi Chris,
thank you for your interested: mySQL supports views, almost the same
way as SQL Server; but how could I tell the system that user A can see
row 1 and 3, user B can see all the rows (1,2,3), user C cannot see
any?
Regards,
D.
Create one view that selects rows 1 and 3 and grant user A permission
to query from that view, create another view that selects all the rows
and grant user B permission to query from that view. Deny all users
permissions on the table and force them to query the views only. User
C will not be able to see any because she can't access either of the
views or the table.
Chris
On 23 Apr, 21:28, Chris Dunaway <dunaw...@gmail .comwrote:
Create one view that selects rows 1 and 3 and grant user A permission
to query from that view, create another view that selects all the rows
and grant user B permission to query from that view. *Deny all users
permissions on the table and force them to query the views only. *User
C will not be able to see any because she can't access either of the
views or the table.
Chris- Nascondi testo tra virgolette -
- Mostra testo tra virgolette -
Hi Chris,
as I wrote to Lloyd, I have got been suggested to add a field "Role"
to each row to determine which user can see that row and which one
cannot. Then the stored procedure retrieving the data will filter on
the "Role" field. What do you think?
Regards,
D. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Fran Tirimo |
last post by:
I am developing a small website using ASP scripts to format data retrieved
from an Access database. It will run on a Windows 2003 server supporting
FrontPage extensions 2002 hosted by the company 1&1 with only limited server
configuration via a web based control panel.
My query relates to the ASP security model and how it relates to FrontPage
options for setting file access on a database file. If you know of any
online documentation...
|
by: K Finegan |
last post by:
I have an archival process on a large database that runs once a month.
At the beginning of the process the triggers and indexes on the
tables whose data is moved are dropped, the data is moved and then the
triggers and indexes are recreated at the end. This produces a
massive improvement in performance.
The problem is the process is supposed to run on users accounts (thats
the way the front-end is set up) and they don't have the...
|
by: James N |
last post by:
My ASP.NET application needs read/write permissions for drive "Z:",
which is mapped to my Linksys Gigadrive (Network Attached Storage...if
anyone is familiar with that).
If I configure the Gigadrive with "Guest" access rights, then everything
works fine, BUT this leaves the drive vulnerable to everyone/everything
including network viruses. Lately, my drive has had several attacks by
the Lovegate virus.
Eliminating such attacks...
|
by: Marina |
last post by:
Hi,
I am trying to find the minimum security settings to allow a windows control
embedded in IE have full trust.
If I give the entire Intranet zone full trust, this works. However, this is
very broad and gives the entire zone high privleges.
I tried giving just the assembly full trust (using the full URL for the
DLL), but this doesn't seem to work.
|
by: Stephen |
last post by:
I have my intranet setup on our web server. It contains multiple
applications, but none are set up in the default application pools. In
other words, I create a webform and plop it into a directory on the web
server. My question revolves around security models for the
applications. I have been rethinking my current security strategy,
which is basically as follows:
dim strUser as string=ucase(User.Identity.Name)
dim boolAccess as...
| | |
by: Keith G. Murphy |
last post by:
I'm trying to get a feel for what most people are doing or consider best
practice.
Given a mod_perl application talking to a PostgreSQL database on the
same host, where different users are logging onto the web server using
LDAP for authentication, do most people
1) have the web server connecting to the database using its own user
account (possibly through ident), and controlling access to different
database entities strictly through...
|
by: isideveloper |
last post by:
I'm building a new C# web application that will provide my company
some administrative operations that were previously only completed
by tweaking the data in the database.
1. Encrypted password authentication
2. "Group" level permissions that allow permission overrides for specific
users
3. Ability to set permissions to view, edit, and read only - by user or
role.
4. Ability to set permissions based on data - certain users can only see
|
by: laredotornado |
last post by:
Hi,
I'm using PHP 4.4.4 on Apache 2 on Fedora Core 5. PHP was installed
using Apache's apxs and the php library was installed to
/usr/local/php. However, when I set my "error_reporting" setting to be
"E_ALL", notices are still not getting reported. The perms on my file
are 664, with owner root and group root. The php.ini file is located
at /usr/local/lib/php/php.ini. Any ideas why the setting does not seem
to be having an effect? ...
|
by: daokfella |
last post by:
I have a custom web.config section similar to the following:
<CustomAuthSettings attr1="" attr2="">
<Locations RedirectUrl="Invalid.aspx">
<add Path="test.aspx" Roles="1,2,3" Permissions="4,5,6" />
</Locations>
</CustomAuthSettings>
Everything seems to work just fine. When I have config files in nested
folders, Attr1 and Attr2 of the CustomAuthSettings section correctly
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it.
First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
| | |
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| | |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
