Hi Mike, On Wed, Mar 27, 2013 at 8:54 AM, Mike Müller <mike...@mysign.ch> wrote: >> > Bertrand wrote: >> Could sanitizeQuery be done by having the ResourceProvider implement a >> QueryOptimizer API instead?...
> It's not really an optimization in the sense of a QueryOptimizer, that could > be done > by every ResourceProvider by now, without any new API. The sanitizeQuery > functionality > has to come with the ResourceAccessSecurity service: The query can be injected > (sanitized) only from a service which "knows" the security rules for the > given user. > If you look at the example above with the injection "WHERE owner=<user>": This > could only be injected by a service which knows that the given user only has > access > to resources where the he is the owner. Maybe a different user with more > rights > does not have any restrictions (or another restriction).... This sounds scary to me in terms of security, with many moving parts. I guess I'll need to see more concrete examples to make up my mind. -Bertrand
