Hello,
I want to secure my entities on an object-by-object basis. I.e. something
like row level permissions.
So I found
http://www.sqlalchemy.org/trac/wiki/UsageRecipes/PreFilteredQuery which
seems to proof that something like this is possible with sqlalchemy.
On the other hand it seems there's row level permissions available
directly in some databases. E.g. Oracle already has it and PostgresQL
seems to gain it in the upcoming 9.2.
My ultimate goal is to run arbitrary user-supplied adhoc queries. Of
course these queries should only return data which the user actually has
access to.
Which approach do you think does make more sense? Using the features
directly available in some databases or using a prefiltered query via
sqlalchemy?
-Matthias
--
You received this message because you are subscribed to the Google Groups
"sqlalchemy" group.
To post to this group, send email to sqlalchemy@googlegroups.com.
To unsubscribe from this group, send email to
sqlalchemy+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/sqlalchemy?hl=en.