Archives of the TeradataForum
Message Posted: Mon, 04 Nov 2002 @ 19:50:03 GMT
| Subj: | | Re: Row-level security |
| |
| From: | | Yonina Schuchman |
We have implemented row level security using one view per fact table. We own multiple chains and keep all of our data in the same
tables. Chain is part of the key on all tables. Some users work specifically for one chain and are not allowed to see other chain's data.
Corporate users may see data for all chains. Some users may see two of the chains' data, etc.
I created a small table mapping chain groups to chain ids. I created another table with user ids and their chain group. A view on top
of both gives me the chains a user may see. The users have access via views only and all the fact table views include a join to my security
view with a WHERE clause of WHERE user id=USER.
This has worked so well that they want me to implement something similar on our Oracle transactional database. No guarantee on that
performance!
| 
