Does Firebird support field-level access rights?


Yes, it does for writing new values (UPDATE statements). To control the rights, use the GRANT and REVOKE statements:

GRANT UPDATE(field1,field2,...) ON table1 TO USER1;
REVOKE UPDATE(field1,field2,...) ON table2 FROM USER2;

If you wish to limit users to certain fields when reading (SELECT), a common way is to use views:

create view v1 (limited column list)
as
select limited,column,list
from t1;

And then grant user SELECT rights only for the view. With views, you can also limit which records (rows) can user see:

create view v1 (column,list)
as
select column,list
from t1
where ...constraining clause...;


If you need really complex rules, you can setup up a stored procedure that would return NULLs for some columns to specific users.


Do you find this FAQ incorrect or incomplete? Please e-mail us what needs to be changed. To ensure quality, each change is checked by our editors (and often tested on live Firebird databases), before it enters the main FAQ database. If you desire so, the changes will be credited to your name. To learn more, visit our add content page.

If you are a commercial tool maker and your tool features a great way to handle the issue written about in this FAQ, please check out our advertisement page.



All contents are copyright © 2007-2014 FirebirdFAQ.org unless otherwise stated in the text.


Links   Firebird   News   FlameRobin   Home Inventory powered by FB  
Add content   Advertise   About  

Categories
 Newbies
 SQL
 Installation and setup
 Backup and restore
 Performance
 Security
 Connectivity and API
 HOWTOs
 Errors and error codes
 Miscellaneous