RE: Restricting access to data only from certain views -- MIDRANGE-L

Good News Everybody!

The new search engine is LIVE!

Please report any problems to david (at) midrange.com.

Subject: RE: Restricting access to data only from certain views
From: "D*B" <dieter.bender@xxxxxxxxxxxx>
Date: Tue, 28 Sep 2021 13:52:50 +0200
List-archive: <https://archive.midrange.com/midrange-l/>
List-post: <mailto:midrange-l@lists.midrange.com>
List-subscribe: <https://lists.midrange.com/mailman/listinfo/midrange-l>, <mailto:midrange-l-request@lists.midrange.com?subject=subscribe>
List-unsubscribe: <https://lists.midrange.com/mailman/options/midrange-l>, <mailto:midrange-l-request@lists.midrange.com?subject=unsubscribe>

Rob,

best practice for all flavours of SQL is:
- don't use any table (as400 calls it physical file) in any programm
- create a 1:1 base view
- provide views, based on the base viewa for all user access
- avoid schema to schema relations (this is most important for tables, indexes and functions/procedures, constraints)
- there might be seperate view layers for query users (these could be seperated by security settings or creating a diffrent schema with aliases or even views)
special hint for as/400: don't use libl for database access (think about having a referential constraint and read (or write) parent from one lib and child from another!!!)
SQL on as400 will assist your security requirements by its default settings!

D*B

As an Amazon Associate we earn from qualifying purchases.

This mailing list archive is Copyright 1997-2026 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.