[CDBI] Connection with a fixed "where" clause.
[prev]
[thread]
[next]
[Date index for 2005/08/22]
This is a multipart message in MIME format.
--===============1429167375==
Content-Type: multipart/alternative;
boundary="=_alternative 0029B17AC1257065_="
This is a multipart message in MIME format.
--=_alternative 0029B17AC1257065_=
Content-Type: text/plain; charset="us-ascii"
Hi ListMembers,
Is it possible to have a class with a fixed "where" clause?
I was thinking of the following situation. I have a big database with a
lot of customer related info (let's say ordering info). I would like to
have one Catalyst application to access this database, but depending on
who is using it, they should only be able to see the records of one
customer only. I probably can do it by adding some hidden fields in the
forms or some parameters in the URL and build a "where" clause out of it
for each access, but that would be easy to "break" and thus allow the user
to see other customers' data. Therefore I was thinking of setting up a
CDBI-class which would have this "where" clause built-in, so that it was
impossible to get outside of the allowed set of records (it would be like
some sort of "VIEW" on the database, but the version of MySQL I'm using
doesn't support VIEWs yet). All I would have to do is to switch to another
Model-class if the customer changes. The way Catalyst works it would be
transparent for the rest of the application.
But can it be done in CDBI?
I haven't written any code yet, it is just a thought experiment right now
to see if it can be done at all. Any pointers in the right direction (or a
simple" It cannot be done") will help.
Karl
(aka CountZero on PerlMonks)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This message and any attachments are confidential. If you have received
this message in error please delete it from your system. If you require
any assistance please notify the sender. Thank You.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--=_alternative 0029B17AC1257065_=
Content-Type: text/html; charset="us-ascii"
<br><font size=2 face="sans-serif">Hi ListMembers,</font>
<br>
<br><font size=2 face="sans-serif">Is it possible to have a class with a fixed "where" clause?</font>
<br>
<br><font size=2 face="sans-serif">I was thinking of the following situation. I have a big database with a lot of customer related info (let's say ordering info). I would like to have one Catalyst application to access this database, but depending on who is using it, they should only be able to see the records of one customer only. I probably can do it by adding some hidden fields in the forms or some parameters in the URL and build a "where" clause out of it for each access, but that would be easy to "break" and thus allow the user to see other customers' data. Therefore I was thinking of setting up a CDBI-class which would have this "where" clause built-in, so that it was impossible to get outside of the allowed set of records (it would be like some sort of "VIEW" on the database, but the version of MySQL I'm using doesn't support VIEWs yet). All I would have to do is to switch to another Model-class if the customer changes. The way Catalyst works it would be transparent for the rest of the application.</font>
<br>
<br><font size=2 face="sans-serif">But can it be done in CDBI?</font>
<br>
<br><font size=2 face="sans-serif">I haven't written any code yet, it is just a thought experiment right now to see if it can be done at all. Any pointers in the right direction (or a simple" It cannot be done") will help.</font>
<br>
<br><font size=2 face="sans-serif">Karl </font>
<br><font size=2 face="sans-serif">(aka CountZero on PerlMonks)</font>
<br>
<br><font size=2 face="sans-serif"><br>
<br>
<br>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<br>
This message and any attachments are confidential. If you have received this message in error please delete it from your system. If you require any assistance please notify the sender. Thank You.<br>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~</font>
--=_alternative 0029B17AC1257065_=--
--===============1429167375==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
ClassDBI mailing list
ClassDBI@xxxxx.xxxxxxxxxxxxxxxx.xxx
http://lists.digitalcraftsmen.net/mailman/listinfo/classdbi
--===============1429167375==--
 |
[CDBI] Connection with a fixed "where" clause.
Karl.Moens 07:36 on 22 Aug 2005
|
