[CDBI] Connection with a fixed "where" clause.

[prev] [thread] [next] [Date index for 2005/08/22]

From: Karl.Moens
Subject: [CDBI] Connection with a fixed "where" clause.
Date: 07:36 on 22 Aug 2005
This is a multipart message in MIME format.
--===============1429167375==
Content-Type: multipart/alternative;
	boundary="=_alternative 0029B17AC1257065_="

This is a multipart message in MIME format.
--=_alternative 0029B17AC1257065_=
Content-Type: text/plain; charset="us-ascii"

Hi ListMembers,

Is it possible to have a class with a fixed "where" clause?

I was thinking of the following situation. I have a big database with a 
lot of customer related info (let's say ordering info). I would like to 
have one Catalyst application to access this database, but depending on 
who is using it, they should only be able to see the records of one 
customer only. I probably can do it by adding some hidden fields in the 
forms or some parameters in the URL and build a "where" clause out of it 
for each access, but that would be easy to "break" and thus allow the user 
to see other customers' data. Therefore I was thinking of setting up a 
CDBI-class which would have this "where" clause built-in, so that it was 
impossible to get outside of the allowed set of records (it would be like 
some sort of "VIEW" on the database, but the version of MySQL I'm using 
doesn't support VIEWs yet). All I would have to do is to switch to another 
Model-class if the customer changes. The way Catalyst works it would be 
transparent for the rest of the application.

But can it be done in CDBI?

I haven't written any code yet, it is just a thought experiment right now 
to see if it can be done at all. Any pointers in the right direction (or a 
simple" It cannot be done") will help.

Karl 
(aka CountZero on PerlMonks)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This message and any attachments are confidential. If you have received 
this message in error please delete it from your system. If you require 
any assistance please notify the sender. Thank You.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--=_alternative 0029B17AC1257065_=
Content-Type: text/html; charset="us-ascii"


<br><font size=2 face="sans-serif">Hi ListMembers,</font>
<br>
<br><font size=2 face="sans-serif">Is it possible to have a class with a fixed &quot;where&quot; clause?</font>
<br>
<br><font size=2 face="sans-serif">I was thinking of the following situation. I have a big database with a lot of customer related info (let's say ordering info). I would like to have one Catalyst application to access this database, but depending on who is using it, they should only be able to see the records of one customer only. I probably can do it by adding some hidden fields in the forms or some parameters in the URL and build a &quot;where&quot; clause out of it for each access, but that would be easy to &quot;break&quot; and thus allow the user to see other customers' data. Therefore I was thinking of setting up a CDBI-class which would have this &quot;where&quot; clause built-in, so that it was impossible to get outside of the allowed set of records (it would be like some sort of &quot;VIEW&quot; on the database, but the version of MySQL I'm using doesn't support VIEWs yet). All I would have to do is to switch to another Model-class if the customer changes. The way Catalyst works it would be transparent for the rest of the application.</font>
<br>
<br><font size=2 face="sans-serif">But can it be done in CDBI?</font>
<br>
<br><font size=2 face="sans-serif">I haven't written any code yet, it is just a thought experiment right now to see if it can be done at all. Any pointers in the right direction (or a simple&quot; It cannot be done&quot;) will help.</font>
<br>
<br><font size=2 face="sans-serif">Karl </font>
<br><font size=2 face="sans-serif">(aka CountZero on PerlMonks)</font>
<br>
<br><font size=2 face="sans-serif"><br>
<br>
<br>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<br>
This message and any attachments are confidential. If you have received this message in error please delete it from your system. If you require any assistance please notify the sender. Thank You.<br>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~</font>
--=_alternative 0029B17AC1257065_=--


--===============1429167375==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
ClassDBI mailing list
ClassDBI@xxxxx.xxxxxxxxxxxxxxxx.xxx
http://lists.digitalcraftsmen.net/mailman/listinfo/classdbi

--===============1429167375==--

[CDBI] Connection with a fixed "where" clause.
Karl.Moens 07:36 on 22 Aug 2005

Re: [CDBI] Connection with a fixed "where" clause.
Brian Phillips 11:17 on 22 Aug 2005

Re: [CDBI] Connection with a fixed "where" clause.
merlyn (Randal L. Schwartz) 21:17 on 22 Aug 2005

Generated at 10:42 on 28 Aug 2005 by mariachi v0.52