PatternMatch » History » Version 6
bford -, 05/11/2006 07:20 PM
| 1 | 1 | bford - | |
|---|---|---|---|
| 2 | 6 | bford - | h1. Pattern Match Feature |
| 3 | 1 | bford - | |
| 4 | |||
| 5 | 6 | bford - | Also known as allowable objects, this feature allows the administrator to configure the DSN to only see specific objects within the database. This feature was created because [[PostgreSQL]] allows any user to see objects within the database regardless of permission. |
| 6 | |||
| 7 | *_ Note that this is a secure through obscure type feature and is not a replacement for good and solid role implementation. _ |
||
| 8 | * |
||
| 9 | |||
| 10 | 1 | bford - | The rules for this feature are below: |
| 11 | |||
| 12 | 6 | bford - | * Applies to pattern expressed in ALLOWED_OBJECTS. Can be configured within the connection string or DSN management. |
| 13 | * Works against tables, schemas and sequences. |
||
| 14 | * A FROM parameter within the query must be in place for this to work: |
||
| 15 | *** For example if you user connects using another method and creates a function that gets to the data you want seen this feature will not help you. |
||
| 16 | * For peformance reasons if there is not a FROM construction within the SQL statement, the statement will not be parsed by this feature. |
||
| 17 | * If no schema is specified, public schema is used by default. |
||
| 18 | 2 | bford - | |
| 19 | Capabilities: |
||
| 20 | |||
| 21 | 6 | bford - | * Pattern is case sensitive |
| 22 | 1 | bford - | |
| 23 | 6 | bford - | _Examples:_ |
| 24 | 3 | bford - | |
| 25 | 6 | bford - | <pre> |
| 26 | 3 | bford - | |
| 27 | public.acct*,hr.pay* |
||
| 28 | 1 | bford - | |
| 29 | 6 | bford - | </pre> |