Total Knowledge Projects Jobs Clientele Contact

UU Database

Personal tools
From Total Knowledge
(Difference between revisions)
Jump to: navigation, search
(Database objects)
(Security Requirements)
<LI> DBO/DBA and backup (already implemented)
<LI> DBO/DBA and backup (already implemented)
<LI> Customer service role has access to read everything (may be but security tables), access to all maintenance and all security stored procs
<LI> Customer service role has access to read everything (may be but security tables), access to all maintenance and all security stored procs
-
<LI> Teacher role has full access to any data within the course he is teaching (multiple courses per teacher are expected), access to data maintenance and user privileges stored procs within the course
+
<LI> User role has access implemented through the stored procedures using ACL.
-
<LI> Student role has some access (needs to be determined) to data maintenance within the course
+
<LI> Reports role has read access to everything but security tables, access to reporting stored procs
<LI> Reports role has read access to everything but security tables, access to reporting stored procs
</OL>
</OL>
Automated maintenance should use either "Customer Service", or "Backup" roles..
Automated maintenance should use either "Customer Service", or "Backup" roles..
-
<LI> The most interesting case is the access to shared objects. A shared object, included in the course, can be accessed by students using stored procedures. If the author needs to modify a shared object, the modification request is made through the stored procedure. After modification is completed, the shared object belongs to the author but keeps a referense to the original object. Any details of the versioning are encapsulated within the modification stored procedure. However, the stored procedure must validate the access right of the author upon the modification attempt. Only the owner of the shared object may modify it without creating a new version of the object.
+
<LI> The most interesting case is the access to shared objects. A shared object, included in the course, can be accessed by user using stored procedures. If the user needs to modify a shared object, the modification request is made through the stored procedure. Any details of the versioning are encapsulated within the modification stored procedure. However, the stored procedure must validate the access right of the user upon the modification attempt. Only the owner of the shared object may modify it without creating a new version of the object.
</OL>
</OL>

Revision as of 01:00, 30 September 2006