- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Restrict user access to Oracle table by view v...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-05-2002 08:21 PM
тАО12-05-2002 08:21 PM
Restrict user access to Oracle table by view v.s grant object privilege on column level
Just wondering the performance impact on the method of restricting user access to Oracle tables through
1. View
2. Grant
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-06-2002 12:31 AM
тАО12-06-2002 12:31 AM
Re: Restrict user access to Oracle table by view v.s grant object privilege on column level
Therefore, from the performance point of view, there is no difference whether you run a query against the view or against the columns of the table.
A view is normally used when you do not want to expose the table structure to the users. Or to shield your programs from changes in DB schema.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-06-2002 02:41 PM
тАО12-06-2002 02:41 PM
Re: Restrict user access to Oracle table by view v.s grant object privilege on column level
Views can be used to restrict access on a user basis, and are the more common ways to report data. Granting privileges would be required in some cases (there are updatable views as well) to allow data manipulation.
Overall, you are not going to see a performance impact using views, or having permissions set on a table for a user. At most, you might see a performance impact if you hardcode a HINT into the view definition.
Brian
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-06-2002 10:10 PM
тАО12-06-2002 10:10 PM
Re: Restrict user access to Oracle table by view v.s grant object privilege on column level
Views are a development tool, a thing of convienence. They provide a layer of abstraction.
I cannot tell you how many times people ask "how can I rename a column", "how can I change the order of the columns", "how can I add a new column in the 'middle' of a table".
If you EVER think you'll be asking those questions yourself someday, use views. Views let you do all of the above trivially.
If you want to put the complex SQL into views and have simple SQL in your apps -- use views (i use them ALOT in my apps).
A view is nothing more then a stored query. It will run no slower nor faster then a query directly against the base tables.
Hope this helps!
Best Regards
Yogeeraj
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-09-2002 05:58 AM
тАО12-09-2002 05:58 AM
Re: Restrict user access to Oracle table by view v.s grant object privilege on column level
As mentioned before, views are very practical and versatile.
I beleive howerver than they do carry a performance costs exactly for the reason specified. They are another query that must be executed and therefore use extra cycles.
Good planning and design are still the best tools.
Take care.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-09-2002 10:02 AM
тАО12-09-2002 10:02 AM
Re: Restrict user access to Oracle table by view v.s grant object privilege on column level
in terms of privileges, in times of odbc, you have to be very carefull with object privileges.
Haveing DELETE-permission on a table, means the user is just three mouseclicks away from deleting the entire table via an MS-Access ODBC-Link.
Do not underestimate the ingenious end-user :-)
If you have an application with application users defined on database level, I'll never give them DELETE on TABLE. Instead I'd give them EXECUTE on the DELETE_PROCEDURE that they might need.
Which could be
DELETE_WITH_KEY_GIVEN
or
DELETE_WITH_DATE_RANGE
or whatever they really need.
Otherwise, it could go like:
0) link table via ODBC in MS-ACCESS
1) click top-left-button in table grid (select all rows)
2) click delete
3) click yes
So it is not performance! It is:
"What can the user do with this privileges?", esp. if he does not use my application, but connects to the database with another tool !
Stuff to think about
Volker
PS: as far as performance is concerned, I think you are right.