Hi guys
According to this document, you can implement row level security in MySQL with the help of views (queries) and triggers.
The advantages are obvious:
-
Your access control is enforced at database level - regardless of whether you use Active Record or DAO (current access control methods - such as RBAC, ACL, ‘behaviors and beforeFind()’, ‘default scope’, etc. - are not invoked if you use DAO or an external PHP printing application such as Jasper.)
-
Access Control is permanently enforced on related tables (this seems to be a problem in AR and needs special treatment via default scope and behaviors).
Has anyone tried it? What are the disadvantages?
Thanx