John McCawley wrote:
Of course I still have to modify my web app and schema to facilitate the new security structure, but I was never too worried about handling it in my app...My concern was allowing people direct access to the underlying DB while a) blocking them from viewing others' data, and b) without having to drastically modify the fundamental structure of my app.
I'd be tempted by your idea of copying the data to separate databases. Reduces impact on your app and gives you one crucial point to test against. The disadvantage is that it will only work for the simple per-user split you describe, nothing more complex.
Oh, and don't forget that users can see other user and database names. -- Richard Huxton Archonet Ltd
