The Veil demo has three security contexts.
- Personal Context applies to personal data that is owned by the connected user. All users have the same privileges in personal context, as defined by the role
Personal Context
. - Global Context applies equally to every record in a table. If a user has
SELECT_X
privilege in the global context, they will be able to select every record in X
, regardless of ownership. Privileges in global context are assigned through person_roles
. - Project Context is a relational context and applies to project data. If you are assigned a role on a project, you will be given specific access to certain project tables. The roles you have been assigned will define your access rights.
The following sections identify which tables may be accessed in which contexts.
The global context applies to all tables. All privilege checking functions will always look for privileges in the global context.
The following tables may be accessed using rights assigned in the personal context:
- persons
- assignments
- person_details
The following tables may be accessed using rights assigned in the project context:
- projects
- assignments
- project_details
Next: Exploring the Demo
Generated on Tue Mar 11 10:08:38 2008 for Veil by
1.5.4