Database Owners and table owners can restrict access to a table’s data rows by defining access rules and binding those rules to the table. Access to data can be further controlled by setting application contexts and creating login triggers.
These features can be grouped under the concept of row-level access control. Row-level access control enables the Database Owner or table owner to control the rows in a table that users can access, based on their identification or profile and the privileges the user has from the application level. Adaptive Server enforces row-level access control for all data manipulation languages (DMLs), which prevents users from bypassing the access control to get to the data.
Domain rules allow table owners to control the values that users can enter into a particular column that is using a base datatype, or any column that is using a user-defined datatype. Rules are enforced during inserts and updates.
Adaptive Server enables row-level protection through access rules, which are enforced on select, update, and delete operations. Adaptive Server enforces the access rules on all columns that are read in a query, even if the columns are not included in the select list. In other words, for a given query, Adaptive Server enforces the domain rule on the table that is updated and the access rule on the tables that are read. Using access rules does not cause performance degradation.
