I thought too much about this without having a clearly correct solution. This might be a real tree situation for trees, so I need help with stackoverflow.
I am trying to provide database filtering on a regional basis. My system has different users, and each one is assigned to a regional office. I want users to be able to see data that is associated with their regional office.
Just put my application: Java App -> JPA (hibernate) -> MySQL
The database contains an object from all regions, but I want users to be able to manipulate objects from their region. I thought of the following ways of doing this:
1) change all database queries so that they read something like select * from tablex, where region = "myregion". It is unpleasant. This does not work very well with JPA, for example, the entitymanager.find () method accepts only the primary key. Of course, I can go to my native language, but I need to skip only one sentence, and my safety will be lifted.
2) use mysql proxy to filter the results. it seems to be funky, but then the mysql proxy server simply sees the raw call and does not know how it should filter them (i.e., in which region does the user who made this request belong to). Well, I can start the proxy for each region, but it starts to get a little confused.
3) . , , spring, RoutingDataSource (1 ). , - , . OHPs.
4) ACL - . a select * from tablex; , , ?
? . - . , . , - / , , ?
spoonfed - , , , / ! .