IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

IWETHEY Home / IWETHEY Board / Databases Forum / It's not about untrusted users
Post #147,149
by drewk
Picture of drewk
3/19/04 8:41:38 PM
Reply
New It's not about untrusted users
It's about untrusted developers. Let's say you've got source code control. (You do have source code control, right?) No matter how badly someone goofs up, it's relatively painless to roll back to the last known good state.

So what procedures do you have for rolling back the DB? BEGIN TRANSACTION ... ROLLBACK is nice when you know before the procedure is done that it was wrong, but once you COMMIT, then what? It only takes one mal-formed (or missing [shudder]) WHERE clause to destroy a day's worth of data. So how do you protect the data from bad DELETE queries?
===

Implicitly condoning stupidity since 2001.
Post #147,169
by tuberculosis
Picture of tuberculosis
3/19/04 10:46:02 PM
Reply
New Who deletes?
Honestly, I've never done a database that *deleted* anything. Instead, records are usually marked inactive. I don't see how a stored proc is going to save you there though - except in one instance I remember some dba creating a delete proc that checked the rowcount from the delete and rolled back if it was greater than 1. Other trick occasionally used is to put a delete trigger on a table that copies the deleted records to a changes logging table. Revoking 'delete' on that table keeps things pretty safe - then you can always roll back.

Also, in practice using an object-relational mapping tool like cayenne - this never comes up since the developer never directly accesses the database - he edits the object graph and commits the changes.

The tree of research must from time to time be refreshed with the blood of bean counters.
     -- Alan Kay
     I don't get your rationale - (tuberculosis) - (10) - March 19, 2004, 05:29:42 PM EST
         It's not about untrusted users - (drewk) - (1) - March 19, 2004, 08:41:38 PM EST
             Who deletes? - (tuberculosis) - March 19, 2004, 10:46:02 PM EST
         Protect the data - (ChrisR) - (7) - March 19, 2004, 08:48:08 PM EST
             Logins - (tuberculosis) - (6) - March 19, 2004, 10:49:39 PM EST
                 our app is role based as well - (boxley) - March 19, 2004, 11:08:56 PM EST
                 I found it interesting that Oracle Apps - (ChrisR) - (4) - March 19, 2004, 11:15:55 PM EST
                     Well put. - (mmoffitt) - March 20, 2004, 08:41:48 AM EST
                     Re: I found it interesting that Oracle Apps - (deSitter) - (1) - March 20, 2004, 09:39:42 AM EST
                         Too flexible - (broomberg) - March 21, 2004, 01:22:19 AM EST
                     Agree about making the db able to defend itself. - (tuberculosis) - March 20, 2004, 10:41:25 PM EST

Why did my head just get farther away?
66 ms