9. Ensuring Data Integrity : Rules : Enforcing General-Purpose Rules : Using a Rule to Extend the Permission System
 
Share this page                  
Using a Rule to Extend the Permission System
A rule can be created to extend the permission system by ensuring that unauthorized users cannot modify certain classified rows in the opcodes table. The rule, which must be fired after inserts and deletes, is defined with the following WHERE clause:
opcodes.scope = 'share' and user != 'system'
The database procedure invoked by this rule can issue an error (using the RAISE ERROR statement, which rejects the statement that fired the rule) and log the operation with the user name into a local log table for later review (the next example demonstrates logging).