Week 10 Flashcards
1
Q
Schemas, views, access controls
A
- All are ways of partitioning, segregating and controlling access to data within a database
- Why do we want to do this?
- Security – Prevent unauthorised access to read and (heaven forbid) modify data
- Usability – Presenting a simplified view of underlying data structures can make working with data easier, particularly for non –expert users
- Flexibility – partitioning according to users can allow experimentation without affecting other users
2
Q
Database schemas
What’s a schema?
A
- A SQL database contains multiple objects such as tables, views, stored procedures, indexes, triggers etc
- A schema is a logical collection of database objects
- Loosely analogous to a namespace in languages such as Java, C#
- Note: this material focusses on ‘full’ SQL – some features may not be implemented in certain DBMS that implement a subset of full
SQL (such as SQLite)
3
Q
How can we organise schemas?
A
- Logical grouping by object function
- Sales schema contains objects pertinent to sales dept
- Personnel schema contains staff objects
- Logical grouping by user
- Individual users/groups may be given their own space in a database
- E.g. each developer in a team may have their own ‘sandpit’ in a development database where they can make changes to their own set of objects without affecting other developers|
4
Q
Schema partition by object domain
A
5
Q
Schema partition by user – developers
working on ‘Sales’
A
6
Q
Conceptual schema definition
A
- To create a schema:
CREATE SCHEMA [schema_name]
Authorisation [owner_name] - In our user based example:
CREATE SCHEMA Carol
Authorisation Carol - [owner_name] is (initially) only user able to create and access objects within the schema
- A user can be specified as belonging to a default schema
7
Q
Conceptual schema definition 2
A
- To create tables for a schema explicitly
CREATE TABLE [schema_name].[table_name]
[table definition…] - To create tables for a schema implicitly
CREATE TABLE [table_name]
[table definition …]
* Default/current schema for defining user is used
8
Q
Schema operations
A
- Can perform all our usual operations within a schema
- CREATE, DROP, ALTER
- DROP VIEW
- DROP TABLE
- ALTER TABLE
9
Q
Cross schema considerations
A
- Objects can have the same name in different schemas
- Sue.Customer, John.Customer
- To access an object outside of default/assigned schema specify the schema name
- For Sue:
- SELECT * FROM Customer, SELECT * FROM Sue.Customer are analogous
- SELECT * FROM John.Customer accesses the [John] schema
- Subject to access permissions
- Similar with Joins etc
- For Sue:
10
Q
Schemas or databases
A
- A schema looks like a distinct database
- Many of the same operations can be
performed within both- E.g CREATE objects, assign permissions etc
- So why not have a separate DB instead of multiple schemas?
- Many of the same operations can be
- Database is the main physical container contains data and log files and all the schemas within it.
- All backup and restore operations are performed at database level
- Schema is a logical container
- Enables ease of permissions setting
- Decision whether to partition by schema or database (e.g SalesDB, PersonnelDB) needs to be taken based on specific organisational considerations
11
Q
Views
A
- A view can be thought of as a ‘virtual table’
- Does not necessarily exist in physical form
- As opposed to base tables whose tuples are actually stored in database files
- Views are used to ‘focus, simplify and customise the perception a user or group has of a database. Views can be used as security mechanisms by letting users access data through the view, without granting permissions to directly access the underlying base tables of the view
12
Q
Creating a view
A
13
Q
Building a view from base entities
A
14
Q
Views 2
A
- If the same query is frequently executed on a database it makes sense to define a view based on results of the query and use a simpler query to retrieve tuples of interest from the view
- Particularly useful if the original query is complex – involving a number of joins
- Reducing need for querying users to specify join conditions reduces scope for error
- User can simply perform following query on OrderDetails
- SELECT * FROM OrderDetails WHERE CustNo = 12345
15
Q
Views 3
A
- Views can be queried using same SELECT operations as base tables
- Join operations can be performed between views and tables
- Should we really do this?
- Views can improve DB security
- Provides a projection of specified base data items
- Can be a subset of a specific entity
- E.g. a StaffMember view may omit social security and other sensitive fields from underlying entity
- Can be a subset of a specific entity
- Provides a projection of specified base data items