TLobLocator and security

N

nicofari

Member²
I have a table containing a blob, to which a
user should NOT have direct access.
We have an API access through a pl/sql package.
So there is an OracleDataset with an sql like:

begin
ILMaster.UtilsAccessOra.OpenStoricBlob(
:CurStoricBlob, :Id);
end;

The retrieve works fine.
The OracleDataset has an ApplyRecord procedure
in which we call another package function
to save the blob field
QryPutImage.SQL.Text :=

begin
IlMaster.utilsaccessora.putblob(aid => :aid,
ablob => :ablob,
agraphicclass => :agraphicclass);
end;

The Delphi code is like this:

With QryPutImage do
begin
SetVariable('aGraphicClass', OdsStoricoInt.FieldByName('DD_GRAPHIC_CLASS').AsString);
SetVariable('AId', OdsStoricoInt.FieldByName('NR_VALORE_INTERO').AsInteger);
SetComplexVariable('aBlob', Lob);
Execute;
(OdsStoricoInt.FieldByName('BL_STREAM') As TBlobField).SaveToStream(Lob);
end;

The problem is that this code works ONLY
if I grant the select/update on the table
to the invoker user..
The line with the SaveToStream(Lob) fails..
Does TLobLocator need select/update privileges
on the underlying field?
TIA
Bye
Nic
 
To resolve this you need to use a Temporary LOB (new in 4.0). This way you can write the data to the LOB before calling the stored procedure, which can subsequently write the data to the table.

------------------
Marco Kalter
Allround Automations
 
I'll download the demo version of 4.00 and try,
thanks.
Only two questions
Do standard Lob Locator require select/update
grantees on the underlying column?
Are Temporary Lob a feature of version 9 only?
 
Do standard Lob Locator require select/update grantees on the underlying column?
Click to expand...
Yes, because the application writes the data to the table instead of your stored pogram unit.
Are Temporary Lob a feature of version 9 only?
Click to expand...
.
I forgot to mention this: it requires Oracle8i or later.

------------------
Marco Kalter
Allround Automations
 
You must log in or register to reply here.

Similar threads

S
  • Discussion Discussion
CLOBs using C++ Builder
Replies
3
Views
2K
Marco Kalter
Marco Kalter
A
  • Discussion Discussion
oracle connection problem in 64 bit add-in
Replies
8
Views
3K
Andras Boros
A
C
  • Discussion Discussion
Contents-List in Package Body not visible when using $$PLSQL_UNIT
Replies
3
Views
2K
Marco Kalter
Marco Kalter
M
  • Discussion Discussion
Trouble with Locking, Checking and Refreshing in OnApplyRecord
Replies
2
Views
3K
Matt Ors
M
R
  • Discussion Discussion
Very slow closing all windows
Replies
8
Views
7K
Marco Kalter
Marco Kalter
Back
Top