> It sounds like you are trying to
> write a record into a log/audit
> table.
Yes, for some entities it is some sort of high level
audit, and for others it is a recent activity table.
> Have you looked at MySQL triggers to do
> this? The advantage
> of using a trigger is that even if someone changes it
> outside of
> Cayenne (the mysql> prompt, etc) the audit table will
> still be
> populated. Much safer to do it this way if you care
> about actual
> auditing.
Yes, I did, but this is not feasible: the requirements for the audit imply information available mostly only in the business logic in that form. At the trigger level the information is very low level and it would mean to duplicate a big part of the business logic just to achieve this.
> As for exposing primary keys to the user...it might be fine
> for a blog
> or similar, but in the work I do it is a big taboo.
> It identifies too
> much information that could lead to a data breach if you
> have a
> problem with your application's security. I would
> only be
> semi-comfortable exposing a primary key if it were
> encrypted by a
> private key that changed per-session.
I know that this might be taboo if:
- the PKs are from a sequence
- the DB defines "natural" keys for all tables to be able to identify items
- the URL's are publicly exposed
- or there's some strange DB admin in the team (that still likes to
inforce the "good practices" from the '80 :) ).
This application is however not publicly available.
Also the id's (the pk's) are pretty continuous generated by the database auto increment, so there was no reason to add a second column to contain just the same meaning - a way to uniquely identify the "row".
I need them of course the "log"(whatever type) in the same transaction.
thanks,
Joseph.
This archive was generated by hypermail 2.0.0 : Wed Apr 08 2009 - 09:03:11 EDT