Protection Levels for Database

[d0sse]

Implement Protection Levels for Database

Introduce multiple protection levels to enhance security and control over database operations in SEQUEL Ace Editor. The proposed protection levels are:

1. Read-Only: Users can only execute SELECT queries.
2. Read-and-Write with Prompt Password: Users can execute all queries but need to enter a password for any write operations (INSERT, UPDATE, DELETE).
3. Read-and-Write: Users can execute all queries without additional prompts.

• Read-Only:

  • Restrict users to only run SELECT queries.
  • Disable all write operation buttons and menu options.
  • Show a notification or icon indicating the read-only mode.

• Read-and-Write with Prompt Password:

  • Allow users to run all queries.
  • Prompt for a password before executing any write operations (INSERT, UPDATE, DELETE).
  • Option to remember the password for the session to reduce repeated prompts.

• Read-and-Write:

  • Allow full access to run all queries without any restrictions.

User Interface:

• Add a settings menu to configure the protection level for each database connection.
• Display the current protection level in the status bar or connection details.

Benefits:

• Enhance security by controlling access levels.
• Prevent accidental modifications to critical databases.

[Jason-Morcos]

Question - why not do this by creating multiple user accounts on the database with varying appropriate permissions? You can then set up different connections with each account and toggle between them as necessary. This is what I personally do to ensure I can't accidentally write to prod. In this case, implementing this feature feels like it's re-implementing something mysql already has natively

[samuelbradshaw]

Related: https://www.digitalocean.com/community/tutorials/how-to-create-a-new-user-and-grant-permissions-in-mysql