Modifying a result set in a Stored Procedure, then returning that modified set
https://dba.stackexchange.com/questions/89609
-
13-12-2020 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I am currently in the process of designing my database for a mobile/web application. When I look at competing apps I see a massive flaw in how they handle user locations. Due to the nature of the application this could cause privacy and security issues for the users.
I need to store all user's locations in my database, but I want to reduce the possibility of an outside source gaining access to this data if the user does not want it shared.
After researching possible ways of doing this, I believe it is in my best interest to return values through stored procedures, limit db user access etc.
What I want to achieve is returning the results of a stored procedure. After the results have been modified. In this case, the procedure will run through the results. Check a value on the record and omit the relevant data if required.
From what I have read and understood the best way for me to achieve this is through creating a temporary table. Run a Select Query on my actual table into a cursor. Loop through the results, check the relevant value in the record, the insert into the temp table accordingly.
E.g.
Begin Procedure
Check if temp table already exists, drop if necessary
Create Temp Table, based on schema of the "permanent" table.
Run SELECT * FROM PERMTABLE WHERE Location within bounds ORDER BY Location ASC INTO CURSOR
LOOP THROUGH CURSOR
IF 'Show_Loc' IS FALSE
INSERT INTO TEMPTABLE WITHOUT LOCATION
ELSE
INSERT AS NORMAL
SELECT * FROM TEMPTABLE
DROP TEMPTABLE
END
Is there a better way of achieving this, or am I on the right track?
Also I am concerned that there will be a large volume of requests to the same procedure. Will there be any issues if the procedure was called multiple times at the exact same time in regards to temporary tables? Do I need to generate random names, or do MySQL/SQL Server handle this automatically?
Solution
Is there a better way of achieving this, or am I on the right track?
Yes there is and no, I don't think you are on the right track. There is almost no reason to use a cursor in this situation.
If ShowLocation is a value on each record in the table then this is the kind of situation where a CASE statement comes in handy.
SQL Server code would be similar to the following
CREATE PROCEDURE dbo.GetLocationData
AS
SELECT
<all_other_fields_here>,
CASE
WHEN ShowLocation = 1 THEN Location
ELSE NULL
END AS Location
FROM PERMTABLE
WHERE Location within bounds -- not entirely sure how you're doing this
ORDER BY Location;
GO
