SELECT UDFs implement the security policy for a SELECT operation. The parameter list for a SELECT UDF consists of:
- An input parameter that takes the current session security label as the argument.
- An input parameter that takes the security label from the target row as the argument.
- A result parameter that returns 'T' if the SELECT request passed the security policy or 'F' if the request failed the security policy. For details about the valid return values, see Return Values for SELECT or DELETE UDFs.
- Indicator parameters for the input and result parameters. These are required only if the constraint object allows nulls.
Here is an example of how to declare a SELECT UDF:
/***** C source file name: readlevel.c *****/
#define SQL_TEXT Latin_Text
#include <sqltypes_td.h>
void ReadLevel( short int *sess_level,
short int *curr_row,
char *result )
{
...
}
The corresponding CREATE FUNCTION statement looks like this:
CREATE FUNCTION SYSLIB.ReadLevel( current_session SMALLINT, input_row SMALLINT ) RETURNS CHAR LANGUAGE C NO SQL PARAMETER STYLE TD_GENERAL EXTERNAL NAME 'CS!readlevel!cctests/readlevel.c';
where:
- current_session is the system-defined parameter name that identifies the security label currently set for the session.
- input_row is the system-defined parameter name that identifies the security label from the target row.
- PARAMETER STYLE is SQL if the constraint object allows nulls; otherwise, PARAMETER STYLE is TD_GENERAL.