Not sure where to put this but here goes:
I have created an HR Self service APEX application (on Autonomous). Users are able to ask things like 'how many days holiday do I have left?' or 'what is our policy on maternity leave?'. I have an OCI RAG Agent with 2 tools - a SQL tool that queries the database and returns the result (which I then pass to an LLM to return a nicely formatted response) and a RAG tool with a knowledge base source that points to pdf docs in an OCI Object Storage bucket. This is all working ok.
The next thing I need to consider is fine grained access for the local data. ie I should be able to get a result for - 'how many holidays have I got left' but not ‘how many holidays does Joe Bloggs have left’.
I am trying to achieve this programmatically (eg if not an admin user it will append ‘where user = :APP_USER’ to the employee table query, but given the variations in potential queries this is proving a challenge. I only have a few simple HR tables so this approach doesn't feel reliable (or possible even) if I wanted to scale with more complex rules.
Is there another approach I should be considering to FGA? I can't see any options in the SQL Tool in the Agent that could help or in the docs but this must be a common problem surely?
Any help would be much appreciated.
Lee