Oracle has a very useful feature called Fine Grained Access Control (FGAC) for implementing database row level security.  I have used it on my project for, among other things, restricting access to certain documents based on the user's account and privileges.  In short, you create a policy that appends a predicate (such as a WHERE condition) to all SELECT (or INSERT, UPDATE and DELETE) statements involving the specified table,  regardless if the select is issued in the form of an interactive SQL statement or as the result of a data call from a front-end application. 

While there is slight learning curve in first implementing FGAC, it's a valuable tool - especially when you don't have access to the source code of the front-end (as is the case on my project).  It allows you to enhance (or negate) table statements coming from an application or a user working directly through SQL.  It also permits you to audit statements that trigger the policy.