On Mon, 2008-10-27 at 16:50 -0400, Chris Browne wrote:
> martin.pihlak@gmail.com (Martin Pihlak) writes:
> > Tons of details have been omitted, but should be enough to start discussion.
> > What do you think, does this sound usable? Suggestions, objections?
>
> Slony-I does some vaguely similar stuff in its handling of "connection paths"; here's the schema:
I think the whole issue was initially raised by "insecurity", as dblink
conrib module exposed connection strings to all users, and SQL/MED was
seen as a "standard" way to hide it.
The simple credentials hiding could of course be achieved by having
something similar to pg_user/pg_shadow and some SECURITY DEFINER
functions for actually opening the connections, but probably it seemed
easier to at least base it on standards, so we can actually start with
pg_remote_server table public
pg_user_mapping_shadow table (restricted)/ pg_user_mapping view(public)
and some functions with proper grants to match the subset that Martin
outlined in http://wiki.postgresql.org/wiki/SqlMedConnectionManager
if we've got that working, then we could move to massaging it into the
parser to provide standard SQL/MED syntax.
so I think that first we should agree on functionality and get the few
system (?) tables and functions done, and worry about parser changes
once the actual functionality is field tested.
------------------------------------------
Hannu Krosing http://www.2ndQuadrant.com
PostgreSQL Scalability and Availability Services, Consulting and Training
