Home > mailing lists

Re: row based security ... was Different views with same name for different users - Mailing list pgsql-general

From	Bruno Wolff III
Subject	Re: row based security ... was Different views with same name for different users
Date	January 22, 2002 17:02:46
Msg-id	20020122185626.GA25753@wolff.to Whole thread Raw
In response to	row based security ... was Different views with same name for different users ("Harald Massa" <HaraldMassa@ghum.de>)
List	pgsql-general

Tree view

On Sun, Jan 20, 2002 at 10:26:34PM +0100,
  Harald Massa <HaraldMassa@ghum.de> wrote:
> Hello,
>
> I have other words for my question, maybe they are more helpfull.
>
> What I'm looking for is ROW BASED SECURITY.
>
> That means:
>
> User A is allowed to look and update some rows
> User B is allowed to look and update some other rows

The "look" part can be done with views. To do updates rules need to be used.

If the security model is that each row of the database can have a single
security type associated with it, but that users can have multiple types,
then I suggest using a table listing valid username security type pairs
and joining this table with the underlying table in the views on the
security type and checking the the username column matches the current
user.

pgsql-general by date:

From: "Jonathan Ellis"
Date: 22 January 2002, 16:42:39
Subject: Re: detecting deadlocks

From: David Madore
Date: 22 January 2002, 17:52:33
Subject: A question about permissions

Re: row based security ... was Different views with same name for different users - Mailing list pgsql-general

Previous

Next