On Mon, Jan 26, 2004 at 12:45:40 -0800, James Taylor <jtx@hatesville.com> wrote:
> I'm migrating an Oracle 9 database over to Postgres 7.3.4, and just ran
> into something I've never seen before (honestly, due to my lack of
> experience in Oracle) and was curious if
> Postgres supported anything similar. The DBA that set up Oracle
> appears to have enabled Oracle Label Security, which looks as though it
> offers per-row security levels. So, say we have the table
> 'test', user 'Nancy' does a "select * from test" and only will be
> shown rows she has permission to. Joe will get the same, and the
> superuser can see everything. Does Postgres offer anything like this,
> maybe even through third party software
You can do this with views, but there isn't a turn key set up to do this.
You can give someone access to a view without giving them direct access
to underlying tables. A view can check the current username versus
some data in the table being displayed (perhaps joined with some other
tables that keep track of group membership).
