Re: users, address record restrictions - Mailing list pgsql-general

From Michael Fuhr
Subject Re: users, address record restrictions
Date
Msg-id 20050621035334.GA48416@winnie.fuhr.org
Whole thread Raw
In response to users, address record restrictions  (Teunis Peters <teunis@wintersgift.com>)
List pgsql-general
On Mon, Jun 20, 2005 at 05:17:57PM -0700, Teunis Peters wrote:
>
> however - I'd like to restrict access to specific records and groups of
> records (based on another table) - and I'm not even sure where to start
> looking.  I suspect I actually need to look into triggers and/or
> embedded libraries to solve this (and this means writing it) but I
> haven't figured where to start...
>
> basically per-record (given a set of rules) access restrictions.
>
> Please do let me know where I can ask more :)
>
> Looking for controlling SELECT, INSERT, UPDATE and DELETE.

As I mentioned in my followup in pgsql-interfaces, you could use a
view to restrict who can see what records, and you could use rules
to allow inserts, updates, and deletes on the view.  For more info
and examples see CREATE VIEW and "The Rule System" in the documentation:

http://www.postgresql.org/docs/8.0/static/sql-createview.html
http://www.postgresql.org/docs/8.0/static/rules.html

Be aware that rules have "gotchas" that can produce unexpected
results.  Make sure you understand what's really happening, and do
thorough testing before putting anything into production.

If views and rules don't sound like they'll work, then please provide
more information about what you're doing.

> I -am- interested in examples of server-side scripting as well...
> am still searching.

See "Server Programming" in the documentation:

http://www.postgresql.org/docs/8.0/static/server-programming.html

You could also search the list archives for phrases like "CREATE
FUNCTION" -- many examples have been posted to the mailing lists
over the years.  See also resources like the General Bits newsletter:

http://www.varlena.com/varlena/GeneralBits/

--
Michael Fuhr
http://www.fuhr.org/~mfuhr/

pgsql-general by date:

Previous
From: "Andrew L. Gould"
Date:
Subject: Re: dealing with file size when archiving databases
Next
From: Bruce Momjian
Date:
Subject: Escape handling in strings