On Tuesday 12 February 2008 03:25, Bryce Nesbitt wrote:
> Yes, the view approach has some advantages. But it still leaves the
> underlying tables naked to modification.
> And since the most likely error is... well... me (or another admin) at
> the SQL prompt, we want underlying tables protected also.
>
> chester c young wrote:
> > instead of triggers I use update-able views and permissions.
> >
> > 1. all dml goes through the view
> > 2. use rules on the view to do dml to the table
> > 3. in rules prevent updating all/any columns when whatever
> > 4. grant dml to view to your pgconnect user
> > 5. revoke dml from table to your pgconnect user
> >
> > imho another instance where rules rule. for example, you can easily
> > fit logging into the same view.
You can use rules on the underlying tables themselves (on update do nothing)
which tends to work pretty well. You can also add triggers into the mix to
raise errors on update. Also dont forget to revoke update/delete/install
privileges as appropriate. And look into vacuum freeze.
--
Robert Treat
Build A Brighter LAMP :: Linux Apache {middleware} PostgreSQL