Michael Trausch <michael.trausch@comcast.nope.net> writes:
> I'd like to know if I can constrict database and data access
> on a row-level with PgSQL by using some sort of trickery in the database
> configuration itself.
You could do this with views, on the order of
create view secure_view as
select * from base_table where access_allowed(current_user, ...);
where you need to write an access_allowed function that implements your
security policy (probably based on fields in the base table that are not
reflected in the view, so it's not really gonna be "select *"). Then
you grant access to the view but not the base table to the users.
Also, take a look at
http://pgfoundry.org/projects/veil/
and search the archives for past discussions of row-level security.
regards, tom lane
