Dave Coventry wrote:
> Hi.
>
> I have a database with all of the particulars of our students and I am
> adding a table that will contain all of the courses and the grades
> attained by the students.
[snip]
> The marks (or grades) of the students are a different matter and we
> want to restrict changes to this data to a very few people.
>
> I'm presuming that this is not a unique problem, but I have been
> unable to find anything helpful on google.
If your different classes of users log in with different usernames and
passwords to the database, then you can do this rather simply with roles
and table priveleges. See the GRANT and REVOKE statements.
http://www.postgresql.org/docs/current/static/sql-grant.htmlhttp://www.postgresql.org/docs/current/static/sql-revoke.html
and ROLE management:
http://www.postgresql.org/docs/current/static/sql-createrole.html
If your users all log in with the same username and password via some
kind of web app, persistence layer, or whatever, then you will have to
write the access control yourself at the application level.
--
Craig Ringer
