Andrew Chernow wrote:
>
> I don't think view-based security solves my problem. I need to limit
> a user to 20 fixed queries, for example. That means the user cannot
> execute "SELECT NOW()" or "SELECT 'hello world'". The user can only
> execute a pre-defined list of queries.
>
Put your queries in security definer functions and put those in a schema
that is the only one your user has access to. That should just about do
the trick, although s/he might still be able to do "select 'foo';"
cheers
andrew
