Home > mailing lists

Re: Advice needed on application/database authentication/authorization/auditing model - Mailing list pgsql-general

From	Harald Fuchs
Subject	Re: Advice needed on application/database authentication/authorization/auditing model
Date	October 24, 2010 16:04:50
Msg-id	861v7fd1bs.fsf@mgm.protecting.net Whole thread Raw
In response to	Advice needed on application/database authentication/authorization/auditing model (Tony Cebzanov <tonyceb@andrew.cmu.edu>)
List	pgsql-general

Tree view

In article <20101022161331.GD9770@frohike.homeunix.org>,
Peter Bex <Peter.Bex@xs4all.nl> writes:

> As far as I can see, this would imply either creating views on the
> <whatever> for every user (or company?), or manually crafting queries
> to do the same.

Not necessarily. Consider this:

  CREATE TABLE t1 (
    id serial NOT NULL,
    val int NOT NULL,
    usr text NOT NULL,
    PRIMARY KEY (id)
  );

  COPY t1 (val, usr) FROM stdin;
  1    u1
  2    u1
  3    u2
  4    u3
  \.

  CREATE VIEW t1v (id, val) AS
  SELECT id, val
  FROM t1
  WHERE usr = current_user;

Now user "u1" can only see rows 1 and 2.

pgsql-general by date:

From: zhong ming wu
Date: 24 October 2010, 14:37:14
Subject: Re: What is "return code" for WAL send command

From: Tom Lane
Date: 24 October 2010, 16:34:06
Subject: Re: What is "return code" for WAL send command

Re: Advice needed on application/database authentication/authorization/auditing model - Mailing list pgsql-general

Previous

Next