Coming from a Rails/PHP/etc world. All of those communities generally hold that the database should be treated as a dumb data bucket with all the logic in the middleware.
I’ve long thought someone should write up what the alternative architecture using Postgres to its fullest would look like. In order to differentiate it, I start from the security advantages and work forward.
I’d love to get some feedback on it. Harsh criticism is most useful… :-)
I have been developing in this style for many years. Application requests in JSON/JSONB, and zero IQ middleware outside of caching, transport authorization, etc. Prior to JSON, I was doing it with composite types -- postgres has been able to do some variant of this since mid 8.x series. I can assure you, this style of architecture works, your core assumptions are mostly correct, although I'd gently suggest taking a broader view on application architecture vs authorization. Generally speaking, it is a very fast way to write robust applications quickly, and I've written highly scalable enterprise applications in this style.
I'm not afraid to take things to the extreme. If you want to see examples backend rich coding in action, take a look at pgasync and especially pgflow, which is a airflow style orchestrator written in a stored procedure daemon :-).
