Hello !<br /><br />I'm trying to use postgresql in an application that by design will give access to users to a subset
ofthe database.<br /><br />For example for customers access to products_view (wich will only show public offers),
orders(only their own orders).<br /><br />I'll provide an application as user interface for the data.<br /><br />For
thatI'll give for each of then a role in the database that will belong to a group role customers_group.<br /><br />The
customers_grouponly has access to the views/functions that I'll specify.<br /><br />Till here no problem postgresql do
thatpretty well.<br /><br />My concern is once I give login access to any user, even without grant him/her any access
toany database, he/she can using an application like pgadmin3 view all databases/roles/functions/table-definitions on
myserver. And that was not my intention.<br /><br />Removing all from public doesn't work : <span>revoke all on schema
publicfrom public;<br /><br />What I think would be the server behavior when I create a role with login access an say
thatI only grant access to one view like this:<br /><br />create role oneuser login;<br />grant select on
somedatabase.someviewto oneuser;<br /><br />In that case when the user login the only thing he/she sees is the view
database.someview,even when they use pgadmin3 to connect.<br /><br />Actually he/she can see with pgadmin3 : all
databases,all roles and it's right access, all tables on every database (no access to data), all functions, all
triggers,all table definitions.<br /><br />The above isn't the intention to a user with a restrict view of the
database.<br/><br />Can I achieve it actually, if not how hard could be to implement that in the official release ?<br
/><br/>Thanks in advance for any feedback/ideas !<br /></span>
