Re: How to create unique constraint on NULL columns - Mailing list pgsql-general

From Andrus
Subject Re: How to create unique constraint on NULL columns
Date
Msg-id db8qis$576$1@news.hub.org
Whole thread Raw
In response to How to create unique constraint on NULL columns  ("Andrus" <eetasoft@online.ee>)
Responses Re: How to create unique constraint on NULL columns
Re: How to create unique constraint on NULL columns
List pgsql-general
> "if department _id is NULL, user has access to all departments data."
>
> This is your problem. You've assigned meaning to the "value" NULL.
>
> CREATE TABLE permission (
>  id serial,
>  user_id CHAR(10) NOT NULL REFERENCES user,
>  permission_id CHAR(10) NOT NULL  REFERENCES privilege,
>  UNIQUE (user_id, permission_id));
>
>
> CREATE TABLE permission_department (
>  id serial,
>  user_id CHAR(10) NOT NULL REFERENCES user,
>  permission_id CHAR(10) NOT NULL  REFERENCES privilege,
>  department_id CHAR(10)  REFERENCES department ,
>  UNIQUE (user_id, permission_id, department_id));
>
> Any person who is authorized to access documents of a department MUST have
> a corresponding row in permission_department: If they are authorized to
> view documents of all departments, then they must have a row corresponding
> to every department.

I don't understand why the permission_department table is required ?
If user is authorized to all departments, I can add separate row for each
department to former permission table. So the permission_department table is
not required at all.

Unfortunately, this approach causes loss of information: it loses the fact
that user is allowed to
see all departments data. If new department is added, this department should
be made accessible
for all users which have marked as "access all departments".

So I'll think still continuing to use null as unrestricted department
access.

Is it reasonable to create unique constraint using

CREATE UNIQUE INDEX user_id_permission_id_department_id_unique_idx
  ON permission (user_id, permission_id, COALESCE(department_id,'ALL'))

Andrus.



pgsql-general by date:

Previous
From: Chris Browne
Date:
Subject: Re: Transparent encryption in PostgreSQL?
Next
From: Tom Lane
Date:
Subject: Re: PLPGSQL how to get transaction isolation level info