On 6/3/20 4:11 AM, Paul Bonaud wrote:
> Hi Tom,
>
> Thank you very much for your answer.
>
> I was worried to get this kind of solution, i.e. “don't be so miserly as
> not to create a separate one for each privilege level you need.”,
> however in the case of a remote database **you have no control over**it
> sounds pretty impossible to do.
>
> If I understand correctly, my initial question doesn't have a solution
> within postgres, does this sound right?
As it stands now I can't think of one. You might reach out to the
postgres_fdw folks and see if they could get it to use a service file:
https://www.postgresql.org/docs/12/libpq-pgservice.html
Then the user mapping could use information the end user can't see
unless they had permissions on the file system.
>
> Thanks again !
> Paul
> **
--
Adrian Klaver
adrian.klaver@aklaver.com
