Re: creating variable views - Mailing list pgsql-sql
From | Josh Berkus |
---|---|
Subject | Re: creating variable views |
Date | |
Msg-id | web-82299@davinci.ethosmedia.com Whole thread Raw |
In response to | Re: creating variable views (Tom Lane <tgl@sss.pgh.pa.us>) |
Responses |
Re: creating variable views
(Tom Lane <tgl@sss.pgh.pa.us>)
|
List | pgsql-sql |
Tom, > I don't understand the distinction you're trying to make here. In > general, a view column that is implemented as a function will give > the > optimizer headaches if you refer to it in WHERE --- the simplicity or > complexity of the function has got nothing to do with that AFAICS. OK. I thought that I noticed a difference between simple SQL functions and PL/pgSQL functions in this respect, but I could easily be mistaken. > Seems to me that such a change could be trivial, or a serious > headache, > with *either* SQL GRANT-based security or application-based security. > The critical factor is going to be whether you represented the > "voiding" > access privilege separately from the other special privileges of the > sysadmin. I don't see how one implementation is going to encourage > you > to have that foresight better than the other one would. It's a little difficult to explain wihtout a demo. It is possible, using a database with many views and functions which are the primary methods of DML and query access to develop analogous functionality using GRANT and REVOKE on the database objects. In fact, you *have* to do this if your users will have command-line access to the database. However, it's not easy. The interface-based system I use, in its simplest incarnation, takes into account only a 5-level user access system with no departmental user groups. Thus each user is: 0:No Access, 1:Read-only, 2:Data Entry, 3:Full Access, or 5:Admin. I create a table that lists all of the interfaces, and the required access level for each interface; if a user fails the access test for an interface, they are denied access with a firendly error message ("I'm sorry, you do not have sufficient access ..."). It's very simple to administrate because in order to change the access to a particular feature on has only to change the access level number. And the results of the access level test are much easier to trap in your client-side code than the results of a DENY access error would be. The last thing I want for my users is to have to contend with "5301: No rights on TABLE client_contacts." -Josh ______AGLIO DATABASE SOLUTIONS___________________________ Josh Berkus Complete informationtechnology josh@agliodbs.com and data management solutions (415) 565-7293 for law firms, small businesses fax 621-2533 and non-profit organizations. San Francisco