Thread: users, address record restrictions

users, address record restrictions

From
Teunis Peters
Date:
I've got an interesting problem - this MIGHT (probably) isn't the right 
forum for this.

however - I'd like to restrict access to specific records and groups of 
records (based on another table) - and I'm not even sure where to start 
looking.  I suspect I actually need to look into triggers and/or 
embedded libraries to solve this (and this means writing it) but I 
haven't figured where to start...

basically per-record (given a set of rules) access restrictions.

Please do let me know where I can ask more :)

Ta!- Teunis Peters



Re: users, address record restrictions

From
Michael Fuhr
Date:
On Mon, Jun 20, 2005 at 11:51:11AM -0700, Teunis Peters wrote:
>
> I've got an interesting problem - this MIGHT (probably) isn't the right 
> forum for this.

pgsql-general is usually a good place if you're not sure where a
question belongs.  This doesn't sound much like an interfaces
problem.

> however - I'd like to restrict access to specific records and groups of 
> records (based on another table) - and I'm not even sure where to start 
> looking.

By "access" do you mean SELECT only, or also INSERT, UPDATE, and/or
DELETE?  One possibility might be to use a view with a WHERE clause
that does the restriction.  You'd revoke all privileges from the
underlying tables and grant whatever privileges people need on the
view, possibly adding rules to rewrite INSERT, UPDATE, and DELETE
operations.

-- 
Michael Fuhr
http://www.fuhr.org/~mfuhr/