Thread: view and column rights

Hi list,

If I give column rights to a user, I can't use a general view for him, which
is normal.
I read a lot about DBs and some specialists say that I must not give
direct data (table) access to users but always through a view.

Are they right? (meaning I must have as much views as users - and how
can I do that, where to put them, shall I generate them on-ze-fly,...?),

or are they wrong (meaning I only have to recover user's rights at
connection and build my queries accordingly directly toward tables)?

Whatever the complexity, security is the master word here.

JY
--
A sine curve goes off to infinity, or at least the end of the blackboard.
        -- Prof. Steiner

"Jean-Yves F. Barbier" <12ukwn@gmail.com> writes:
> I read a lot about DBs and some specialists say that I must not give
> direct data (table) access to users but always through a view.

I don't believe that idea is meant to offer added security.  What it is
said to be good for is isolating your applications from future changes
in the definition of the underlying table.  I think its actual
usefulness for that is pretty limited, though.

Because PG lacks automatically-updatable views, it's difficult to
recommend this approach except for cases where the users need only
read-only access.  Otherwise you're going to be trying to rely on
rules to handle update cases, and you'll be in for a world of pain.
The rule mechanism is full of gotchas.

Personally I'd skip the insulating-view idea in nearly all cases.

            regards, tom lane