Hi folks Now that column privileges are supported (fantastic!), I've been looking at replacing some of my unpleasantly verbose (and probably error-prone) trigger code that's responsible for limiting which roles can modify which columns in some tables. I've run into a bit of a roadblock, and I'm wondering if anybody else here has any experience with it. One of the apps using the database uses the Hibernate ORM system for Java. While excellent in most ways, it's giving me some trouble when it comes to inserts/updates on tables with column privileges. It's easy enough to tell Hibernate that certain columns are not insertable or not updatable, and it'll honour that, so there's no issue if all users have the same rights on a column. However, if rights vary depending on the roles and grants of the logged-in user, it's not clear how to inform it of that. I can always fall back on using col. privs only for columns _nobody_ should ever insert and/or update (ie trigger managed columns) but that wouldn't let me cut the bulk of the ugly trigger code. Alternately, I could let the Hibernate classes model only the common attributes that all users have the rights to, and use direct JDBC calls to update special-privilege attributes. The latter isn't actually too bad an option given the relatively few places in which this is an issue... but I'd really prefer to be able to stay within the otherwise very smooth Hibernate model if possible. Anybody have related experience / ideas? I'm thinking of braving the Hibernate web forums too, but I thought I'd drop a note here first given the way it's come up as part of adopting new Pg features. -- Craig Ringer -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
