Search Postgresql Archives

Re: Advice needed on application/database authentication/authorization/auditing model

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

In article <20101022161331.GD9770@xxxxxxxxxxxxxxxxxxxx>,
Peter Bex <Peter.Bex@xxxxxxxxx> writes:

> As far as I can see, this would imply either creating views on the
> <whatever> for every user (or company?), or manually crafting queries
> to do the same.

Not necessarily. Consider this:

  CREATE TABLE t1 (
    id serial NOT NULL,
    val int NOT NULL,
    usr text NOT NULL,
    PRIMARY KEY (id)
  );

  COPY t1 (val, usr) FROM stdin;
  1	u1
  2	u1
  3	u2
  4	u3
  \.

  CREATE VIEW t1v (id, val) AS
  SELECT id, val
  FROM t1
  WHERE usr = current_user;

Now user "u1" can only see rows 1 and 2.


-- 
Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux