On Wed, 2 Jul 2014, Adrian Klaver wrote:
To follow up on my previous post. If you have your own user table, having a user in that table with the same name as one of the Postgres role does not mean they pick up the Postgres role permissions.
Adrian, OK. Now I see the issue. What I have created as roles are what would be considered group roles in versions < 8.1. Usernames in the Users table are individuals; e.g., Fred Flintstone, George Gamov, Issac Azimov, etc. What I want to do, when the user is being added to the system, is specify the group to which this new user should be assigned so that the group's permissions are granted to him.
The permissions apply to the role that the user connects as in the connection parameters(or is changed to once connected). This is why something like Django has it owns permissions system. The framework connects to the database as a single role(which has sufficient Postgres permissions) and when users log in they are tracked by the Django permissions not by the Postgres system.
I considered making this a Web-based application using django, but I've no experience with this approach, the django learning curve is rather steep, and it would add the cost and time of setting up and maintaining an in-house (or colo) httpd server. That's not my expertise, interest, or business. So, a stand-alone application is the route I've chosen. Thanks, Rich
