Hi All, I'd like to ask some help on finding out which is the best way to automatically give permissions for users to access database objects. I try to plan a system where there are users who are sorted into groups (mirror of the orgaization). The groups should have permissions for functionalities (say program modules) depending on their rule in the organization. The program modules are based on several database objects (e.g. tables, functions, triggers, ...), and the groups should have permissions directly to db objects. The db objects must be linked to program modules. etc. I thought that the simplest way is giving the permissions to the groups and adding users to one or more group instead of giving the permissions directly to the individual users. I suppose that every modification on a group a whole revoke/grant resetting must be run. How could I make this permission handling flexible and robust. I'd like to avoid such solutions where every user can do anything, and just the client software hides the not permitted modules, because in this situation anyone can start a PGAdmin III and do anything in the database. So the database level permission handling is crutial. Many thanks, -- Csaba Együd -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.7.4 - Release Date: 2005.01.25. -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.7.4 - Release Date: 2005.01.25. ---------------------------(end of broadcast)--------------------------- TIP 8: explain analyze is your friend
