On Mon, Jun 20, 2005 at 05:17:57PM -0700, Teunis Peters wrote: > > however - I'd like to restrict access to specific records and groups of > records (based on another table) - and I'm not even sure where to start > looking. I suspect I actually need to look into triggers and/or > embedded libraries to solve this (and this means writing it) but I > haven't figured where to start... > > basically per-record (given a set of rules) access restrictions. > > Please do let me know where I can ask more :) > > Looking for controlling SELECT, INSERT, UPDATE and DELETE. As I mentioned in my followup in pgsql-interfaces, you could use a view to restrict who can see what records, and you could use rules to allow inserts, updates, and deletes on the view. For more info and examples see CREATE VIEW and "The Rule System" in the documentation: http://www.postgresql.org/docs/8.0/static/sql-createview.html http://www.postgresql.org/docs/8.0/static/rules.html Be aware that rules have "gotchas" that can produce unexpected results. Make sure you understand what's really happening, and do thorough testing before putting anything into production. If views and rules don't sound like they'll work, then please provide more information about what you're doing. > I -am- interested in examples of server-side scripting as well... > am still searching. See "Server Programming" in the documentation: http://www.postgresql.org/docs/8.0/static/server-programming.html You could also search the list archives for phrases like "CREATE FUNCTION" -- many examples have been posted to the mailing lists over the years. See also resources like the General Bits newsletter: http://www.varlena.com/varlena/GeneralBits/ -- Michael Fuhr http://www.fuhr.org/~mfuhr/ ---------------------------(end of broadcast)--------------------------- TIP 9: In versions below 8.0, the planner will ignore your desire to choose an index scan if your joining column's datatypes do not match
