Dave Coventry wrote: > Hi. > > I have a database with all of the particulars of our students and I am > adding a table that will contain all of the courses and the grades > attained by the students. [snip] > The marks (or grades) of the students are a different matter and we > want to restrict changes to this data to a very few people. > > I'm presuming that this is not a unique problem, but I have been > unable to find anything helpful on google. If your different classes of users log in with different usernames and passwords to the database, then you can do this rather simply with roles and table priveleges. See the GRANT and REVOKE statements. http://www.postgresql.org/docs/current/static/sql-grant.html http://www.postgresql.org/docs/current/static/sql-revoke.html and ROLE management: http://www.postgresql.org/docs/current/static/sql-createrole.html If your users all log in with the same username and password via some kind of web app, persistence layer, or whatever, then you will have to write the access control yourself at the application level. -- Craig Ringer
