| From: | Bruno Wolff III <bruno(at)wolff(dot)to> |
|---|---|
| To: | Harald Massa <HaraldMassa(at)ghum(dot)de> |
| Cc: | Postgres Mailing List <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: row based security ... was Different views with same name for different users |
| Date: | 2002-01-22 18:56:26 |
| Message-ID: | 20020122185626.GA25753@wolff.to |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Sun, Jan 20, 2002 at 10:26:34PM +0100,
Harald Massa <HaraldMassa(at)ghum(dot)de> wrote:
> Hello,
>
> I have other words for my question, maybe they are more helpfull.
>
> What I'm looking for is ROW BASED SECURITY.
>
> That means:
>
> User A is allowed to look and update some rows
> User B is allowed to look and update some other rows
The "look" part can be done with views. To do updates rules need to be used.
If the security model is that each row of the database can have a single
security type associated with it, but that users can have multiple types,
then I suggest using a table listing valid username security type pairs
and joining this table with the underlying table in the views on the
security type and checking the the username column matches the current
user.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | mlw | 2002-01-22 19:45:25 | Re: [GENERAL] PostgreSQL Licence: GNU/GPL |
| Previous Message | Jonathan Ellis | 2002-01-22 18:39:46 | Re: detecting deadlocks |