| From: | Bruno Wolff III <bruno(at)wolff(dot)to> |
|---|---|
| To: | Renato Cramer <renato(at)domsis(dot)com(dot)br> |
| Cc: | "List Pgsql-General (E-mail)" <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Access restrictions on rows depending on value of the a column |
| Date: | 2004-08-12 17:44:47 |
| Message-ID: | 20040812174447.GB8739@wolff.to |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Thu, Aug 12, 2004 at 09:54:25 -0300,
Renato Cramer <renato(at)domsis(dot)com(dot)br> wrote:
> Hello All,
>
> There is data of several enterprises (ours clients) in a single database.
> All tables have a column on primary key what identify the enterprise called
> id_enterprise.
> My objective is restrict users access on rows depending on value of the
> column id_enterprise.
> That is, an user can access data only of his enterprise.
>
> I don't want use where clause.
> There is some way of determine this in database?
You can use a view to do this. If they need to modify the data, then you
will need to use rules to make an updateable view. The easy way to do
this is to have a table that maps users to the id_enterprise values that
they are allowed to access and for each table you want to grant access
to, join this special table in the view using the current_user as the
the user to test against.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Laura Vance | 2004-08-12 18:02:48 | Re: My admin left the job and I am stuck |
| Previous Message | Karam Chand | 2004-08-12 17:42:28 | Re: Strange pg_hba.conf error (repost) |