| From: | Doug McNaught <doug(at)mcnaught(dot)org> |
|---|---|
| To: | Michal Taborsky <michal(at)taborsky(dot)cz> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Row-level security--is it possible? |
| Date: | 2004-07-02 15:46:38 |
| Message-ID: | 87u0wqwgwx.fsf@asmodeus.mcnaught.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Michal Taborsky <michal(at)taborsky(dot)cz> writes:
> Doug McNaught wrote:
>> But why not create a "products_restricted" view that uses the
>> CURRENT_USER function to see who's running it?
>> CREATE VIEW products_restricted AS
>> SELECT * FROM products WHERE Producer_ID = get_producer_id(CURRENT_USER);
>> [CURRENT_USER returns a string, so you would need to map it to your
>> producer_id somehow.]
>
> This would work only for this case (limiting single producer to one
> user). But we want to have a bit more flexible system, so we'd be able
> define the restrictions freely (like "only producers 1 and 5 and price
> less than 100"). I'm sorry I did not mention this.
Have you looked into set-returning functions for this? That would let
you basically put whever logic you need into the function.
-Doug
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andy B | 2004-07-02 15:57:48 | Re: Enough RAM for entire Database.. cost aside, is this |
| Previous Message | Michal Taborsky | 2004-07-02 15:32:07 | Re: Row-level security--is it possible? |