| From: | Bricklen <bricklen-rem(at)yahoo(dot)comz> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: row-level security model |
| Date: | 2004-04-01 15:33:26 |
| Message-ID: | aDWac.3600$dW5.2201@edtnps89 |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Bruno Wolff III wrote:
> On Wed, Mar 31, 2004 at 12:30:58 -0500,
> John DeSoi <jd(at)icx(dot)net> wrote:
>
>>I want to have multiple groups A, B, C where each group could only see
>>a subset of a table (any number of groups would be possible). If a user
>>is a member of groups A and B then the rows they can see should be the
>>union of what A and B can see. Ideally I could just write a SELECT rule
>>for a table or view that would somehow intersect the result rows of the
>>query with the result of the security function (I think Oracle has
>>something like this). So is it possible to write independent "access"
>>functions for each group and have them be dynamically combined based on
>>the group membership of the user? I want to do this at the database
>>level so the security can be enforced for any application or report
>>generator that is allowed to connect.
In Oracle, what you are referring to is Row Level Security, or VPD, or
whatever their marketing dept. is calling it this week.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | John Liu | 2004-04-01 15:43:06 | Re: select distinct w/order by |
| Previous Message | Tom Lane | 2004-04-01 15:28:08 | Re: 7.2.3-7.4.2 migration |