Re: row based security ... was Different views with same name
| От | Bruce Momjian |
|---|---|
| Тема | Re: row based security ... was Different views with same name |
| Дата | |
| Msg-id | 200201212003.g0LK3D205083@candle.pha.pa.us обсуждение исходный текст |
| Ответ на | Re: row based security ... was Different views with same name for (Marc Munro <marc@bloodnok.com>) |
| Список | pgsql-general |
Marc Munro wrote: > Harald wants to be able to show different users different subsets of > data, and also give them different update permissions. > > This is also what I want to do with a PostrgeSQL implementation of > Virtual Private Databases. Harald, you might want to check out some of > Oracle's documentation on this to help soldify your own ideas. Google > should be able to help. If not contact me and I'll see what I can find > for you. > > Here is a quick view of what I want to achieve: > > Consider a table "t_x" to which we wish to control access according to > the value of its "name" field, and the caller's access rights. > > We create a view "x" on this table as follows: > > create view x as > select * > from t_x > where i_can_see(name); > > The access control is now placed firmly in the hands of the i_can_see() > function which we can make as simple or complex as we like. And we can > play similar tricks with update, insert and delete rules. That is a fantastic trick. -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 853-3000 + If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill, Pennsylvania 19026
В списке pgsql-general по дате отправления: