Re: Row-level security--is it possible?
| От | Bruno Wolff III |
|---|---|
| Тема | Re: Row-level security--is it possible? |
| Дата | |
| Msg-id | 20040702170624.GA30978@wolff.to обсуждение исходный текст |
| Ответ на | Re: Row-level security--is it possible? (Michal Taborsky <michal@taborsky.cz>) |
| Список | pgsql-general |
On Fri, Jul 02, 2004 at 17:32:07 +0200, Michal Taborsky <michal@taborsky.cz> wrote: > Doug McNaught wrote: > >But why not create a "products_restricted" view that uses the > >CURRENT_USER function to see who's running it? > > > >CREATE VIEW products_restricted AS > >SELECT * FROM products WHERE Producer_ID = get_producer_id(CURRENT_USER); > > > >[CURRENT_USER returns a string, so you would need to map it to your > >producer_id somehow.] > > This would work only for this case (limiting single producer to one > user). But we want to have a bit more flexible system, so we'd be able > define the restrictions freely (like "only producers 1 and 5 and price > less than 100"). I'm sorry I did not mention this. Then you can create a group table matching up producers and authorized users. The view should join the base table with the group table on producer and limit the results to users matching the "current_user". With appropiate indexes this should be fast.
В списке pgsql-general по дате отправления: