Re: Fine grained permissions on User Mapping

On 6/3/20 4:11 AM, Paul Bonaud wrote:
> Hi Tom,
> 
> Thank you very much for your answer.
> 
> I was worried to get this kind of solution, i.e. “don't be so miserly as 
> not to create a separate one for each privilege level you need.”, 
> however in the case of a remote database **you have no control over**it 
> sounds pretty impossible to do.
> 
> If I understand correctly, my initial question doesn't have a solution 
> within postgres, does this sound right?

As it stands now I can't think of one. You might reach out to the 
postgres_fdw folks and see if they could get it to use a service file:

https://www.postgresql.org/docs/12/libpq-pgservice.html

Then the user mapping could use information the end user can't see 
unless they had permissions on the file system.

> 
> Thanks again !
> Paul
> **


-- 
Adrian Klaver
adrian.klaver@aklaver.com