Re: User permissions

[ Doug McNaught ]

> We had a nice little flamewar about this a few weeks ago.  ;)

OK. I'll look into the arguments in the war...

> The "Postgres" way to do it is to lock the unprivileged user out of
> the "real" tables, and create views for that user to access.  The
> views can include only the fields that you want them to see, and you'd
> create ON INSERT/DELETE/UPDATE rules to validate input and write to
> the actual tables.

Hmmm. I'm not going to start another flame war, but I think this seems
like it could be somewhat easier with the Oracle solution (at least
what I have heard from Oracle-users) that enables you to restrict a
database user only to execute predefined functions.

As I understand it I need to create functions, views and triggers to
get what I want.

> This is kind of a different way of thinking about it than the "proxy
> functions" concept but you should be able to do everything you want to
> do.

With programming, everything is possible. :)

--
Lars Preben