| From: | Ben Morrow <ben(at)morrow(dot)me(dot)uk> |
|---|---|
| To: | mark(at)summersault(dot)com, pgsql-sql(at)postgresql(dot)org |
| Subject: | Re: Need help revoking access WHERE state = 'deleted' |
| Date: | 2013-02-28 18:02:05 |
| Message-ID: | 20130228180201.GA10412@anubis.morrow.me.uk |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-sql |
Quoth mark(at)summersault(dot)com (Mark Stosberg):
>
> We are working on a project to start storing some data as "soft deleted"
> (WHERE state = 'deleted') instead of hard-deleting it.
>
> To make sure that we never accidentally expose the deleted rows through
> the application, I had the idea to use a view and permissions for this
> purpose.
>
> I thought I could revoke SELECT access to the "entities" table, but then
> grant SELECT access to a view:
>
> CREATE VIEW entities_not_deleted AS SELECT * FROM entities WHERE state
> != 'deleted';
>
> We could then find/replace in the code to replace references to the
> "entities" table with the "entities_not_deleted" table
(If you wanted to you could instead rename the table, and use rules on
the view to transform DELETE to UPDATE SET state = 'deleted' and copy
across INSERT and UPDATE...)
> However, this isn't working, I "permission denied" when trying to use
> the view. (as the same user that has had their SELECT access removed to
> the underlying table.)
Works for me. Have you made an explicit GRANT on the view? Make sure
you've read section 37.4 'Rules and Privileges' in the documentation,
since it explains the ways in which this sort of information hiding is
not ironclad.
Ben
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Mark Stosberg | 2013-02-28 18:35:15 | Re: Need help revoking access WHERE state = 'deleted' |
| Previous Message | Mark Stosberg | 2013-02-28 16:37:39 | Need help revoking access WHERE state = 'deleted' |