| From: | "Peter J(dot) Holzer" <hjp-pgsql(at)hjp(dot)at> |
|---|---|
| To: | pgsql-general(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Can user specification of a column value be required when querying a view ? |
| Date: | 2023-11-25 09:49:42 |
| Message-ID: | 20231125094942.p3vdynfg2slsn2ok@hjp.at |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 2023-11-24 13:06:45 -0500, Ron Johnson wrote:
> On Fri, Nov 24, 2023 at 1:01 PM Peter J. Holzer <hjp-pgsql(at)hjp(dot)at> wrote:
> On 2023-11-20 22:03:06 -0500, Ron Johnson wrote:
> > Or row level security.
>
> Does that help here? AIUI row level security can be used to limit access
> to specific rows (e.g. user alex can access info about ssn '106-91-9930'
> but not '234-56-7890') but not how many rows can be accessed in a single
> query.
>
>
> I don't think OP indicated that ssn in a unique key.
No he didn't, but that's IMHO not relevant to the possibility of using
row level security. If a row level security allows a user to select a
row, that row can be selected by any query, including «select * from t».
I don't see a way to use RLS to ensure that a query can only return a
sufficiently small subset of the total rows a user has access to.
How would you do that?
hp
--
_ | Peter J. Holzer | Story must make more sense than reality.
|_|_) | |
| | | hjp(at)hjp(dot)at | -- Charles Stross, "Creative writing
__/ | http://www.hjp.at/ | challenge!"
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Zahir Lalani | 2023-11-25 11:41:38 | RE: Odd Shortcut behaviour in PG14 |
| Previous Message | Adrian Klaver | 2023-11-24 23:24:44 | Re: replication primary writting infinite number of WAL files |