| From: | Jack Christensen <jackc(at)hylesanderson(dot)edu> |
|---|---|
| To: | Rick Genter <rick(dot)genter(at)gmail(dot)com> |
| Cc: | pgsql <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Multiple table relationship constraints |
| Date: | 2011-05-09 13:35:33 |
| Message-ID: | 4DC7EDA5.7030906@hylesanderson.edu |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 5/5/2011 3:26 PM, Rick Genter wrote:
>
> Hm. I think the way I would handle this is to put the business logic
> for inserting/updating into the room_assignments table into one or
> more functions and have a special user that owns the tables and owns
> the functions and declare the functions to be SECURITY DEFINER. Revoke
> INSERT/UPDATE/DELETE access to the tables from all other users. Then
> you grant your regular users EXECUTE access to the functions. The
> functions run as the user that created them, so they will have direct
> INSERT/UPDATE/DELETE access to the tables while your regular users won't.
>
Thanks everyone for your advice. I think this type of approach will be
very helpful.
--
Jack Christensen
jackc(at)hylesanderson(dot)edu
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Gabriele Bartolini | 2011-05-09 13:44:41 | Re: Streaming replication info |
| Previous Message | Guillaume Lelarge | 2011-05-09 10:03:41 | Re: Possible to replicate a single table with Pg 9.0.4? |