| From: | Darren Duncan <darren(at)darrenduncan(dot)net> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Performance question: Commit or rollback? |
| Date: | 2011-12-24 19:34:01 |
| Message-ID: | 4EF62929.4080806@darrenduncan.net |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Chris Angelico wrote:
> On Sat, Dec 24, 2011 at 11:46 PM, vinny <vinny(at)xs4all(dot)nl> wrote:
>> How about using a databaseuser that has it's create/update/delete rights
>> revoked? That will cause an error if the supposedly read-only routine
>> does try to change data.
>
> Also, we want to minimize debugging time by having
> both read-only and read-write access use almost exactly the same code
> and DB access, meaning that we should not need to test every module in
> every mode.
You can do it correctly while reusing all of your code; you just have different
arguments at connect time and otherwise your code uses the connection handle in
the same way afterwards. Its fine to have flags in the app so the app just
tries acceptable things, but privileges in the database are the only way to
actually be safe and resilient against accidental changes. -- Darren Duncan
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alban Hertroys | 2011-12-24 21:32:17 | Re: postgresql triggers - defining a global resource (java) |
| Previous Message | Vincent Veyron | 2011-12-24 17:03:07 | Re: PostgreSQL DBA in SPAAAAAAAACE |