Re: Thoughts on row-level security for webapps?

From: Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com>
To: Siegfried Bilstein <sbilstein(at)gmail(dot)com>, pgsql-general(at)lists(dot)postgresql(dot)org
Subject: Re: Thoughts on row-level security for webapps?
Date: 2019-01-01 18:49:40
Message-ID: 79848fa2-ed90-4f06-04f9-a068c341a682@aklaver.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

On 12/31/18 8:57 AM, Siegfried Bilstein wrote:
> Hi all,
>
> I'm evaluating using a tool called Postgraphile that generates a
> GraphSQL server from a postgres setup. The recommended way of handling
> security is to implement RLS within postgres and simply have the
> webserver take a cookie or similar and define which user is querying data.
>
> I've normally built webapps like this: pull out user id from a session
> cookie -> the API endpoint verifies the user and whether or not it has
> access to the given data -> app code mutates the data.
>
> With Postgraphile the request specifies the mutation and the server
> processes the request and relies on Postgres to determine if the user
> has correct access rights.

So there is still user information being passed in, correct?

>
> It seems like I would need to create a ROLE for every single member that
> signs up for my website which I'm a little concerned about. Is this a
> common usage pattern for SQL security? Any gotchas relying on RLS?

The ROLE will be determined by the user name used to make the
connection. Is it possible to change the connection login depending on
the website user privileges?

>
> --
> Siggy Bilstein
> CTO ofAyuda Care <https://www.ayudacare.com>
> Book some time <https://calendly.com/siggy-cto> with me!

--
Adrian Klaver
adrian(dot)klaver(at)aklaver(dot)com

In response to

Browse pgsql-general by date

  From Date Subject
Next Message Chuck Martin 2019-01-01 19:05:48 Query help
Previous Message Adrian Klaver 2019-01-01 18:40:29 Re: Relocatable Binaries (RPMs) : custom installation path for PostgreSQL