| From: | John McKown <john(dot)archie(dot)mckown(at)gmail(dot)com> |
|---|---|
| To: | Geoff Winkless <pgsqladmin(at)geoff(dot)dj> |
| Cc: | Szymon Lipiński <mabewlun(at)gmail(dot)com>, Chris Travers <chris(dot)travers(at)gmail(dot)com>, dandl <david(at)andl(dot)org>, pgsql-general <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Thoughts on "Love Your Database" |
| Date: | 2016-05-04 13:25:16 |
| Message-ID: | CAAJSdjjUa5aqChW9u_-=SKH21SiqPN5pPFSPiNGFZU+5L7WAKg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Wed, May 4, 2016 at 8:13 AM, Geoff Winkless <pgsqladmin(at)geoff(dot)dj> wrote:
> <snip>
>
> The sensible way is to do it as John wrote - to restrict access rights
> to everyone except admin to calling functions only. That way the
> functions are written by the people who are paid to understand the
> business rules and the data behind it, and the application developers
> can ask those experts to do the heavy lifting for them. Having to
> persuade management that they should no longer be able to connect the
> database to MS Access and make changes that way will usually put an
> end to that pure model, though. :)
>
Allowing PHBs direct access to company data is a nasty thing. They become
like some users who "know Excel". They are now just as knowledgeable as
someone who's been doing this for years. I've actually heard one say
something akin to: "Damn it, I can write Excel formulas. I know very well
that an new function on the web site could be written in less than a day,
if you'd just get off you a$$ and do it."
>
> Geoff
>
>
>
--
The unfacts, did we have them, are too imprecisely few to warrant our
certitude.
Maranatha! <><
John McKown
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Adrian Klaver | 2016-05-04 13:30:00 | Re: Do parallel queries work with only dblink not with fdw? |
| Previous Message | Geoff Winkless | 2016-05-04 13:13:47 | Re: Thoughts on "Love Your Database" |