From: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
---|---|
To: | Benjamin Smith <lists(at)benjamindsmith(dot)com> |
Cc: | "pgsql-general(at)postgresql(dot)org" <pgsql-general(at)postgresql(dot)org> |
Subject: | Re: Permissions, "soft read failure" - wishful thinking? |
Date: | 2015-12-14 19:35:55 |
Message-ID: | CAKFQuwbxYAhWAimkOuSdbAHm69yb3XNb5vooYJaA_v9KyU+gZw@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
On Mon, Dec 14, 2015 at 10:55 AM, Benjamin Smith <lists(at)benjamindsmith(dot)com>
wrote:
> Is there a way to set PG field-level read permissions so that a deny
> doesn't
> cause the query to bomb, but the fields for which permission is denied to
> be
> nullified?
>
> In our web-based app, we have a request to implement granular permissions:
> table/field level permissions. EG: userX can't read
> customers.socialsecurity in
> any circumstance. We'd like to implement DB-level permissions; so far,
> we've
> been using an ORM to manage CRUD permissions.
>
> This is old hat, but our system has a large number of complex queries that
> immediately break if *any* field permission fails. So, implementing this
> for
> customers could be *very* painful....
>
> Is that there is a way to let the query succeed, but nullify any fields
> where
> read permissions fail? (crossing fingers) We'd be watching the PG logs to
> identify problem queries in this case
> .
>
Not for at least a year even if someone wanted to take on this project.
As far along as we are now 1.5 to 2 years would be a more reasonable
minimum. That said you can always patch and distribute your own version
until the patch goes mainstream.
I'm not convinced that the obligations the project takes on by implementing
such a feature sufficiently surpass the benefits it would provide.
Unfortunately it also doesn't seem to fit very well as an "extension"
either - you probably would have to patch the core code to make anything of
this form work.
I'm not sure what you expect the logs to show since these queries would not
longer be "problem queries"...
David J.
From | Date | Subject | |
---|---|---|---|
Next Message | David Steele | 2015-12-14 20:40:26 | Re: postgresql 9.3 failover time |
Previous Message | Karsten Hilbert | 2015-12-14 19:20:15 | Re: Permissions, "soft read failure" - wishful thinking? |