On 10 October 2014 11:08, Damian Wolgast <damian.wolg...@si-co.net> wrote: > >> The problem there is that the SQL for (2) changes frequently, so we >> want to give people SQL access. > > So you want to give people access to your SQL database and worry that they > could see specific information (credit card numbers) in plain and therefore > you want to format it, so that people cannot see the real data. Is that > correct? > > I'd either do that by only letting them access a view or be reconsidering if > it is really a good idea to give them SQL access to the server as they could > do other things which e.g. could slow down the server enormously. > Never trust the user. So I see what you want to achieve but I am not sure if > the reason to do that is good. Can you explain please? > Maybe you should provide them an interface (e.g. web app) that restricts > access to certain functions and cares about formatting.
The requirement for redaction cannot be provided by a view. A view provides a single value for each column, no matter whether it is used in SELECT or WHERE clause. Redaction requires output formatting only, but unchanged for other purposes. Redaction is now a feature available in other databases. I guess its possible its all smoke and mirrors, but thats why we discuss stuff before we build it. -- Simon Riggs http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Training & Services -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
