On 01/03/10 12:16, rawi wrote:
Not quite the way you suggest. You could build a series of views with
the WHERE conditions built in to them, and grant permissions on those
though.
Thank you very much for your help.
Unfortunately is this not what I hoped...
The permissions will be granted dynamic by the application out of the
user-records and expressed in the WHERE flags.
I'll need another approach...
You could write a set-returning function that takes either:
1. A list of conditions
2. The text for a WHERE clause
If it gets no conditions or a blank string, it returns nothing.
You will need to create the function with SECURITY DEFINER permissions,
as a user who can read from the table. Make sure the application cannot
read from the table and has to use the function.
--
Richard Huxton
Archonet Ltd
--
Sent via pgsql-sql mailing list (pgsql-sql@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-sql
