Re: [GENERAL] Permissions, "soft read failure" - wishful thinking?

2015-12-15 Thread George Neuner
On Mon, 14 Dec 2015 09:55:02 -0800, Benjamin Smith wrote: >Is there a way to set PG field-level read permissions so that a deny doesn't >cause the query to bomb, but the fields for which permission is denied to be >nullified? How about using encryption?

Re: [GENERAL] Permissions, "soft read failure" - wishful thinking?

2015-12-15 Thread Stephen Frost
Benjamin, * Benjamin Smith (li...@benjamindsmith.com) wrote: > Is there a way to set PG field-level read permissions so that a deny doesn't > cause the query to bomb, but the fields for which permission is denied to be > nullified? Not directly, no. One approach would be to create views

Re: [GENERAL] Permissions, "soft read failure" - wishful thinking?

2015-12-14 Thread David G. Johnston
On Monday, December 14, 2015, Jack Christensen wrote: > On 12/14/2015 11:55 AM, Benjamin Smith wrote: > >> Is there a way to set PG field-level read permissions so that a deny >> doesn't >> cause the query to bomb, but the fields for which permission is denied to >> be

Re: [GENERAL] Permissions, "soft read failure" - wishful thinking?

2015-12-14 Thread rob stone
On Mon, 2015-12-14 at 09:55 -0800, Benjamin Smith wrote: > Is there a way to set PG field-level read permissions so that a deny > doesn't > cause the query to bomb, but the fields for which permission is > denied to be > nullified? > > In our web-based app, we have a request to implement

Re: [GENERAL] Permissions, "soft read failure" - wishful thinking?

2015-12-14 Thread Benjamin Smith
On Monday, December 14, 2015 05:25:16 PM Adrian Klaver wrote: > > FOLLOWUP QUESTION: is there a way to ask the query planner what > > tables/fields were output in a database result? > > Just dawned on me, are you asking if EXPLAIN can output more detailed > information? Ha ha, in another post,

Re: [GENERAL] Permissions, "soft read failure" - wishful thinking?

2015-12-14 Thread Adrian Klaver
On 12/14/2015 04:22 PM, Benjamin Smith wrote: On Monday, December 14, 2015 01:02:00 PM you wrote: On 12/14/2015 09:55 AM, Benjamin Smith wrote: Is there a way to set PG field-level read permissions so that a deny doesn't cause the query to bomb, but the fields for which permission is denied to

Re: [GENERAL] Permissions, "soft read failure" - wishful thinking?

2015-12-14 Thread Jack Christensen
On 12/14/2015 11:55 AM, Benjamin Smith wrote: Is there a way to set PG field-level read permissions so that a deny doesn't cause the query to bomb, but the fields for which permission is denied to be nullified? In our web-based app, we have a request to implement granular permissions:

Re: [GENERAL] Permissions, "soft read failure" - wishful thinking?

2015-12-14 Thread Benjamin Smith
On Monday, December 14, 2015 05:20:52 PM Adrian Klaver wrote: > > FOLLOWUP QUESTION: is there a way to ask the query planner what > > tables/fields were output in a database result? > > I am not following, that would be in the query output would it not? A > more detailed explanation of what you

Re: [GENERAL] Permissions, "soft read failure" - wishful thinking?

2015-12-14 Thread David G. Johnston
On Monday, December 14, 2015, Benjamin Smith wrote: > On Monday, December 14, 2015 05:25:16 PM Adrian Klaver wrote: > > > FOLLOWUP QUESTION: is there a way to ask the query planner what > > > tables/fields were output in a database result? > > > > Just dawned on me, are

Re: [GENERAL] Permissions, "soft read failure" - wishful thinking?

2015-12-14 Thread Adrian Klaver
On 12/14/2015 04:22 PM, Benjamin Smith wrote: Ccing list On Monday, December 14, 2015 01:02:00 PM you wrote: On 12/14/2015 09:55 AM, Benjamin Smith wrote: Is there a way to set PG field-level read permissions so that a deny doesn't cause the query to bomb, but the fields for which permission

Re: [GENERAL] Permissions, "soft read failure" - wishful thinking?

2015-12-14 Thread David G. Johnston
On Mon, Dec 14, 2015 at 10:55 AM, Benjamin Smith wrote: > Is there a way to set PG field-level read permissions so that a deny > doesn't > cause the query to bomb, but the fields for which permission is denied to > be > nullified? > > In our web-based app, we have a

Re: [GENERAL] Permissions, "soft read failure" - wishful thinking?

2015-12-14 Thread Karsten Hilbert
On Mon, Dec 14, 2015 at 09:55:02AM -0800, Benjamin Smith wrote: > Is that there is a way to let the query succeed, but nullify any fields where > read permissions fail? What about real field values begin NULL ? Karsten -- GPG key ID E4071346 @ eu.pool.sks-keyservers.net E167 67FD A291 2BEA

[GENERAL] Permissions, "soft read failure" - wishful thinking?

2015-12-14 Thread Benjamin Smith
Is there a way to set PG field-level read permissions so that a deny doesn't cause the query to bomb, but the fields for which permission is denied to be nullified? In our web-based app, we have a request to implement granular permissions: table/field level permissions. EG: userX can't read

Re: [GENERAL] Permissions, "soft read failure" - wishful thinking?

2015-12-14 Thread Adrian Klaver
On 12/14/2015 09:55 AM, Benjamin Smith wrote: Is there a way to set PG field-level read permissions so that a deny doesn't cause the query to bomb, but the fields for which permission is denied to be nullified? In our web-based app, we have a request to implement granular permissions: