I'm converting a Microsoft Access database to PostgreSQL and writing all the
HTML and necessary server routines to migrate the database to web
technologies. It works fine on a stand-alone system, but we want to network
it now.
I have some experience with databases, having written some simple Access
applications, but I'm by no means an expert. I've had classes on database
design and am familiar with the basic concepts of organization,
normalization, entity relationships, and the like, but my immediate needs
are a bit more detailed.
My big question for this post regards database login by end users. In the
Access database, users logged in as a way of verifying to the database super
user that they were legitimate users of the database, but everything ran as
the DB owner (the super user I mentioned). In converting this application
I'm tempted to go the same route, but only because I saw that it worked in
Access. The users will have flags in their records stating their role, and
hence what they can and can't do, but I wonder if this is smart.
Would it be smarter/wiser/more secure/more efficient, etc., to have the
users actually log in to Postgres and assign them appropriate permissions to
tables and such, as opposed to having the database owner run everything with
knowledge of what the user is authorized to do?
Thanks in advance,
Dale