Hello all,
I'm not much of a database professional, so my questions might sound silly ;)
I was wondering if PostgreSQL authorization rules can be aplied on
specific rows of a given table. I mean, AFAIK the GRANT statement
cannot be used for such purpose.
The other way I looked into implement such behavior was to use
triggers (naive approach?), but, looking into the documentation, I see
that those cannot be applied on SELECT statements.
What I actually need is a flexible mechanism for figuring out if a
given user can or cannot see/change/add/delete information on the DB,
based on a dinamic set of strategies - per record. Think of
filesystems, where each file has its own set of permission rules.
Except that the permission rules could be more flexible and dinamic.
So, if such mechanism is currently not possible to be used, is there
any interest (or is it coherent, viable and desirable) to support such
feature in PostgreSQL?
If not, has anyone suggestions about this?
Thanks,
--
Thiago Silva
Blog: www.sourcecraft.info/blog
Jabber: tsilva@jabber.org