On 2019-08-24 13:22:38 +0200, Luca Ferrari wrote:
> On Sat, Aug 24, 2019 at 11:53 AM Peter Wainaina <petwah17@gmail.com> wrote:
> >
> > Thanks much for the response. This is what I mean am a database
^^^^^^^^^^^^^
> > administrator for a production company and the product owner doesn't
^^^^^^^^^^^^^
> > want me to be able to either read or write information that will
> > come from Django application.
>
> I personally hate this kind of setup, because it does not make any
> sense to me that a developer must setup an application that must
> interact with a database that the developer himself cannot interact
> with.
Peter is the DBA here, not the developer. I don't think you can prevent
the DBA from seeing the data in the database - except by encrypting it
(as you suggested below). I guess it would be possible to write a Django
backend which implements an encryption layer, but getting decent
performance out of it might be ... challenging.
> However, keep it simple: define a django user, assign each object to
> such user, revoke any permission from public.
> And then let's the product owner setup a password.
You can still access the tables as postgres.
Of course you could set up another database instance where you don't
have DBA privileges, but then the product owner has to trust the system
administrator instead of the DBA. At some point you have to trust
somebody or do everything yourself.
hp
--
_ | Peter J. Holzer | we build much bigger, better disasters now
|_|_) | | because we have much more sophisticated
| | | hjp@hjp.at | management tools.
__/ | http://www.hjp.at/ | -- Ross Anderson <https://www.edge.org/>