Re: RFC: Command Restrictions by INI file with Audit Logging (DROP/TRUNCATE/DELETE)

"David G. Johnston" <david.g.johnston@gmail.com> writes:
> On Sunday, May 4, 2025, ADRIANO BOLLER <adriano@wxsolucoes.com.br> wrote:
>> Subject: RFC: INI-based Command Restriction Layer for DROP/TRUNCATE/DELETE
>> with Audit Logging

> I seem to recall similar features being discussed previously.  Finding
> those discussion would be nice.

I don't have an opinion on whether this is actually a feature we want,
but a couple of thoughts:

1. This seems to overlap a whole lot with one intended use-case for
event triggers.  You could likely build it as an extension, relying
on an event trigger to get control at the right places.

2. The choice of .INI format for the config file seems a bit
non-simpatico for Postgres.  We have nothing else that uses that,
which for starters means you'd have to write your own parser.
Something that might integrate better is JSON; we already have
code for that, and use-cases such as backup manifest files.

            regards, tom lane