Dado Feigenblatt <dado@wildbrain.com> writes:
> One thing that still isn't clear for me is how to implement access level
> control on a per row basis.
The SQL GRANT/REVOKE stuff doesn't deal with anything finer-grain than
tables. The best way I know to cope with a need for row-level read
access control is to create a view that shows only the records you want
someone to be able to see, then grant them access to the view not the
original table.
For write access control, you have a choice of putting the controls into
the ON INSERT etc rules you make for the view, or attaching triggers to
the underlying table and checking access permissions in the triggers.
The trigger method is probably easier to deal with, but bear in mind
that such triggers will fire for everyone, including people who've been
granted direct access to the underlying table. This might or might not
be just what you want...
regards, tom lane