On 06/30/2013 08:45 PM, David Johnston wrote:
>
> So PostgreSQL is only useful, for shared hosting, when the only permissible
> access is via vendor-supplied resources (APIs, administrators, etc...)?
>
I'm not sure I understand, but I don't think that's what I'm saying. I
want my customers and coworkers to be self-sufficient. As it stands,
every time a new developer or database is created, they have to ask me
to log in as the superuser and perform dark magic to set the permissions
correctly. This gets worse as the number of users/databases grows.
I'd like there to be some way to do it automatically, like we can with
the website directory on the filesystem using the four commands I
mention in the README. This works forever, for any number of users or
subdirectories, without my intervention.
> With recent improvements in row-level security it seems that some desire
> exists to make shared hosting (on a single instance) more useful; but this
> is all for naught if you cannot get the permissions right.
We only need database-level permissions, but this sounds right.
> I haven't looked into the OP's materials but my experience tells me that
> either (or both) the permissions system is lacking some features or the
> resources to get people to properly use the features is insufficient.
Precisely. I'm very open to the possibility that I'm doing something
wrong. That would be the easiest to fix.