On Sun, Sep 1, 2013 at 11:47 PM, Greg Smith <greg@2ndquadrant.com> wrote:
> And if someone can INSERT values that they can't actually see once they're
> committed, that's a similarly bad we should describe.
This is desirable in some cases but not others. If the goal is
compartmentalization, then it's sensible to prevent this. But you
might also have a "drop-box" environment - e.g. a student submits
coursework to a professor, and can't access the submitted work after
it's submitted. FWIW, my CS classes in college had a tool that worked
just this way.
Or maybe an analyst writes a report and is then permitted to "give
away" the document to his boss for revisions. Once the ownership of
the document has changed, the analyst can't see it any more, because
he can only see the documents he owns. And maybe he's not permitted
to give away documents to just anyone (polluting their sandbox), but
he can give them to his boss (who expects to receive them).
The point is that we should be in the business of providing mechanism,
not policy.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company