Wednesday, June 18, 2008

Re: [GENERAL] Controlling write access to a table

Dave Coventry wrote:
> Hi.
>
> I have a database with all of the particulars of our students and I am
> adding a table that will contain all of the courses and the grades
> attained by the students.

[snip]

> The marks (or grades) of the students are a different matter and we
> want to restrict changes to this data to a very few people.
>
> I'm presuming that this is not a unique problem, but I have been
> unable to find anything helpful on google.

If your different classes of users log in with different usernames and
passwords to the database, then you can do this rather simply with roles
and table priveleges. See the GRANT and REVOKE statements.

http://www.postgresql.org/docs/current/static/sql-grant.html
http://www.postgresql.org/docs/current/static/sql-revoke.html

and ROLE management:

http://www.postgresql.org/docs/current/static/sql-createrole.html

If your users all log in with the same username and password via some
kind of web app, persistence layer, or whatever, then you will have to
write the access control yourself at the application level.

--
Craig Ringer

--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general

No comments: