On Sat, Nov 25, 2023 at 4:49 AM Peter J. Holzer <hjp-pg...@hjp.at> wrote:
> On 2023-11-24 13:06:45 -0500, Ron Johnson wrote: > > On Fri, Nov 24, 2023 at 1:01 PM Peter J. Holzer <hjp-pg...@hjp.at> > wrote: > > On 2023-11-20 22:03:06 -0500, Ron Johnson wrote: > > > Or row level security. > > > > Does that help here? AIUI row level security can be used to limit > access > > to specific rows (e.g. user alex can access info about ssn > '106-91-9930' > > but not '234-56-7890') but not how many rows can be accessed in a > single > > query. > > > > > > I don't think OP indicated that ssn in a unique key. > > No he didn't, but that's IMHO not relevant to the possibility of using > row level security. If a row level security allows a user to select a > row, that row can be selected by any query, including «select * from t». > I don't see a way to use RLS to ensure that a query can only return a > sufficiently small subset of the total rows a user has access to. > How would you do that? > It's an alternative to functions for restricting the client to only his data.
