Stephen Frost writes:
> This begs the question of if this is something PG should just allow
> rather than denying the update.
AFAICT, throwing a permissions error for "UPDATE SET foo = foo" is
required by the SQL standard. There's nothing in there about "it's
okay depending on what you assign to
Stephen Frost wrote:
> * Craig Ringer (cr...@postnewspapers.com.au) wrote:
>> The issue with column privs is that Hibernate lists all columns, even
>> ones it hasn't set or altered, in the INSERT and UPDATE statements it
>> issues. Column privileges are checked based on the INSERT or UPDATE
>> colu
* Craig Ringer (cr...@postnewspapers.com.au) wrote:
> The issue with column privs is that Hibernate lists all columns, even
> ones it hasn't set or altered, in the INSERT and UPDATE statements it
> issues. Column privileges are checked based on the INSERT or UPDATE
> column list, not the actual val
Craig Ringer wrote:
> One of the apps using the database uses the Hibernate ORM system for
> Java. While excellent in most ways, it's giving me some trouble when it
> comes to inserts/updates on tables with column privileges.
>
> It's easy enough to tell Hibernate that certain columns are not
> in
On 16/12/2009 5:06 PM, Willy-Bas Loos wrote:
Do you mean that you use the postgresql role system as authentication
and authorization mechanism in your app through hibernate?
Correct.
Actually I make a plain 'ol JDBC connection with the user-supplied
credentials to test the user's auth and do
Hi Craig,
Do you mean that you use the postgresql role system as authentication
and authorization mechanism in your app through hibernate?
I don't understand how that should work. How do you authenticate?
As far as i know, the way to achieve what you want is through an
authorization layer on top
Hi folks
Now that column privileges are supported (fantastic!), I've been looking
at replacing some of my unpleasantly verbose (and probably error-prone)
trigger code that's responsible for limiting which roles can modify
which columns in some tables.
I've run into a bit of a roadblock, and I'm w
