Sample Header Ad - 728x90

Operation level authorization in PostgreSQL

0 votes
2 answers
50 views
postgresql security row-level-security authorization
I'm developing an analytics application that provides multiple levels of visualization of a data warehouse in a Postgres DB. One of its requirements is that different users should have different levels of access to the data. For example, some users should only extract metrics (counts, avgs, sums) from a particular table, while others could drill down the data to the level of columns. Example: 
employee table

 id    | name   | salary
-------+--------+--------+
     1 | josé   |  20000 
     2 | joão   |  80000 
     3 | tiago  |  60000 

user 1 (can drill down)
------
=> select name from employee where id = 1 
=> josé

user 2 (can read only aggregate data)
------
=> select avg(salary) from employee
=> 53333.3333333
=> select name from employee where id = 1 
=> ERROR
I don't think that any RDBMS would provide that natively. But I wondered if there is any tool that could help me accomplish this authorization level without having to hard code it at the application level.
Asked by Felipe Felix (3 rep)
Nov 8, 2021, 04:45 PM
Last activity: Nov 10, 2021, 02:32 PM
Sidebar Ad - 300x250
Related Questions

Browse more questions from Database Administrators

More questions tagged "postgresql"
More questions tagged "security"
More questions tagged "row-level-security"
Footer Ad - 728x90