I guess most applications have exactly one database user. Why not use one database for each application user?
Example: User "foo" in my web application has a corresponding database user "foo". This way you could use row level security from the database. PostgreSQL has a lot of interesting features: https://www.postgresql.org/docs/devel/static/ddl-rowsecurity.html Use case: Show me all items which user "foo" is allowed to see. -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/7d1eaa8c-d80a-4390-aaf9-8a95d3fcf6b4%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
