On Fri, Sep 11, 2015 at 7:50 AM, Joe Conway <m...@joeconway.com> wrote: > On 09/01/2015 11:25 PM, Haribabu Kommi wrote: >> If any user is granted any permissions on that object then that user >> can view it's meta data of that object from the catalog tables. >> To check the permissions of the user on the object, instead of >> checking each and every available option, I just added a new >> privilege check option called "any". If user have any permissions on >> the object, the corresponding permission check function returns >> true. Patch attached for the same. >> >> Any thoughts/comments? > > Thanks for working on this! Overall I like the concept and know of use > cases where it is critical and should be supported. Some comments:
Here I attached an updated version of the patch with the following changes. Two options to the user to create catalog security on system catalog tables. ./initdb -C -D data With the above option during initdb, the catalog security is enabled on all shared system catalog tables. With this way the user can achieve the catalog security at database level. For some users this may be enough. Currently enabling catalog security is supported only at initdb. ALTER DATABASE <database> WITH CATALOG SECURITY=true; ALTER DATABASE <database> WITH CATALOG SECURITY=false; With the above commands, user can enable/disable catalog security on a database system catalog tables if multi-tenancy requires at table level. Currently setting catalog security at create database command is not supported. And also with alter database command to enable/disable to database where the backend is not connected. This is because of a restriction to execute the policy commands without connecting to a database. Pending things needs to be taken care: 1. select * from tenancy_user1_tbl1; ERROR: permission denied for relation tenancy_user1_tbl1 As we are not able to see the above user table in any catalog relation because of the multi-tenancy policies, but if user tries to select the data of the table directly, The error message comes as permission denied, I feel instead of the permission denied error, in case of multi-tenancy is enabled, the error message should be "relation doesn't exist". 2. Correct all catalog relation policies 3. Add regression tests for all system catalog relations and views. 4. Documentation changes Any comments? Regards, Hari Babu Fujitsu Australia
multi-tenancy_with_rls_poc_3.patch
Description: Binary data
-- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers