Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Why have a role per user instead of just defining the row policy with the user directly?


In Postgres a "role" really is equivalent to a user. A user in Postgres is just a role with the ability to log in.


Yes but I’m presuming the person I was responding to meant “role” in the context you’re talking about, but by “user” they meant a row in some “users” or “customers” table corresponding to their application. Questioning the need to “create role” for every application user.


How does that work? With per "user" roles, I can SET ROLE "user-1000" and enter their authz context without changing any of my queries. How would this work without per-user roles?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: