In which module does query rewriting takes place
Hi,
We are trying to introduce access control. For this we have to rewrite the
input query by replacing each relation by its corresponding authorized view.
Which part of the code should we modify for this.
Till now we have thought of the following:
1. We take as input the parse tree generated by the parser.
2. We implement a "new" module which rewrites the parse tree into the format
we want.
3. We feed this new parse tree into the optimizer.
Does a module exist which rewrites the parse tree generated. We saw that
there exist some rewrite module in /src/backend/rewrite. Is that the correct
module to make changes to!
Thanks
Shaunak
--
It is not the aptitude but the attitude that decides a persons altitude
Shaunak Godbole
Senior Undergraduate
Computer Science Dept.
IIT Powai, Mumbai 400076
Ph no: 9819841537
Shaunak Godbole wrote:
Hi,
We are trying to introduce access control. For this we have to rewrite
the input query by replacing each relation by its corresponding
authorized view.
This sounds like a pretty ugly hack. There are already extensive access
controls available in postgres. What is there about the existing access
controls that does not do what you want?
cheers
andrew
Andrew Dunstan <andrew@dunslane.net> writes:
Shaunak Godbole wrote:
We are trying to introduce access control.
This sounds like a pretty ugly hack.
Perhaps more to the point, it's already been done:
http://veil.projects.postgresql.org/
regards, tom lane
Tom Lane wrote:
Andrew Dunstan <andrew@dunslane.net> writes:
Shaunak Godbole wrote:
We are trying to introduce access control.
This sounds like a pretty ugly hack.
Perhaps more to the point, it's already been done:
http://veil.projects.postgresql.org/
Ah, the missing piece is that case is "row level".
cheers
andrew