user roles

Derek Atkins warlord@MIT.EDU
03 Jan 2001 09:56:58 -0500 

David Merrill <dmerrill@lupercalia.net> writes:

> I was speaking only about the audit trail within the db itself. I
> haven't given any thought to other auditing requirements.

Ok, so long as we don't require a specific database login for each
registered user, I'm ok with that. ;)

> BTW, I think postgres supports Kerberos.

Hrm, I didn't know that.. You learn something new every day (hrm, this
is a bad sign -- it's only 10am! :)

> I want the final shipping package to be preconfigured with working,
> configured roles. The admin will be able to change them, or completely

Agreed.

> "Does this imply that roles need ACLs too" short answer, yes. Long
> answer, all ACLs are assigned via a role, never directly to an
> individual. All rights are obtained via a role. This complexity can be
> hidden from the user in a single-user system, by the client, if it
> wants to do that, but ultimately it is a role that has rights, not a
> user.

I'm not convinced this is the best approach.. There are times when you
definitely want to assign ACLs based on users, not on roles.  Unless
you are implying that you must create a new role for every
"singly-acled user", where that role contains exactly one user..
Seems a bit overkill to me.  It would just be easier to allow users
(as well as roles) on ACLs.

I can certainly see the benefit of using roles on ACLs, so you can add
someone to the role and they get full access to that role's
capabilities on all objects in the database.  But there are times when
you want to specifically allow (or perhaps specifically DISALLOW)
access to particular users.  For example, I might not want my wife to
see transactions about her birthday presents. ;) Would I need to
create "role::wife" and put her in that?  I certainly don't ever
expect my wife to change....

-derek
-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available