User authorization

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

User authorization

Wayne Johnson
I'm using postgresql with Drupal.  I have one small problem.  I would
like to keep the Drupal tables available only to a small group of users
(apache, root and myself).  I've set these user up in a group.  

The problem is that every time I want to add a new Drupal module to the
database, I need to run the supplied script that creates the needed
objects.  I then have to manually scan the script to find which objects
are created, and then grant access to them to my group.

Is there a way to do this automatically?  Say, to make all new objects
accessible (or even owned) by a group?  Something like the sticky bit in
a directory on UNIX.

Thanks for a great product.

---
Wayne Johnson,             | There are two kinds of people: Those
3943 Penn Ave. N.          | who say to God, "Thy will be done,"
Minneapolis, MN 55412-1908 | and those to whom God says, "All right,
(612) 522-7003             | then,  have it your way." --C.S. Lewis

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around
http://mail.yahoo.com 

---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ?

               http://www.postgresql.org/docs/faq
Reply | Threaded
Open this post in threaded view
|

Re: User authorization

Stephen Frost
* Wayne Johnson ([hidden email]) wrote:
> Is there a way to do this automatically?  Say, to make all new objects
> accessible (or even owned) by a group?  Something like the sticky bit in
> a directory on UNIX.

8.1 is expected to have Roles support in it, which merges users and
groups into one space.  Roles can log in, can have passwords, and can
have members.  Members of a role have the permissions (including
owner-level permissions for objects owned by that role) of the role.

Personally I'd really like to see a way to set the 'default owner' for a
schema to help with exactly these issues.  That wasn't included in the
Roles support but I think is a natural follow-on to it since the schema
could be owned by a Role which has members.

        Thanks,

                Stephen

signature.asc (196 bytes) Download Attachment