New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support for column based SELECT privileges #179

Closed
qwesda opened this Issue Feb 7, 2016 · 6 comments

Comments

Projects
None yet
2 participants
@qwesda

qwesda commented Feb 7, 2016

I'm currently working on a database where access is restricted on the table, column and row level. Trying to view a table where only a subset of the columns are accessible to the current user results in a 'permission denied' error message.

It should be possible for postico to figure out which columns can be selected for the current user and only select these columns from the backend. The following function returns TRUE if access is possible:

SELECT has_column_privilege('"schema name"."table name"', 'column name', 'SELECT');

Non-accessible columns should be displayed as if they are disabled.

@jakob jakob added the started label Feb 9, 2016

@jakob

This comment has been minimized.

Show comment
Hide comment
@jakob

jakob Feb 9, 2016

Owner

Good idea. Here's a first implementation of this:
https://eggerapps-downloads.s3-eu-west-1.amazonaws.com/postico-1320.zip

Comments?

Owner

jakob commented Feb 9, 2016

Good idea. Here's a first implementation of this:
https://eggerapps-downloads.s3-eu-west-1.amazonaws.com/postico-1320.zip

Comments?

@qwesda

This comment has been minimized.

Show comment
Hide comment
@qwesda

qwesda Feb 9, 2016

Works basically.

The disabling of the column is spotty thought. It only resets if you cmd + R while having another table open.

Maybe the different permission levels could be better represented by small icon on the right side of the column header:

  • SELECT and UPDATE => no icon
  • SELECT and NOT UPDATE => crossed pencil icon
  • NOT SELECT and UPDATE => crossed eye icon & pencil icon
  • NOT SELECT and NOT UPDATE => crossed eye icon & crossed pencil icon (maybe also grey out the whole column)

qwesda commented Feb 9, 2016

Works basically.

The disabling of the column is spotty thought. It only resets if you cmd + R while having another table open.

Maybe the different permission levels could be better represented by small icon on the right side of the column header:

  • SELECT and UPDATE => no icon
  • SELECT and NOT UPDATE => crossed pencil icon
  • NOT SELECT and UPDATE => crossed eye icon & pencil icon
  • NOT SELECT and NOT UPDATE => crossed eye icon & crossed pencil icon (maybe also grey out the whole column)
@jakob

This comment has been minimized.

Show comment
Hide comment
@jakob

jakob Feb 9, 2016

Owner

OK, I fixed the column header highlighting issue:
https://eggerapps-downloads.s3-eu-west-1.amazonaws.com/postico-1321.zip

The icons are a good idea, but I have to think about that a bit (eg. how would I highlight missing INSERT privilege? should I?)

Owner

jakob commented Feb 9, 2016

OK, I fixed the column header highlighting issue:
https://eggerapps-downloads.s3-eu-west-1.amazonaws.com/postico-1321.zip

The icons are a good idea, but I have to think about that a bit (eg. how would I highlight missing INSERT privilege? should I?)

@jakob

This comment has been minimized.

Show comment
Hide comment
@jakob

jakob Feb 9, 2016

Owner

And here's another build that fixes filters for tables with forbidden columns...

https://eggerapps-downloads.s3-eu-west-1.amazonaws.com/postico-1322.zip

Owner

jakob commented Feb 9, 2016

And here's another build that fixes filters for tables with forbidden columns...

https://eggerapps-downloads.s3-eu-west-1.amazonaws.com/postico-1322.zip

@qwesda

This comment has been minimized.

Show comment
Hide comment
@qwesda

qwesda Feb 9, 2016

cmd + R works now. And it works good enough for me to work with. So thanks.

Do you mean a missing INSERT privilege for the whole table or specific columns? For the whole table disabling the + Row button would be appropriate – and if only some columns can be inserted to only these should have enabled input fields for the new row.

qwesda commented Feb 9, 2016

cmd + R works now. And it works good enough for me to work with. So thanks.

Do you mean a missing INSERT privilege for the whole table or specific columns? For the whole table disabling the + Row button would be appropriate – and if only some columns can be inserted to only these should have enabled input fields for the new row.

@jakob jakob added done and removed started labels Feb 16, 2016

@jakob

This comment has been minimized.

Show comment
Hide comment
@jakob

jakob Feb 25, 2016

Owner

I've just released 1.0.4
https://eggerapps.at/postico/

Owner

jakob commented Feb 25, 2016

I've just released 1.0.4
https://eggerapps.at/postico/

@jakob jakob closed this Feb 25, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment