[yoloClin]

Is column based authorisation possible?

What about group/role based security concepts?

[chishaku]

You can create a view with a subset of columns and grant permissions on the view.

[yoloClin]

I feel like this is just moving business logic /back/ into the database.

It' very similar to what we were doing with stored procs 15 years ago and just moves the problem from business logic back to database layer. Given the choice, I'd prefer to write constraints in !SQL, personally.

[dragonwriter]

> Is column based authorisation possible

Yes.

> What about group/role based security concepts?

Yes, those have been standard in RDBMSs for decades.