Y
Hacker News
new
|
ask
|
show
|
jobs
by
oldnet
1007 days ago
Also you shouldn't give up access to your DB for security reasons.
That's why API exists at first place.
2 comments
camgunz
1007 days ago
PostgreSQL 9.5 (7.5 years old) shipped row-level security [0] which solves this.
[0]:
https://www.postgresql.org/docs/15/ddl-rowsecurity.html
link
yencabulator
1005 days ago
The architecture described in the article replicates the SQLite database on the page level.
link
camgunz
1005 days ago
Yeah but this thread became about "you need an API".
link
vbezhenar
1007 days ago
Technically you can create different users with very precise access permissions. Might not be the good idea to provide that kind of API to the general public, but if your clients are trustworthy, it might work.
link
berniedurfee
1006 days ago
No clients are trustworthy.
link
[0]: https://www.postgresql.org/docs/15/ddl-rowsecurity.html