[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LSMB 1.3: Same user, multiple companies?

Subject: Re: LSMB 1.3: Same user, multiple companies?
From: Chris Travers <..hidden..>
Date: Thu, 30 Jun 2011 19:23:25 -0700

On Thu, Jun 30, 2011 at 3:21 PM, Erik Huelsmann <..hidden..> wrote:
> Hi Chris,
> How does using one and the same user, let's call her Sammy, work with user
> management for multiple companies?

So this is a bit of an issue which must be further discussed in terms
of default behavior and documented.

> * Where do users get stored?
> * Do I need to create the same user in each company?

Yes.

> * What happens if I do that and the user already exists in the psql cluster
> (because she's in another database)?

Right now by default there is a check to keep this from happening.  I
expect to create a function which is a drop-in replacement without the
check enabled.....

The basic concern is what happens where these need to be separated?
My general sense at the moment is that the situations where this could
happen accidently (and thus give users accidental access to other
companies' data in hosted environments) are bad enough that we
shouldn't remove the check by default.

On the other side, maybe hosting companies should be expected to put
more effort into it than the average user...  So maybe we should
reverse this.

> Would be nice to understand these scenarios - and maybe even document before
> 1.3GA.

Best Wishes,
Chris Travers

Follow-Ups:
- Re: LSMB 1.3: Same user, multiple companies?
  - From: Luke

References:
- LSMB 1.3: Same user, multiple companies?
  - From: Erik Huelsmann

Prev by Date: LSMB 1.3: Same user, multiple companies?
Next by Date: Re: LSMB 1.3: Same user, multiple companies?
Previous by thread: LSMB 1.3: Same user, multiple companies?
Next by thread: Re: LSMB 1.3: Same user, multiple companies?
Index(es):
- Date
- Thread