I have created a Flask application using SQLAlchemy as the ORM. I also use flask-login to manage my different users. I want to connect to a PostgreSQL database with different flask users that correspond to different postgres users that have different privileges.
They should be able to be logged in at the same time and make different queries with their individual rights. I tried all kinds of pooling methods by SQLAlchemy, but could not manage to achieve what I want. It always led to an arbitrary association of the open connections to the different users. What is the best way to do this, i.e. to achieve this kind of "session-persistent" database connection behaviour?
Thanks in advance for any help!
Related
I would like to ask if it's possible to make a lookup to a different databases using nestjs and mongodb.
I know how to make connections to different databases and naming them, but this is not the case, because the connections are working separately. I want to make a lookup which is looking for the different connections at the same time. It's possible in express for sure so I suppose it has to be possible in nestjs too. Thanks for any help!
My question is kind of similar to this question, but not quite :
Hide a marklogic database to specific user (permissions)
Background - up until now, developers who use database X were all admins on the server ( this is a historic config that we have recently inherited ), but now we want to have new developers added to the server who definitely wont be admins, and who will have a new database Y added to the server.
What we want to do is have several groups of developers using the same MarkLogic 10 server, but have it so developer group X can only work in their database X, and Developer group Y can only work in database Y. We dont care if they can see all databases on the server.
Does this mean we have to apply permissions to every document in every database to do this, or can we control this via a roles that limit access to specific databases?
Can someone suggest the right way to achieve this please?
Thanks in advance.
You have two tools to work with:
Granular privileges which allow you limit the scope of a privilege to a specific resource (such as database or forest)
Document permissions unique to documents reflective of their respective set of intended users on each database as you already mentioned
However, in my experience, I've generally found this use case is better served by having many small dev clusters rather than one large one as resource contention (one app team pushing CPU to 100%) can become too much of an issue. It is pretty quick and painless to spin up and tear down dev clusters on AWS or Azure. Or, if you're self-hosting, you could look at running multiple MarkLogic Containers on a single host.
I would like to use Apollographql to connect multiple Postgres databases which share the same structures (tables, columns). The idea was having a single endpoint to access any of these databases (using namespaces), but I couldn't find in the documentation how to do this.
I need a bit of your wisdom guys, how can Apollo connect to multiple Postgres databases using different namespaces? Is there another app better suited for this kind of requirements?
I'm working on a web project with Django, and using postgresql for storing informations. I'd like to know what is the maximum number of users can we create in postgresql ?
There's a difference between Django application users and Postgresql database users. If you intend to create users in your django application, and you are using Postgresql as your django backend database, then for each user you will create will be represented as a row in a postgresql table - therefore, practically speaking, you can create as many users as you'd like and there's no limit. I believe the most commonly used authentication models are defined in django.contrib.auth - there you can find django models for users and groups. In postgresql itself you'd normally have very few database users defined - in all likelihood just one - the user you connect with from Django.
I have an application where security and data theft are primary concerns. I am using Postgres 9.4 on RDS by AWS.
I have several users who need read permission on the db. I know that these users can essentially write a script to scrape all the data from the db but is there a way to deny them from using the pg_dump utility.
I am not sure what code examples I can provide for the same.
Is there any alternate strategy to use here? To share db data with developers without allowing them to take dumps of the same?