[Qgis-developer] Dealing with more sophisticated PostGIS table permissions

Martin Spott Martin.Spott at mgras.net
Wed Apr 28 16:47:04 EDT 2010

I'm trying to make use of the nice PostgreSQL feature which allows me
to grant different permissions on different columns of a table to the

To be more precise, the table has a 'serial'-type "ogc_fid", a
'geometry'-type "wkb_geometry" plus a few more columns, of which a
'timestamp'-type column is filled via INSERT/UPDATE trigger.
SELECT/DELETE is granted to the user on the _entire_ record, but
INSERT/UPDATE is granted just on the "wkb_geometry" column.

Everything's fine as long as I'm filling the table via 'ogr2ogr'
("-append"), the geometries are getting in, the serial and the trigger
are filling their respective columns quite nicely. Thus I assume I've
set the grant's properly  :-)

Now, when trying to edit the layer in QGIS, we're permitted to move a
vertex of a polygon ....  Well, I didn't try to save the result to the
DB, but QGIS at least activates the note tool in edit mode - so I
simply believe it's going to work.

BUT we're not permitted to insert a new polygon (copied from a
different layer) via the paste feature, as long as the grant's are set
up as explained above. The paste item in the edit menu simply remains
greyed out and Ctrl-V doesn't insert anything.
The source layer of the planned copy-and-paste action is imported into
QGIS from a Shapefile, of which I've removed the .dbf-file, and thus
does _not_ contain any attributes which might conflict with the (write
protected columns in the) target PostGIS layer.

Granting INSERT/UPDATE on the entire record would serve as a
workaround, but contradicts my plan of preserving the non-geometry
columns agains unwanted edits.

Can anyone confirm ? Any chance to let QGIS focus on the geometry
column when retrieving table permissions from PostgreSQL while deciding
over the permitted actions ?

Best regards,
 Unix _IS_ user friendly - it's just selective about who its friends are !

More information about the Qgis-developer mailing list