Comment by FrancoisBosun
2 years ago
Not the author, but PostgreSQL has constraint triggers that can run procedures / functions on insert/update/delete, to allow/reject a given row or statement. That would be one way to confirm that a given update from a client is valid, from the POV of the application.
The situation I’m considering is data that matches the referential integrity and check constraints of the database, but is malicious. For example syncing a “salary update to $1M” for yourself into the source database.
Yup, this is what's addressed by write permissions. You can express who can set salaries and column level rules to validate input values.
When it comes to concurrency problems like not spending money twice, the plan is https://electric-sql.com/blog/2022/05/03/introducing-rich-cr...
Row-level permissions also very useful - e.g. I am allowed to update my own profile, but not someone else's.