对于安全敏感的设计,我想在某些表上禁用DELETEs
.
DELETE
应该只在一行上设置deleted
标志(然后在应用层使用的视图上可以看到).
据我所知,rule将生成额外的查询,因此规则无法 suppress 原始查询.
作为一个带有触发器的玩具示例(尚未测试):
-- data in this table should be 'undeletable'
CREATE table article (
id serial,
content text not null,
deleted boolean default false
)
-- some view that would only show articles, that are NOT deleted
...
-- toy trigger (not tested)
CREATE OR REPLACE FUNCTION suppress_article_delete()
RETURNS TRIGGER AS $sad$
BEGIN
IF (TG_OP = 'DELETE') THEN
UPDATE article SELECT id, content, TRUE;
-- NEW or NULL??
RETURN NEW;
END IF;
RETURN NULL;
END;
$sad$ LANGUAGE plpgsql;
什么是 suppress DELETE
的好方法?