Securtiy around Postgresql Views and Rails Models.


I just read a posting at,,
which addresses the issue of Posgresql Views and Rails Models and user

I was thinking of trying to implement some of the suggestions made in
this posting but thought I would ask if anyone here has read this
and whether they think it is a workable solution.

Chris Bartlett posted some interesting observations and questions on the
above mentioned site and I have also seen him posting here, so I am
wondering Chris, if you ever got those issues resolved that you
identified in your posting on the above site and if so would you be
willing to share how to resolve those issues.

This would be a real tall order for me since not only am I new to
programming, but I am new to Rails and this is my first introduction to
Postgresql 8.4.

I have postgresql working so I feel that I have begun the ascent of this
very steep learning curve.

Also I think it a great opportunity to learn on all of these levels if I
could implement the views, triggers and rules through postresql and
still be able to view the results online using rails.

If anyone else would like to try and design their application such that
it follows the best practices outlined on the site I mentioned at the
beginning of this posting, I would be glad for the company.

Thanks for any suggestions, observations and pointers.