[Please reply to the list, not just to me, so that others can benefit from and contribute to the discussion]
On 31 August 2016 at 11:52, Andrea Adami <[email protected]> wrote: > Thnaks Dean, i did further investigations: > i set the owner of the view to: "[email protected]" with: > ALTER TABLE public.policy_view OWNER TO "[email protected]"; > and i thinking to see from the select: > select * from policy_view > the rows: 1,2,3 > then > set role '[email protected]'; > select * from policy_view; > return rows 1,2,3 as expected but: > set role '[email protected]'; > select * from policy_view; > returns rows 4,5 and > set role 'postgres' > select * from policy_view > return nothing ... > what you thinking about ? > > Andrea That's correct. With the table owned by postgres and the view owned by "[email protected]", access to the table via the view is subject to the policies that apply to "[email protected]". So regardless of who the current user is, when selecting from the view, the policy "standard" will be applied, and that will limit the visible rows to those for which usr = current_user. Regards, Dean -- Sent via pgsql-hackers mailing list ([email protected]) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
