Robert Treat wrote:
On Fri, 2002-11-08 at 21:40, Bruce Momjian wrote:
Josh Berkus wrote:If the functions can fire as there creator instead of there caller, then
Luis,Views have always had their own permissions.
Just a question.This is a known problem.
I'm writing some rules to insert/update some data in my database, and I gave all the privileges on that view to the user, and only select on the tables.
When that user inserts data using the view, I thought that was user postgres that will do the rest ! But I got permission denied on those tables.
The idea was to create a layer, with the views, giving to that user permission on views to insert and update, and not to tables.
Is this possible ?
I know that permissions for Functions has been addressed in 7.3. However, I am not sure about permissions for updatable views. Tom, Bruce?
I would think as long as the creator has insert/update views on the base
table, you should be able to do updateable rules and give only
permissions to the view for the caller. (Though maybe you have to use
triggers rather than rules to do this?) Does that sound right?
Robert Treat
Is that the only way to do it ?
Luis Sousa
smime.p7s
Description: S/MIME Cryptographic Signature