[EMAIL PROTECTED] (Jan Wieck) writes: >> If one does: >> >> [...] >> grant select on master to a_user; >> grant select, insert, update, delete on detail to a_user; >> >> then if login as "a_user" and does: >> >> insert into detail (id, master_id) values (1, 10); >> >> this will result in: "ERROR: master: Permission denied". >> >> This seems a bug to me ? Isn't it ? > Outch, > yes, we missed something here. Peter, you said you'll > probably work on the ACL stuff after 7.0. We need to > coordinate that work with the function manager redesign to go > for SETUID triggers and functions. Hey Jan: This one just bit me hard. We're trying to implement RI so a foreign key (employee ID number) is verified to exist in the employee table. Problem is, we have to grant everyone and their dog access to the employee table (select,update, no less) which contains all kinds of sensitive data about employees. We even tried making a limited view of the employee table and referencing that. No luck, the RI triggers try to find an OID column in the referenced table (view). If we could name a column "oid" in a view, we might have a chance with this approach. How hard would it be to get the "grant references" thing going? Is there anything I could do to help? Grant permissions on columns would also solve this problem. Is that one huge or not so huge? Kyle
begin:vcard n:Bateman;Kyle tel;fax:801-377-8096 tel;work:801-377-8033x101 x-mozilla-html:FALSE url:www.actiontarget.com org:Action Target Inc adr:;;PO Box 636;Provo;UT;84603;US version:2.1 email;internet:[EMAIL PROTECTED] title:President x-mozilla-cpt:;-15520 fn:Kyle Bateman end:vcard
