Re: Permission on insert rules - Mailing list pgsql-sql

From Robert Treat
Subject Re: Permission on insert rules
Date
Msg-id 1037033140.26585.34.camel@camel
Whole thread Raw
In response to Re: Permission on insert rules  (Bruce Momjian <pgman@candle.pha.pa.us>)
Responses Re: Permission on insert rules
List pgsql-sql
On Fri, 2002-11-08 at 21:40, Bruce Momjian wrote:
> Josh Berkus wrote:
> > 
> > Luis,
> > 
> > > Just a question.
> > > I'm writing some rules to insert/update some data in my database, and I 
> > > gave all the privileges on that view to the user, and only select on the 
> > > tables.
> > > When that user inserts data using the view, I thought that was user 
> > > postgres that will do the rest ! But I got  permission denied on those 
> > > tables.
> > > The idea was to create a layer, with the views, giving to that user 
> > > permission on views to insert and update, and not to tables.
> > > Is this possible ?
> > 
> > This is a known problem.
> > 
> > I know that permissions for Functions has been addressed in 7.3.   However, I 
> > am not sure about permissions for updatable views.   Tom, Bruce?
> 
> Views have always had their own permissions.
> 

If the functions can fire as there creator instead of there caller, then
I would think as long as the creator has insert/update views on the base
table, you should be able to do updateable rules and give only
permissions to the view for the caller. (Though maybe you have to use
triggers rather than rules to do this?) Does that sound right?

Robert Treat




pgsql-sql by date:

Previous
From: Christoph Haller
Date:
Subject: Generating a cross tab II (pivot table)
Next
From: "Josh Berkus"
Date:
Subject: Re: Permission on insert rules