Re: Read-only attributes - Mailing list pgsql-novice

From Tom Lane
Subject Re: Read-only attributes
Date
Msg-id 13607.1014065621@sss.pgh.pa.us
Whole thread Raw
In response to Read-only attributes  (Michael Klatt <mdklatt@ou.edu>)
Responses 7.2 upgrade
List pgsql-novice
Michael Klatt <mdklatt@ou.edu> writes:
> I have a table where one of the attributes is the time a row was inserted:
> 'updated TIMESTAMP DEFAULT CURRENT_TIMESTAMP'.

> Is there a way to define this attribute so that a user cannot override the
> default value?  I have tried this constraint, but it fails for any INSERT:
> 'updated ... CHECK (updated = CURRENT_TIMESTAMP)'.

No, but if you used a trigger rather than a default value, you could
force the field value to be always the time of insert.

You should, however, consider carefully whether that is *really* what
you want: there's no way to bypass a trigger.  Among other things,
dumping and reloading such a table would cause all the rows to acquire
the time of load.

A probably cleaner solution is not to give the untrusted users direct
write access on the table at all.  Give them write access on a view, and
let the INSERT rewrite rule for the view enforce the desired behavior.

            regards, tom lane

pgsql-novice by date:

Previous
From: Pam Wampler
Date:
Subject: what does opaque mean in create function?
Next
From: knut.suebert@web.de
Date:
Subject: Re: what does opaque mean in create function?