Postgres Pro
Downloads
Home   >   mailing lists

Re: Problem with delete trigger: how to allow only triggers to delete a row? - Mailing list pgsql-sql

From Alvaro Herrera
Subject Re: Problem with delete trigger: how to allow only triggers to delete a row?
Date
Msg-id 20081010180525.GC4194@alvh.no-ip.org
Whole thread Raw
In response to Re: Problem with delete trigger: how to allow only triggers to delete a row?  ("Christopher Maier" <maier@med.unc.edu>)
Responses Re: Problem with delete trigger: how to allow only triggers to delete a row?  ("Christopher Maier" <maier@med.unc.edu>)
Re: Problem with delete trigger: how to allow only triggers to delete a row?  (Tom Lane <tgl@sss.pgh.pa.us>)
List pgsql-sql
Tree view 
Christopher Maier wrote:

> However, I need to restrict deletion based on, for lack of a better
> term, "where" the DELETE command comes from.  I do not want someone
> sitting at a psql console to be able to type:
>
> DELETE FROM my_table WHERE deduced IS TRUE;

Looks like you should revoke DELETE privilege from plain users, and
have your delete trigger be a security definer function.  There would be
another security definer function to delete non-deduced rows which users
can call directly.

-- 
Alvaro Herrera                                http://www.CommandPrompt.com/
PostgreSQL Replication, Consulting, Custom Development, 24x7 support

pgsql-sql by date:

Previous
From: "Christopher Maier"
Date:
Subject: Re: Problem with delete trigger: how to allow only triggers to delete a row?
Next
From: "Christopher Maier"
Date:
Subject: Re: Problem with delete trigger: how to allow only triggers to delete a row?