Home > mailing lists

Re: problem permission on view - Mailing list pgsql-hackers

From	Andreas Pflug
Subject	Re: problem permission on view
Date	September 18, 2004 02:06:23
Msg-id	414B5FD3.7090001@pse-consulting.de Whole thread Raw
In response to	Re: problem permission on view (Gaetano Mendola <mendola@bigfoot.com>)
Responses	Re: problem permission on view (Gaetano Mendola <mendola@bigfoot.com>)
List	pgsql-hackers

Tree view

Gaetano Mendola wrote:

> I'd like to fix this by myself but for lack of time and lack of postgres
> code knowledge I'm stuck.

What you want is
CREATE VIEW foo AS  SELECT p1, p2, bar('theValidParameter') as p3  FROM othertab;
GRANT ALL ON TABLE foo TO public;

and don't want to grant execute on bar() to public.

What you could do is creating an intermediate function like this:

CREATE FUNCTION interfoo() RETURNS SETOF record AS
$q$  SELECT p1, p2, bar('theValidParameter') as p3  FROM othertab;
$q$ LANGUAGE SQL SECURITY DEFINER;
GRANT EXECUTE ON FUNCTION interfoo() TO public;

CREATE VIEW foo AS  SELECT f.p1, f.p2, f.p3 FROM interfoo() f(a text, b text, c text);
GRANT ALL ON TABLE foo TO public;

Regards,
Andreas

pgsql-hackers by date:

From: Tom Lane
Date: 18 September 2004, 01:51:52
Subject: Re: R-Tree operators

From: Peter Eisentraut
Date: 18 September 2004, 02:11:14
Subject: New config.guess and config.sub

Re: problem permission on view - Mailing list pgsql-hackers

Previous

Next