Joe Conway <mail@joeconway.com> writes:
> Tom Lane wrote:
>> This fix may need to be rethought. I'm not sure though where is a clean
>> place to plug in the UPDATE permissions check given that the rules for
>> this case do not generate any UPDATE query.
> Do you want me to take a look at this, or are you planning to?
If you have any ideas, feel free to take a shot. I've not thought of
anything I like.
I suspect the fact that the pre-patch code made the "right" permissions
check was really coincidental, and that the correct fix will not involve
reversion of that patch but rather adding a facility somewhere to ensure
that the original view gets properly permission-checked even if there's
a DO INSTEAD NOTHING rule. However, before biting that bullet it'd
probably be good to understand in detail what's happening in both the
7.3.2 and CVS-tip code. I have not looked at just why that patch
changes this example's behavior.
regards, tom lane