Hi,
I appologize if this is the incorrect list, but it is the only one to
which I subscribe.
Is it possible to use table permissions to restrict UPDATE's and
DELETE's on views? Or does that need to happen in the rules which
remap the events?
I have a view with the following permissions:
genex2=> \dp genex_measured_bioassay_view Access privileges for database "genex2"Schema
| Table | Access privileges
--------+------------------------------+-------------------------------------------------------------------public |
genex_measured_bioassay_view| {=,genex=arwdRxt,"group genex_user=r","group genex_curator=arwd"}
My belief was that by restricting members of the genex_user group to
SELECT only access, they would not be able to make UPDATE's on the
view. But this is not the case, they are able to make updates.
I have a rule which re-maps the UPDATE to the underlying table as
follows:
CREATE RULE GENEX_MEASURED_BIOASSAY_VIEW_upd AS ON UPDATE TO GENEX_MEASURED_BIOASSAY_VIEW DO INSTEAD UPDATE
GENEX_MEASURED_BIOASSAYSET
"mba_pk" = NEW."mba_pk",
"fe_sw_fk" = NEW."fe_sw_fk",
"name" = NEW."name",
"identifier" = NEW."identifier",
"description" = NEW."description",
"audit_fk" = NEW."audit_fk" WHERE "mba_pk" = NEW."mba_pk";
Does this rule bypass the permissions on the view?
Thanks in advance,
jas.