Re: Turn around !! Permissions on FUNCTIONS - Mailing list pgsql-admin

From Peter Eisentraut
Subject Re: Turn around !! Permissions on FUNCTIONS
Date
Msg-id Pine.LNX.4.30.0202111905350.1903-100000@peter.localdomain
Whole thread Raw
In response to Turn around !! Permissions on FUNCTIONS  ("Marco Tulio" <anjo.doce.marilia@bol.com.br>)
List pgsql-admin
Marco Tulio writes:

> OK, the below is impossible yet...
>
> but anyone can give-me a TURN AROUND this problem ?
>
> Example:
>
> I have a tb_log thats registers all DELETES over another
> table. I did it using a trigger and a function, because
> a simple RULE can´t do ever I need.
>
> BUT, I don´t want the user that makes the DELETE could
> make INSERTS, OR DELETES by hand over the tb_log...

If you want to write the trigger function in C, you can surround the
critical SQL statements (probably done via SPI interface) with calls like
this:

Oid saved = GetUserId();
SetUserId(something);
/* do work */
SetUserId(saved);

where "something" is the ID of the user you want to execute the "work"
section as.  This is effectively what would need to be done to implement
this feature for real.  Now that I see your problem I'm convinced it's
urgent and it should get done for 7.3.

--
Peter Eisentraut   peter_e@gmx.net


pgsql-admin by date:

Previous
From: "Marco Tulio"
Date:
Subject: Turn around !! Permissions on FUNCTIONS
Next
From: juerg.rietmann@pup.ch
Date:
Subject: problem with view/function after upgrade to 7.2