Re: IF- statements in a rule's 'DO INSTEAD SELECT ...'- statement - Mailing list pgsql-hackers

From Alvaro Herrera
Subject Re: IF- statements in a rule's 'DO INSTEAD SELECT ...'- statement
Date
Msg-id Pine.LNX.4.33.0205071050130.9071-100000@polluelo.lab.protecne.cl
Whole thread Raw
In response to Re: IF- statements in a rule's 'DO INSTEAD SELECT ...'- statement  ("Bertin, Philippe" <philippe.bertin@barco.com>)
List pgsql-hackers
On Tue, 7 May 2002, Bertin, Philippe wrote:

Hi Phillippe,

> Thanks for your reply. I indeed already tried with a plpgsql function. But
> that's just my problem : if I call a function from within a view's rule,
> this function is not executed anymore with the same rights as a user had on
> the view. So if a user may access a view, but not the table behind, calling
> a function in the DO INSTEAD- clause will not execute the function with the
> proper (view) rights on the table ...

Oh, sure, you are right.

> (to all) Could anyone - (developers, eventually ?) explain me why the
> (security) context of a function call is not passed along when the function
> gets called from within a view ? I think this feature is for sure not
> superfluous, and I could consider having a look into the code to have this
> changed (but I think this is a VERY big pile of source codes I never ever
> looked at before, so this would take a lot of efforts ... for me)

That feature is added in current CVS I think. Maybe you can look at
current sources and backport the patch.


--
Alvaro Herrera (<alvherre[@]dcc.uchile.cl>)
"La verdad no siempre es bonita, pero el hambre de ella si"


pgsql-hackers by date:

Previous
From: mlw
Date:
Subject: Re: OK, lets talk portability.
Next
From: Hannu Krosing
Date:
Subject: Re: OK, lets talk portability.