Thread: grant problem

grant problem

From

Rajarshi Mukherjee

Date:

27 March 2005, 09:17:17

Dear Sir/Madam,

I have a problem regarding grants in PG. It is as follows:

I wanted to grant execute on a function that updates a table.
But i got an ERROR: permission denied for relation <table_name>

Now i don't want to grant update on that table as i want all updates
to be done through the function, and no one should be able to update
it manually.

How can i achieve that?

thanks & Regards,

Rajarshi Mukherjee.

Re: grant problem

From

Bruno Wolff III

Date:

27 March 2005, 19:31:27

On Tue, Mar 22, 2005 at 11:22:07 +0530,
  Rajarshi Mukherjee <mukherjee.rajarshi@gmail.com> wrote:
> Dear Sir/Madam,
>
> I have a problem regarding grants in PG. It is as follows:
>
> I wanted to grant execute on a function that updates a table.
> But i got an ERROR: permission denied for relation <table_name>
>
> Now i don't want to grant update on that table as i want all updates
> to be done through the function, and no one should be able to update
> it manually.
>
> How can i achieve that?

Grant UPDATE access to the table to the owner of the function, create
the function with the SECURITY DEFINER access and give EXECUTE access
(you will want to revoke EXECUTE from public as that is the default for
functions) to the function to the users that should be able to use it.