Thread: Foreign keys breaks tables permissions
Hi, If one does: create table master ( id integer not null, primary key (id)); create table detail ( id integer not null, master_id integer not null, primary key (id), foreign key (master_id) referencesmaster (id)); insert into master (id) values (1); grant select on master to a_user;grant select, insert, update, delete on detail to a_user; then if login as "a_user" and does: insert into detail (id, master_id) values (1, 10); this will result in: "ERROR: master: Permission denied". This seems a bug to me ? Isn't it ? Regards, Raul Chirea.
> > Hi, > > If one does: > > [...] > grant select on master to a_user; > grant select, insert, update, delete on detail to a_user; > > then if login as "a_user" and does: > > insert into detail (id, master_id) values (1, 10); > > this will result in: "ERROR: master: Permission denied". > > This seems a bug to me ? Isn't it ? Outch, yes, we missed something here. Peter, you said you'll probably work on the ACL stuff after 7.0. We need to coordinate that work with the function manager redesign to go for SETUID triggers and functions. Jan -- #======================================================================# # It's easier to get forgiveness for being wrong than for being right. # # Let's break this rule - forgive me. # #========================================= wieck@debis.com (Jan Wieck) #
Jan Wieck writes: > Peter, you said you'll probably work on the ACL stuff after 7.0. We > need to coordinate that work with the function manager redesign to go > for SETUID triggers and functions. Yes, very nice feature. Far down the road in my dreams though. However, SQL has a REFERENCES privilege, which would probably be the more appropriate one here. -- Peter Eisentraut Sernanders väg 10:115 peter_e@gmx.net 75262 Uppsala http://yi.org/peter-e/ Sweden