Thread: Trigger and Permissions

Hello, ALL

I'm making a simple log system where all the users (each one have a
different login and password) will be logged all your actions.

When a user delete, insert ou update any data in a table, the trigger
will log the operation in another table.

Until this point, all OK. I made this trigger and it's work fine.

But the log table must be writable for all users !!!!!!!!!!!!!!!!!!!!
Instead the trigger can't write into the log table.

It's not nice, because the user can simulate a log......

THE QUESTION::::

How can I make a trigger that insert data in a table that no normal user
have INSERT PERMISSION ?




Regards,


Tulio

On Mon, Feb 26, 2001 at 03:04:18PM -0300, Tulio Oliveira wrote:
> THE QUESTION::::
>
> How can I make a trigger that insert data in a table that no normal user
> have INSERT PERMISSION ?

While connected to the database as superuser, create a view of the log
table.  Then create an insert rule so that when someone inserts a
record into the view the rule inserts the record into the log table.
Give your users permission to insert into the view.

This will work because rules act as if they were run by the person who
*owns* the view/table that the rule is tied to and *not* the person who
is actually logged in.

--
Bruce