Thread: Howto handle views/Rules Privileges

Howto handle views/Rules Privileges

From
Ulrich Meis
Date:
Hi!

Situation two schemas:

webviews: Contains a set of views with insert rules on them, accessed
via a GUI.
devconf: "Business logic", all the tables, functions, triggers that I
want to restrict access to as far as possible.Preferably, I wouldn't
even grant usage to the schema.

I have a problem with the insert rules on the views :

The inserts triggered by the rules are executed with view owner
privileges, but unfortunately any functions, triggers, sequence updates
that are invoked by the rule NOT.

How do I solve this ?
My solution right now is to do "security definer" on all triggers and
functions invoked by the rules, and to grant update privileges for the
sequences. I hope there is a better way.

Thanks in advance for any comments and suggestions,

Uli