Thread: Grants on rules

Grants on rules

From
Alberto Cabello Sanchez
Date:
Hi all,

I am trying to mimic a table's behaviour on a view thru rules. More
precisely, I have a table (say, my_table(field1,field2)) and a view
(my_view as select my_field from my_table). For allowing inserts into
the view, I have create a rule on "insert into my_view" doing instead
insert into my_table(field1,field2) values (NEW.field1,NULL). It works
fine, but...
I can GRANT or REVOKE privileges (SELECT, INSERT and so on) on my_view
and my_table, but insert into my_view is always allowed, even for users
that haven't SELECT or INSERT privileges neither on my_table or my_view.

How can I restrict the users that can insert into my_view?

Thank you for your answers.

--
-----------------------
Alberto Cabello Sánchez
alberto@unex.es
Servicio de Informática
924 289 351
-----------------------

Re: Grants on rules

From
Tom Lane
Date:
Alberto Cabello Sanchez <alberto@unex.es> writes:
> I can GRANT or REVOKE privileges (SELECT, INSERT and so on) on my_view
> and my_table, but insert into my_view is always allowed, even for users
> that haven't SELECT or INSERT privileges neither on my_table or my_view.

I think there was a bug of this ilk between 7.3.3 and 7.3.5, and
possibly also in some of the 7.4 releases.  If that's what you're using,
update to 7.3.6 or 7.4.3.

            regards, tom lane