Thread: truncating table permissions

truncating table permissions

From
"Lynwood Stewart"
Date:
I was expecting "truncate table <tablename>" to truncate a table if I had 
delete permissions.  This does not appear to be the case.

Would someone confirm this for me, or let me know what I am doing wrong.

-- 
Lyn 




Re: truncating table permissions

From
Keith Worthington
Date:
Lynwood Stewart wrote:

>I was expecting "truncate table <tablename>" to truncate a table if I had 
>delete permissions.  This does not appear to be the case.
>
>Would someone confirm this for me, or let me know what I am doing wrong.
>
>  
>
This is the case.  You are not doing anything wrong.  There was a 
discussion on this on the NOVICE list beginning on 2/22.  The subject 
was "Question on TRUNCATE privileges"

At the end of the day the answer is to have the table owner create a 
truncate function with SECURITY DEFINER privilege.

The following is from Tom Lane.
  See CREATE FUNCTION.  Something like (untested)
  create function truncate_my_table() returns void as  $$ truncate my_table $$ language sql security definer;
  You'd probably then revoke the default public EXECUTE  rights on this function, and grant EXECUTE only to  selected
users.

-- 
Kind Regards,
Keith



Re: truncating table permissions

From
Tom Lane
Date:
"Lynwood Stewart" <lynwood@nwlink.com> writes:
> I was expecting "truncate table <tablename>" to truncate a table if I had 
> delete permissions.  This does not appear to be the case.

No, TRUNCATE is restricted to the table's owner, regardless of any
grantable permissions.

This was (ahem) inadequately documented until very recently.
        regards, tom lane