Thread: Rolls
Hi all,
I am trying to work out a way to create a roll/user that can only execute one particular function and nothing else. The particular function has been created with "SECURITY DEFINER".
Regards
Andrew Bartley
On 02/01/2018 02:22 PM, Andrew Bartley wrote: > Hi all, > > I am trying to work out a way to create a roll/user that can only > execute one particular function and nothing else. The particular > function has been created with "SECURITY DEFINER". > > Regards > > Andrew Bartley > > And I thought you we offering hot cinnamon buns or some such.
Sorry Roles....
On Fri, 2 Feb 2018 at 08:29 Rob Sargent <robjsargent@gmail.com> wrote:
On 02/01/2018 02:22 PM, Andrew Bartley wrote:
> Hi all,
>
> I am trying to work out a way to create a roll/user that can only
> execute one particular function and nothing else. The particular
> function has been created with "SECURITY DEFINER".
>
> Regards
>
> Andrew Bartley
>
>
And I thought you we offering hot cinnamon buns or some such.
On Thursday, February 1, 2018, Andrew Bartley <ambartley@gmail.com> wrote:
Hi all,I am trying to work out a way to create a roll/user that can only execute one particular function and nothing else. The particular function has been created with "SECURITY DEFINER".
Never tried it but "REVOKE PUBLIC FROM role" then "GRANT ... TO role" would ideally work.
Not simple since every role is a member of PUBLIC from which they all inherit useful defaults. You can remove those defaults and the already granted privileges from PUBLIC and then add them back to some super-role group that everyone but this user belongs too. Then only add the one grant you desire to this user.
David J.