| From: | christopher-piker(at)uiowa(dot)edu (Chris Piker) |
|---|---|
| To: | pgsql-sql(at)postgresql(dot)org |
| Subject: | Do update permissions require select permissions |
| Date: | 2003-11-26 02:00:35 |
| Message-ID: | 14d07696.0311251800.7f5855b7@posting.google.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-sql |
I have run across a problem while creating a database with row level
permission
checking via views and triggers. The just of which is update does not
work
for a user unless they also have select permissions. Select
permissions are handled with a view, while insert, update and delete
permissions are handled via triggers.
The simplest table which demonstrates the problem is:
create table data_t (id int4, stuff text);
grant insert,update,delete on data_t to public;
As the table creator issue the query:
insert into data_t values (1, 'Some stuff');
Now as some other user one can do:
update data set stuff = 'other stuff';
And it works okay. But the following fails:
update data set stuff = 'yet other stuff' where id = 1;
Why is this?
The reason that I need to not let the user have select on the table is
that
they are only allowed to select certian rows and there is a view that
takes
care of this. For insert update delete there are trigger functions.
I know that rules on the view would handle the problem but I am using
inheretence and the query plans grow to over 270 rows when rules on
views on
base tables are put together.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Kumar | 2003-11-26 07:03:04 | Re: ::text problem |
| Previous Message | Burr, Colin | 2003-11-25 23:37:41 | Bug: Sequence generator insert |