From: | Adrian Klaver <adrian(dot)klaver(at)gmail(dot)com> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | pgsql-general(at)postgresql(dot)org, Vick Khera <vivek(at)khera(dot)org>, Borek Lupomesky <borek(at)lupomesky(dot)cz> |
Subject: | Re: Permission denied when inserting |
Date: | 2011-02-28 17:06:05 |
Message-ID: | 201102280906.05731.adrian.klaver@gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
On Monday, February 28, 2011 8:17:07 am Tom Lane wrote:
> Adrian Klaver <adrian(dot)klaver(at)gmail(dot)com> writes:
> > On Monday, February 28, 2011 8:02:53 am Tom Lane wrote:
> >> Right. But actually, that query will be run with the permissions of the
> >> owner of the table, so it's that user (not necessarily the one doing the
> >> INSERT) who lacks permissions.
> >
> > The OP listed the permissions for the tables:
> >
> > spam=> \z out2cp
> >
> > Access privileges for
> >
> > database "spam"
> >
> > Schema | Name | Type |
> >
> > Access privileges
> > --------+--------+-------+-----------------------------------------------
> > --------------------------------------------------------
> >
> > public | out2cp | table |
> >
> > {swcoll=r/petrcech,swcgi=r/petrcech,spamdump=r/petrcech,facility=r/petrce
> > ch,borelupo=arwdxt/petrcech} (1 row)
> >
> > Looks like borelupo is owner of permout and has permissions on out2cp.
>
> But what matters is the permissions of the owner of out2cp, which looks
> from this to be petrcech. And I don't see that he's granted himself
> any permissions.
>
> regards, tom lane
I understand, yet I don't:) Seems I have a misconception of the the FOREIGN KEY
process. The error was on the query below, which I am taking is the query you
refer to above. To me it looks like a look up from the referencing(permout)
table to the referenced(out2cp) one. The part I am not clear on is why that runs
with the permissions of the referenced table not the referencing table?
ERROR: permission denied for relation out2cp
CONTEXT: SQL statement "SELECT 1 FROM ONLY "public"."out2cp" x WHERE
"site"::pg_catalog.text OPERATOR(pg_catalog.=) $1::pg_catalog.text AND
"cp"::pg_catalog.text OPERATOR(pg_catalog.=) $2::pg_catalog.text FOR
SHARE OF x"
--
Adrian Klaver
adrian(dot)klaver(at)gmail(dot)com
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2011-02-28 17:15:27 | Re: Permission denied when inserting |
Previous Message | Borek Lupomesky | 2011-02-28 16:25:11 | Re: Permission denied when inserting (SOLVED) |