| From: | Luis Sousa <llsousa(at)ualg(dot)pt> |
|---|---|
| To: | Robert Treat <xzilla(at)users(dot)sourceforge(dot)net> |
| Cc: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>, josh(at)agliodbs(dot)com, pgsql-sql <pgsql-sql(at)postgresql(dot)org> |
| Subject: | Re: Permission on insert rules |
| Date: | 2002-11-12 17:12:45 |
| Message-ID: | 3DD1368D.5040108@ualg.pt |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-sql |
Robert Treat wrote:
>On Fri, 2002-11-08 at 21:40, Bruce Momjian wrote:
>
>
>>Josh Berkus wrote:
>>
>>
>>>Luis,
>>>
>>>
>>>
>>>>Just a question.
>>>>I'm writing some rules to insert/update some data in my database, and I
>>>>gave all the privileges on that view to the user, and only select on the
>>>>tables.
>>>>When that user inserts data using the view, I thought that was user
>>>>postgres that will do the rest ! But I got permission denied on those
>>>>tables.
>>>>The idea was to create a layer, with the views, giving to that user
>>>>permission on views to insert and update, and not to tables.
>>>>Is this possible ?
>>>>
>>>>
>>>This is a known problem.
>>>
>>>I know that permissions for Functions has been addressed in 7.3. However, I
>>>am not sure about permissions for updatable views. Tom, Bruce?
>>>
>>>
>>Views have always had their own permissions.
>>
>>
>>
>
>If the functions can fire as there creator instead of there caller, then
>I would think as long as the creator has insert/update views on the base
>table, you should be able to do updateable rules and give only
>permissions to the view for the caller. (Though maybe you have to use
>triggers rather than rules to do this?) Does that sound right?
>
>Robert Treat
>
>
>
>
>
>
Is that the only way to do it ?
Luis Sousa
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Luis Sousa | 2002-11-12 17:16:01 | Re: Permission on insert rules |
| Previous Message | scott.marlowe | 2002-11-12 17:12:39 | Re: [SQL] Parent table has not oid? |