Re: Permissions Broken in 7.0.x?

Tom,

Thank you for the reply. I have found another issue that I am curious
about: I have a table with foreign key constraint to itself (a parent_id
field). I have a view to the table with permissions for a user to insert
into the view (of course, a rule exists to insert into the real table). The
problem is that it fails because of the constraint! Any way around this?
Or, am I sort of stuck granting all of these privileges to the table so that
triggers, constraints, etc. will work?

Thanks,
Brian

> Brian Powell <brian(at)owlscreech(dot)com> writes:
>> % psql bobdb
>> psql => create table test (
>> name char(32) not null,
>> age int4
>> );
>> psql => revoke all on test from tester;
>> CHANGE
>> psql => select * from test;
>> ERROR: test: Permission denied.
>
> Yeah, that's a bug --- confusion about the default permissions set.
> After doing an explicit GRANT or REVOKE on a table you own, you need to
> grant permissions to yourself again; the default assumption that you
> have all permissions gets lost :-(. This is fixed for 7.1.
>
>> Additionally, if I have a trigger on a table which sets the updated_date and
>> updated_by on any update, and I have a view with a rule which passes any
>> update to the table (thus calling the trigger), I get a permission denied.
>> I am supposing that the user updating the view does not have privileges to
>> the trigger? How would I grant them privileges to the trigger?
>
> Don't think there's a way to do that right now. There's been talk of
> making triggers run "setuid" to the creating user, but it's not been
> done AFAIR.

--Brian