| From: | yudhi s <learnerdatabase99(at)gmail(dot)com> |
|---|---|
| To: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
| Cc: | pgsql-general <pgsql-general(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: error in trigger creation |
| Date: | 2024-04-21 08:55:44 |
| Message-ID: | CAEzWdqfqr9e3OpFd5Nhqha3Ggm=+UJdWkgvo7dpAa3W99S2g5Q@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Sun, Apr 21, 2024 at 1:55 PM David G. Johnston <
david(dot)g(dot)johnston(at)gmail(dot)com> wrote:
> On Sunday, April 21, 2024, yudhi s <learnerdatabase99(at)gmail(dot)com> wrote:
>
>> so that it will be able to assign the privilege, so we will be able to
>> create the event trigger without need to run the event trigger script from
>> super user itself?
>>
>
> Write a security-definer function owned by superuser and grant app_user
> permission to execute it.
>
> David J.
>
>
Thank You David.
Are you saying something like below, in which we first create the function
from super user and then execute the grant? But doesn't that mean, each
time we want to create a new event trigger we have to be again dependent on
the "super user" to modify the security definer function?
CREATE OR REPLACE FUNCTION create_event_trigger_func()
RETURNS void
LANGUAGE plpgsql
SECURITY DEFINER
AS $$
BEGIN
EXECUTE 'CREATE EVENT TRIGGER event_trigger_name ON schema_name ...';
END;
$$;
GRANT EXECUTE ON FUNCTION create_event_trigger_func() TO app_user;
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Lok P | 2024-04-21 09:35:56 | Re: Logging statement having any threat? |
| Previous Message | David G. Johnston | 2024-04-21 08:25:35 | Re: error in trigger creation |