Re: rights for schema

Am 31.12.2012 um 18:02 schrieb Philipp Kraus:

>
> Am 31.12.2012 um 15:54 schrieb Adrian Klaver:
>
>> On 12/31/2012 05:41 AM, Philipp Kraus wrote:
>>>
>>> Am 31.12.2012 um 02:11 schrieb Adrian Klaver:
>>>
>>
>>>>
>>>> Actually as of 9.0 that is not strictly true:
>>>> http://www.postgresql.org/docs/9.2/interactive/sql-alterdefaultprivileges.html
>>>
>>> I have create a view for access a table and rules for modifiy the based table. The table has got a trigger.
>>> If I run an update on the view, I get an error "permission denied" for the trigger call. My user modifies
>>> only the "view", so do the user also get access to the trigger (execution right)? IMHO the trigger is run
>>> by postgres self, so the user don't need a right on the trigger.
>>
>> Was the error for the trigger or the function the trigger called?
>
> ERROR: permission denied for schema usermanagement
>
> usermanagement ist ein schema and the base table calls a function within this schema, this
> checks if the user is super user with
>
> select current_setting('is_superuser') = 'on' into l_issuper;
>
> and checks some other datarows, which stores additional information about the user
> The trigger calls a function "isAdministrator" within the schema.

I have changed the security option of the function from "security invoker" to "security definer" and it works :-)

Phil