Permissions question

From: Christopher Murtagh <christopher(dot)murtagh(at)mcgill(dot)ca>
To: <pgsql-general(at)postgresql(dot)org>
Subject: Permissions question
Date: 2002-06-27 19:20:43
Message-ID: Pine.LNX.4.33.0206271514120.12607-100000@blues.wcg.mcgill.ca
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general


Greetings,

I have a session table with 3 columns:

Table "session"
Attribute | Type | Modifier
-----------+---------------+----------
cookie | character(32) |
user_id | integer |
time | integer |
Index: session_cookie_key

Where cookie is a hashed random number, the user_id is a unique
person identifier and time is a unix timestamp.

Now, I want other servers/folks to be able to execute a function like
WhoIsThis('cookie');

Which will do one of two things:

1) return the user_id that matches 'cookie' and update time

or

2) return an error message (like unknown user, etc.)

Writing the function is trivial enough, but I don't want these users to
have any privs on the session table, only the function. Is giving them
privs on the function enough? Will the function be able to update the
table if it is executed by an unprivileged user? If not, how would I go
about this?

Thanks in advance for any info.

Cheers,

Chris

--

Christopher Murtagh
Webmaster / Sysadmin
Web Communications Group
McGill University
Montreal, Quebec
Canada

Tel.: (514) 398-3122
Fax: (514) 398-2017

Browse pgsql-general by date

  From Date Subject
Next Message Jon Lapham 2002-06-27 19:31:14 Wildcards in GROUP BY?
Previous Message Marc G. Fournier 2002-06-27 18:25:48 Re: Advocacy Idea.