Skip site navigation (1) Skip section navigation (2)

Re: Permission denied when inserting

From: Adrian Klaver <adrian(dot)klaver(at)gmail(dot)com>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: pgsql-general(at)postgresql(dot)org, Vick Khera <vivek(at)khera(dot)org>, Borek Lupomesky <borek(at)lupomesky(dot)cz>
Subject: Re: Permission denied when inserting
Date: 2011-02-28 17:06:05
Message-ID: 201102280906.05731.adrian.klaver@gmail.com (view raw or flat)
Thread:
Lists: pgsql-general
On Monday, February 28, 2011 8:17:07 am Tom Lane wrote:
> Adrian Klaver <adrian(dot)klaver(at)gmail(dot)com> writes:
> > On Monday, February 28, 2011 8:02:53 am Tom Lane wrote:
> >> Right.  But actually, that query will be run with the permissions of the
> >> owner of the table, so it's that user (not necessarily the one doing the
> >> INSERT) who lacks permissions.
> > 
> > The OP listed the permissions for the tables:
> > 
> > spam=> \z out2cp
> > 
> >                                                Access privileges for
> > 
> > database "spam"
> > 
> >   Schema |  Name  | Type  |
> > 
> > Access privileges
> > --------+--------+-------+-----------------------------------------------
> > --------------------------------------------------------
> > 
> >   public | out2cp | table |
> > 
> > {swcoll=r/petrcech,swcgi=r/petrcech,spamdump=r/petrcech,facility=r/petrce
> > ch,borelupo=arwdxt/petrcech} (1 row)
> > 
> > Looks like borelupo is owner of permout and has permissions on out2cp.
> 
> But what matters is the permissions of the owner of out2cp, which looks
> from this to be petrcech.  And I don't see that he's granted himself
> any permissions.
> 
> 			regards, tom lane

I understand, yet I don't:) Seems I have a misconception of the the FOREIGN KEY 
process. The error was on the query below, which I am taking is the query you 
refer to above. To me it looks like a look up from the referencing(permout) 
table to the referenced(out2cp) one. The part I am not clear on is why that runs 
with the permissions of the referenced table not the referencing table?


ERROR:  permission denied for relation out2cp
CONTEXT:  SQL statement "SELECT 1 FROM ONLY "public"."out2cp" x WHERE 
"site"::pg_catalog.text OPERATOR(pg_catalog.=) $1::pg_catalog.text AND 
"cp"::pg_catalog.text OPERATOR(pg_catalog.=) $2::pg_catalog.text FOR 
SHARE OF x"
-- 
Adrian Klaver
adrian(dot)klaver(at)gmail(dot)com

In response to

Responses

pgsql-general by date

Next:From: Tom LaneDate: 2011-02-28 17:15:27
Subject: Re: Permission denied when inserting
Previous:From: Borek LupomeskyDate: 2011-02-28 16:25:11
Subject: Re: Permission denied when inserting (SOLVED)

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group