Skip site navigation (1) Skip section navigation (2)

Howto handle views/Rules Privileges

From: Ulrich Meis <kenobi(at)halifax(dot)rwth-aachen(dot)de>
To: pgsql-general(at)postgresql(dot)org
Subject: Howto handle views/Rules Privileges
Date: 2004-05-27 16:25:16
Message-ID: 40B6166C.7090800@halifax.rwth-aachen.de (view raw or flat)
Thread:
Lists: pgsql-general
Hi!

Situation two schemas:

webviews: Contains a set of views with insert rules on them, accessed 
via a GUI.
devconf: "Business logic", all the tables, functions, triggers that I 
want to restrict access to as far as possible.Preferably, I wouldn't 
even grant usage to the schema.

I have a problem with the insert rules on the views :

The inserts triggered by the rules are executed with view owner 
privileges, but unfortunately any functions, triggers, sequence updates 
that are invoked by the rule NOT.

How do I solve this ?
My solution right now is to do "security definer" on all triggers and 
functions invoked by the rules, and to grant update privileges for the 
sequences. I hope there is a better way.

Thanks in advance for any comments and suggestions,

Uli








pgsql-general by date

Next:From: BARTKO ZoltanDate: 2004-05-27 16:26:53
Subject: custom error messages/numbers
Previous:From: btoberDate: 2004-05-27 15:22:06
Subject: Re: Naive schema questions

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group