| From: | Oliver Elphick <olly(at)lfix(dot)co(dot)uk> |
|---|---|
| To: | Philippe Lang <philippe(dot)lang(at)attiksystem(dot)ch> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: DROP TRIGGER permission |
| Date: | 2004-09-06 11:04:00 |
| Message-ID: | 1094468640.6360.177.camel@linda |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Mon, 2004-09-06 at 09:23, Philippe Lang wrote:
> Hello,
>
> Dropping a trigger is permitted if the user is the owner of the table
> for which the trigger is defined.
>
> In a plpgsql function, used by different users, I need to disable some
> triggers for a short period of time. With the pgsql user login, I can
> succesfully drop and create the trigger again (after locking the tables
> for which I drop triggers), but unfortunately this not possible with a
> different user login, since they are not the owner of the table.
>
> What could I do in this situation?
Create another function to do the job and call it from inside your
plpgsql function. The second function should be created by the user
that owns the table and should be created with the SECURITY DEFINER
option so that it will run with the permissions of the user that created
it rather than those of the user invoking it.
--
Oliver Elphick olly(at)lfix(dot)co(dot)uk
Isle of Wight http://www.lfix.co.uk/oliver
GPG: 1024D/A54310EA 92C8 39E7 280E 3631 3F0E 1EC0 5664 7A2F A543 10EA
========================================
"Behold, I stand at the door, and knock; if any man
hear my voice, and open the door, I will come in to
him, and will sup with him, and he with me."
Revelation 3:20
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Graeme Hinchliffe | 2004-09-06 11:35:01 | tg_relation doesn't seem to have the attribute names! |
| Previous Message | Oliver Fromme | 2004-09-06 10:26:16 | Re: pgAccess via ssh? |