| From: | Ulrich Meis <kenobi(at)halifax(dot)rwth-aachen(dot)de> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Howto handle views/Rules Privileges |
| Date: | 2004-05-27 16:25:16 |
| Message-ID: | 40B6166C.7090800@halifax.rwth-aachen.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Hi!
Situation two schemas:
webviews: Contains a set of views with insert rules on them, accessed
via a GUI.
devconf: "Business logic", all the tables, functions, triggers that I
want to restrict access to as far as possible.Preferably, I wouldn't
even grant usage to the schema.
I have a problem with the insert rules on the views :
The inserts triggered by the rules are executed with view owner
privileges, but unfortunately any functions, triggers, sequence updates
that are invoked by the rule NOT.
How do I solve this ?
My solution right now is to do "security definer" on all triggers and
functions invoked by the rules, and to grant update privileges for the
sequences. I hope there is a better way.
Thanks in advance for any comments and suggestions,
Uli
| From | Date | Subject | |
|---|---|---|---|
| Next Message | BARTKO Zoltan | 2004-05-27 16:26:53 | custom error messages/numbers |
| Previous Message | btober | 2004-05-27 15:22:06 | Re: Naive schema questions |