Re: Baffled by basic permission issue.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



As one last follow up, and I apologize for the volume, but this might be related to RDS: our DBs were in a 'Modifying...' state and being backed up, and now something has changed, and we can query these views again. I don't understand. Maybe the underlying tables were temporarily locked during some RDS backup process. 

Anyone run into that kind of thing?

On Wed, Jun 16, 2021 at 2:10 PM Wells Oliver <wells.oliver@xxxxxxxxx> wrote:
To follow up a bit, it seems clear to me that after I restored to a new server, there's some setting (maybe?) preventing folks from querying objects owned by other users EVEN if they have SELECT perms on the object, and USAGE on the schema. Is this a possibility?

On Wed, Jun 16, 2021 at 2:01 PM Wells Oliver <wells.oliver@xxxxxxxxx> wrote:
The role has SELECT perm on the view and on the underlying tables and I am received a permission denied table on the table while trying to select from the view. The view is owned by a different user but SELECT perms are very clearly granted to my role.

On Wed, Jun 16, 2021 at 1:58 PM Holger Jakobs <holger@xxxxxxxxxx> wrote:
If you want to use a view, you need the permissions for it. Not for the underlying tables

Am 16. Juni 2021 22:56:17 MESZ schrieb Wells Oliver <wells.oliver@xxxxxxxxx>:
I have a view that does this:

create view stats.v
select * from stats.t
join alias.i ON t.id = i.id
join alias.i2 ON t.id2 = i2.id;

And when I do: SELECT * FROM stats.v I receive: ERROR:  permission denied for table i

However, if I paste the contents of the view as a query and run it manually, it works fine.

I can also query alias.i as I please.

The role I am using to connect has USAGE on both stats and alias, it also has SELECT on the table as well as the view.

The only difference is that the view is owned by a different user than the tables, though the SELECT permissions are definitely granted.

psql 13.2

--

--
Holger Jakobs, Bergisch Gladbach
+49 178 9759012
- sent from mobile, therefore short -


--


--


--
Wells Oliver
wells.oliver@xxxxxxxxx

[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux