This is exactly what I needed to know.
Cordially, Marvin
Bruno Wolff III wrote:
On Mon, May 03, 2004 at 15:12:00 -0700, Marvin McNett <mmcnett@cs.ucsd.edu> wrote:
How do I go about ensuring that data is only added to a table through a function? I've tried granting execute persission on the function which inserts data, but can't get it to work unless the user also has insert permission on the table. I don't want the user to be able to arbitrarily insert data.
You need to use SECURITY DEFINER so that the function runs with the access of its definer instead of its invoker.
---------------------------(end of broadcast)--------------------------- TIP 6: Have you searched our list archives?
http://archives.postgresql.org
