On 12/31/2012 09:02 AM, Philipp Kraus wrote:
Am 31.12.2012 um 15:54 schrieb Adrian Klaver:
On 12/31/2012 05:41 AM, Philipp Kraus wrote:
Am 31.12.2012 um 02:11 schrieb Adrian Klaver:
Actually as of 9.0 that is not strictly true:
http://www.postgresql.org/docs/9.2/interactive/sql-alterdefaultprivileges.html
I have create a view for access a table and rules for modifiy the
based table. The table has got a trigger.
If I run an update on the view, I get an error "permission denied"
for the trigger call. My user modifies
only the "view", so do the user also get access to the trigger
(execution right)? IMHO the trigger is run
by postgres self, so the user don't need a right on the trigger.
Was the error for the trigger or the function the trigger called?
ERROR: permission denied for schema usermanagement
usermanagement ist ein schema and the base table calls a function within
this schema, this
checks if the user is super user with
select current_setting('is_superuser') = 'on' into l_issuper;
So the issue was that the user calling the function did not have access
to the schema usermanagement. It is also possible the user did not have
EXECUTE privileges on the function either. From your subsequent post I
see you discovered SECURITY DEFINER. This is works as you found out.
Just be aware that if the user that defined the function is a super user
the function has their privileges and all that implies.
--
Adrian Klaver
adrian.klaver@xxxxxxxxx
--
Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
