Zitat von Ryan Murphy <ryanfmurphy@xxxxxxxxx>:
I could see how I could revoke permissions from, say, all users that aren't
superusers to INSERT or UPDATE certain views. However, if possible it
would be nice to get an error message about the VIEW not being updatable,
rather than a user access error, which could be misleading.
I feel it would be the other way round. If you deny something that is
technically possible, I would be puzzled to get an error about a
technical impossibility. If you want to stop people updating a view,
in my opion, it is very well to tell them they are not allowed to and
not that it isn't technically possible. So there can start a
discussion whether they are rightfully denied to update data therein,
instead of first discussing why it is not technically possible to
update to find out it IS technically possible but it was actually
denied.
When I try to insert into a non-updatable VIEWs, I get this message:
ERROR: cannot insert into view "test_view"
DETAIL: Views containing GROUP BY are not automatically updatable.
HINT: To enable inserting into the view, provide an INSTEAD OF INSERT
trigger or an unconditional ON INSERT DO INSTEAD rule.
It would be great to see something like this when trying to insert into a
simple VIEW that I had made non-updatable:
ERROR: cannot insert into view "test_view2"
DETAIL: This view has manually been made non-updatable.
You still could put a trigger on the views throwing according
exceptions for specific users. I think I partly used that already but
can't find the code at the moment.
--
+49 (0)1578-772 37 37
+41 (0)78 947 36 21
Öffentlicher PGP-Schlüssel:
http://pgp.mit.edu/pks/lookup?op=get&search=0xCA167FB0E717AFFC
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
