Search Postgresql Archives

Re: Allowing update of column only from trigger

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

isn't it possible to restrict UPDATE by access rights based on the DB's user?

Create table with owner set to the administrator of the database (NOT PostgreSQL SERVER!!!) and grant only the needed rights (or none of them) to the user from which the usual processing of the database will be performed. Then, create a trigger function with SECURITY DEFINER set and own it by the owner of the database (or other user, who's granted to UPDATE the table). So, if no one else is granted UPDATE on the table, the only UPDATE-modifiers of the table will be the owner and the trigger function's owner (if differs from owner).

Best regards,
   Andrey V. Semyonov

---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ?

http://www.postgresql.org/docs/faq
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux