Wijnand Wiersma wrote:
I have the table contact, the user should not be able to read or
update anything in it, except for his own record. So I created the
view v_my_account. When the user selects * from it he only sees his
own record. That works great. I also made a rule:
CREATE RULE update_v_my_account AS ON UPDATE TO v_my_account
DO INSTEAD
UPDATE contact set pause=NEW.pause where username=USER;
This does not work since there are some triggers on the contact table
and the trigger function selects the contact table and I don't want to
give the user access to that.
I thought that when a rule is applied the triggers which are triggerd
would also have the same userid as the rule query, but I was wrong.
Can you show the (cut down) contents of your trigger? It's difficult to
see what you mean. I can't think of any way a trigger can provide
results to the user, so any selects within it should be safe enough.
--
Richard Huxton
Archonet Ltd
---------------------------(end of broadcast)---------------------------
TIP 9: In versions below 8.0, the planner will ignore your desire to
choose an index scan if your joining column's datatypes do not
match
