Re: BUG #1610: rewrite rule and sequence
| От | Olleg Samoylov |
|---|---|
| Тема | Re: BUG #1610: rewrite rule and sequence |
| Дата | |
| Msg-id | 426CC6F7.9000402@mipt.ru обсуждение исходный текст |
| Ответ на | Rules and Permissions docs change (was Re: BUG #1610: rewrite rule and sequence) (Richard Huxton <dev@archonet.com>) |
| Список | pgsql-bugs |
Richard Huxton wrote: > Hmm - perhaps the documentation needs expanding. Certainly, if your view > references functions you need to make sure permissions are set correctly > on those. > > How about changes along the lines of: > > Ch 33.4, para 2 > "... Relations that are used due to rules get checked against the > privileges of the rule owner, not the user invoking the rule. This means > that a user only needs the required privileges for the objects[1] that > he names explicitly in his queries." > > then > > "[1] This includes permissions on tables and views you reference in your > view definition. It might also include execute permissions on any > functions referenced, and for updates, permissions on any sequences. > This includes sequences automatically created by use of the SERIAL type." <quote> only needs the required privileges for the objects that he names explicitly in his queries.</quote> Sequence for serial type don't explicitly mentioned in queries. I expect the same behavior for rules as for function with "SECURITY DEFINER" parameter. -- Olleg Samoylov
В списке pgsql-bugs по дате отправления: