User permission

Поиск
Список
Период
Сортировка
От C G
Тема User permission
Дата
Msg-id BAY15-F21Os3rEYEUNh0006e931@hotmail.com
обсуждение исходный текст
Ответы Re: User permission
Список pgsql-general
Дерево обсуждения 
Dear All,

I have a user_info table that has trigger which creates a user and switches
session
authorization to the new user, but it doesn't seem to work as I expect.

I created the table/functions as a super user.

Any ideas?

Thanks

Colin

mydb1=> select session_user;
session_user
--------------
admin
(1 row)
mydb1=>insert into user_info values ('user1','user1');
INSERT 18155 1

mydb1=> select session_user;
session_user
--------------
user1
(1 row)
That's what I wanted

mydb1=> select * from user_info ;
usename | password
---------+----------
user1   | ***
(1 row)
Shouldn't be able to do that!
mydb1=> set session authorization 'user1';
SET
mydb1=> select session_user;
session_user
--------------
user1
(1 row)mydb1=> select * from user_info ;
ERROR:  permission denied for relation user_info
Now it works.


Code I used to create the table.

DROP TABLE user_info;
create table user_info
(
    usename text,
    password text
);
DROP FUNCTION create_user() CASCADE;
CREATE FUNCTION create_user() RETURNS trigger AS'
--Creates a new user in the database and puts them into group2
    DECLARE
        set_qry1 text;
        set_qry2 text;
    BEGIN
        set_qry1 := ''CREATE USER '' || NEW.usename || '' WITH PASSWORD '''''' ||
NEW.password ||'''''' NOCREATEDB NOCREATEUSER'';
        EXECUTE set_qry1;
         NEW.password = ''***'';
        set_qry2 := ''SET SESSION AUTHORIZATION ''|| NEW.usename;
        EXECUTE set_qry2;

        RETURN NEW;
    END;
' LANGUAGE 'plpgsql' SECURITY DEFINER;

CREATE TRIGGER create_user BEFORE INSERT
    ON user_info FOR EACH ROW EXECUTE
        PROCEDURE create_user();

_________________________________________________________________
Tired of 56k? Get a FREE BT Broadband connection
http://www.msn.co.uk/specials/btbroadband

В списке pgsql-general по дате отправления: