Re: How to prevent users from doing manually what my trigger should do for them?
| От | greg@turnstep.com |
|---|---|
| Тема | Re: How to prevent users from doing manually what my trigger should do for them? |
| Дата | |
| Msg-id | ccce652d4c742c9063ef9d55a180bbab@biglumber.com обсуждение исходный текст |
| Ответ на | How to prevent users from doing manually what my trigger should do for them? (thomharp@charter.net (Thom Harp)) |
| Список | pgsql-general |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > I have a trigger which inserts a row into a table (table A) based on > what a user inserts into a different table (table B). To allow this, > the user needs insert permission for table A in order for the trigger > to run. Is there a way I can restrict this so the user only has > permission to insert via the trigger and not manually? I can't trust > my users to insert correct values into table A by themselves but I > need them to be able to run the trigger. Create another user which has insert permissions on table B. Have this user create a (trigger) function that inserts into table B, and make sure the function is marked as EXTERNAL SECURITY DEFINER. Set this function as a trigger on table A, and your users should only be able to insert into table B through the trigger. - -- Greg Sabino Mullane greg@turnstep.com PGP Key: 0x14964AC8 200303261036 -----BEGIN PGP SIGNATURE----- Comment: http://www.turnstep.com/pgp.html iD8DBQE+gcq7vJuQZxSWSsgRAiqgAKCeA9f6mCKFw8M3itKty3q9LjmocQCgqzOt hPJTbbCOTqbe61Kip8esmWA= =8eCk -----END PGP SIGNATURE-----
В списке pgsql-general по дате отправления: