| From: | "Craig" <postgresql(at)bryden(dot)co(dot)za> |
|---|---|
| To: | "PG-General" <pgsql-general(at)postgresql(dot)org> |
| Subject: | Role Permissions |
| Date: | 2006-01-07 11:25:53 |
| Message-ID: | 000e01c6137d$1f91b3c0$0200a8c0@amd64 |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Hi
I am trying to understand how permissions work with plpgsql functions.
I have created a role (lets call it role1) and assigned EXECUTE to a function (lets call it func_1). In func_1, I select data from tableA.
I have then created another role (role2) that inherits from role1.
When I login as role2 and issue "select * from func_1(...);" it comes back with the following error:
"ERROR: permission denied for relation tableA".
I am trying to prevent anyone that inhertis from role1 to not be able to select from any database table, unless they execute a function that I have provided. How do I setup the security for this?
I come from an MS SQL background and in that RDBMS you can grant execute to a stored procedure and any objects that are accessed in the proc work, even if the user has no direct permissions to those objects.
Any help will be greatly appreciated
Craig
| From | Date | Subject | |
|---|---|---|---|
| Next Message | mastersail | 2006-01-07 15:11:27 | write on screen |
| Previous Message | pairat | 2006-01-07 10:39:16 | The connection is dead |