Lieven Van Acker <lieven@elisa.be> writes:
> Well, in fact, -at this point - I don't need setuid, because the
> function current_adm() has to lookup the effective uid of the calling
> user. The point is I want to filter the records depending on the uid
> of the user calling the top-level view. So as I can understand, views
> that are called by other views run still within the same session -
> thus returning the effective uid, right?
The problem is that current_adm() fails for lack of read access on the
users table, when it's invoked on behalf of the unprivileged user.
I think that what you really want to be using for the lookup is
SESSION_USER not CURRENT_USER. There's no difference at the moment,
but there will be once we have setuid functions ...
regards, tom lane