I'm setting up some views and their underlying tables. The views rely
on some (mainly SQL) functions to provide some capability (e.g.,
updating). I want to restrict access to the underlying tables and
allow access only through the set of views.
The problem is that I seem to have problems with "permission denied"
errors when users trigger the view rules.
This raises the following questions:
- what privileges are required by users to access views? (presumably
these are the basic ones as explained for GRANT)
- when a rule is invoked that accesses another table (or view), what
privileges does that rule run with? My understanding was that rules
are run with the privileges of the rule creator not the user who
triggered the rule. Consequently, privileges on the underlying
table (or view) can be completely restricted, right?
- when a rule includes a function (e.g., one that invokes another SQL
command like a SELECT), what privileges does that function run with?
the rule creator's (like the rule itself) or the user who triggered
the function via the rule? If the function accesses another table,
can privileges on that table be restricted like with a rule?
Thanks for any help to clarify the design of the privilege system.
Cheers,
Brook