On Thu, Sep 07, 2006 at 02:12:57PM +0300, Valentin Militaru wrote:
> I have one user in postgres8.01. which connects from a webserver and inserts
> some data into a table. It only has INSERT access on that table.
> ON the other hand, on the same table a have an after-insert trigger which
> executes a function owned by a more powerful user.
> My problem is that when I try to insert some data with the webserver user,
> PostgreSQL wants that user to have access to all the relations used in the
> trigger function.
>
> Is there any way to avoid granting the light user with all those rigths?
You could declare the function "SECURITY DEFINER", then it will always
have the rights of the person who created the trigger.
Have a nice day,
--
Martijn van Oosterhout <kleptog@svana.org> http://svana.org/kleptog/
> From each according to his ability. To each according to his ability to litigate.