Travis Bauer <trbauer@indiana.edu> writes:
> That part works okay, but here is a more complicated situation that
> doesn't:
> create user user1;
> create table t1 (x int, y int);
> create table t2 (a int, y int);
> create view v1 as select * from t1 where x in (select a from t2);
> ------------------
> create view v2 as select * from v1 where x>3;
> revoke all on t1 from public;
> revoke all on t2 from public;
> revoke all on v1 from public;
> revoke all on v2 from public;
> grant select on v2 to user1;
> \c - user1
> select * from v2;
> ====> v1: Permission denied.
> The problem occurs because of the nested select underlined above.
I agree, this is a bug. The rewriter checks access permissions on the
basis of the rule's creator, not of the rule's invoker --- but it only
does so at the top level of the rule query. It forgets to recurse into
subqueries :-(. Fairly easy fix, will work on it for 7.1.
regards, tom lane