Richard Huxton wrote:
> Hmm - perhaps the documentation needs expanding. Certainly, if your view
> references functions you need to make sure permissions are set correctly
> on those.
>
> How about changes along the lines of:
>
> Ch 33.4, para 2
> "... Relations that are used due to rules get checked against the
> privileges of the rule owner, not the user invoking the rule. This means
> that a user only needs the required privileges for the objects[1] that
> he names explicitly in his queries."
>
> then
>
> "[1] This includes permissions on tables and views you reference in your
> view definition. It might also include execute permissions on any
> functions referenced, and for updates, permissions on any sequences.
> This includes sequences automatically created by use of the SERIAL type."
<quote> only needs the required privileges for the objects that
he names explicitly in his queries.</quote>
Sequence for serial type don't explicitly mentioned in queries. I expect
the same behavior for rules as for function with "SECURITY DEFINER"
parameter.
--
Olleg Samoylov