Hi all,
I'm going to use the Postgres permission features.
I found a not simmetrical behavior about permission on view and function.
Let me explain:
If I use the view/table T inside the view V is enough give the select
permission on view V.
If I user the view/table T inside the funcion F is enough declare F with
the "Secuity definer" attribute and of course give the execution permission.
In these two cases all is working fine, the following case have some
problems:
If the view V use a function F.
In this last case is not enough have the select permisson on V but you
should
give also the Execution permission on F!!!
This fact are driving us to put
1) Select permission on V
2) Exceute permission + Security Definer attr on F.
why this behavior? Are you thing that in version 7.4 will exist a sort of
Security definer for views ?
Regards
Gaetano Mendola