Reference integrity module seems to have a serious bug (I use 7.0).
Although the super user gave a SELECT permission to the simple user
on the table "a" and ALL permission on the table "c" (which references
to the table "a"), the simple user will get an

ERROR: a: Permission denied.

message. My definitions:

test=# create table a(b serial);
test=# grant select on a to simpleuser;
test=# create table c(d int4 not null references a(b));
test=# grant all on c to simpleuser;

Any comments?


Search Discussions

  • Kovacs Zoltan Sandor at Jun 24, 2000 at 11:38 am

    Probably the correct way to handle this is to run the foreign key
    constraint trigger as the user who created the constraint (or
    something like that) rather than the user making the insert. I'm not
    sure how hard that would be.
    The problem is that now using both refint and GRANT/REVOKE will not work
    together. Only if I have separate areas of tables, I can assure that each
    user may work on his own area. But most databases have referencing tables
    which parent table is read-only for the simple users and child tables are
    read-write for them. My opinion is that it is neccessary to allow such
    referencing. If Postgres doesn't support this, almost nobody can use
    refint and ACLs together. Performance is also important, I do know...


Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
grouppgsql-hackers @
postedJun 22, '00 at 8:44p
activeJun 24, '00 at 11:38a

1 user in discussion

Kovacs Zoltan Sandor: 2 posts



site design / logo © 2021 Grokbase