授予使用函数的视图的选择权

发布于 2024-11-18 08:32:47 字数 793 浏览 3 评论 0原文

我正在使用 postgresql 8.4，当视图使用任何数据库函数时，从不同用户拥有的数据库中授予视图的选择权限时遇到一些问题。

作为新用户，当我尝试运行时，例如 select * from users_pwd; 其中 users_pwd 定义为：

create view users_pwd as
select *, get_pwd(id)
from users;

和 get_pwd 为：

CREATE OR REPLACE FUNCTION get_pwd(p_id integer)
RETURNS text AS
$BODY$
declare u record;
BEGIN
select into u * from users where id = p_id;
return u.password;
END;
$BODY$
LANGUAGE plpgsql;

我收到以下错误：

ERROR:  permission denied for relation users
CONTEXT:  SQL statement "select * from users where id =  $1 "
PL/pgSQL function "get_pwd" line 3 at SQL statement

让用户查询的唯一方法view 的目的是显式授予对表用户的选择，这是我不想做的。

如果视图不使用任何函数，而只是新用户没有显式访问权限的其他表，则它可以正常工作。

原文

I'm using postgresql 8.4 and am having a bit of a problem granting select privileges on a view from a database onwed by a different user when the view uses any of the databases functions.

As the new user, when I try to run, for example select * from users_pwd; where users_pwd is defined as:

create view users_pwd as
select *, get_pwd(id)
from users;

and get_pwd as:

CREATE OR REPLACE FUNCTION get_pwd(p_id integer)
RETURNS text AS
$BODY$
declare u record;
BEGIN
select into u * from users where id = p_id;
return u.password;
END;
$BODY$
LANGUAGE plpgsql;

I get the following error:

ERROR:  permission denied for relation users
CONTEXT:  SQL statement "select * from users where id =  $1 "
PL/pgSQL function "get_pwd" line 3 at SQL statement

The only way to have the user query the view is to explicitly grant select on the table users which I don't want to do.

If a view doesn't use any function, but rather just other tables which the new user doesn't have explicit access to it works perfectly fine.

分享到QQ

分享到微博