public inbox for [email protected]
help / color / mirror / Atom feedFrom: Ayush Vatsa <[email protected]>
To: [email protected]
Subject: Clarification on View Privileges and Operator Execution in PostgreSQL
Date: Sun, 7 Apr 2024 21:40:05 +0530
Message-ID: <CACX+KaN-Lqv+k6d4b37oKFiqF6ibMkq1RVHbcTby5EjRtNQewg@mail.gmail.com> (raw)
Hi PostgreSQL community,
I am recently studying about operators and views and I had doubts in two
small things
1. I know if a view (security definer) is accessing a table then it is
getting accessed by view owners privileges
but what about the view which contains inbuilt operators or inbuilt
functions with whose privileges those will be executed. Eg.
SET ROLE postgres;
CREATE TABLE x(id INT);
CREATE VIEW v AS SELECT * FROM x WHERE id > 100;
CREATE ROLE alex;
GRANT SELECT ON v TO alex;
SET ROLE alex;
SELECT * FROM v;
Now table x will be accessed (SELECT * FROM x) with "postgres" privileges
but who will execute the
underlying function inside the ( > ) operator ? Is it postgres or alex?
2. What if I used a user defined operator in the above example, then with
whose privileges that operator will be executed?
Thanks
Ayush Vatsa
SDE AWS
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected]
Subject: Re: Clarification on View Privileges and Operator Execution in PostgreSQL
In-Reply-To: <CACX+KaN-Lqv+k6d4b37oKFiqF6ibMkq1RVHbcTby5EjRtNQewg@mail.gmail.com>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox