[BUGS] wrong permissions for triggers invoked by rewrite rules

[pgsql-bugs]

Helge Bahmann ([EMAIL PROTECTED]) reports a bug with a severity of 2
The lower the number the more severe it is.

Short Description
wrong permissions for triggers invoked by rewrite rules

Long Description
Rewritten queries are normally executed with the permissions of the creator of the 
rewrite rule. However, triggers invoked by the rewritten query are not executed with 
the new permissions.

Sample Code
-- as user 'user1':
create table table1(id int);
create table table2(id int);
create function foo() returns opaque as 'begin
  insert into table2 values(new.id);
  return new;
end;' language 'plpgsql';
create trigger bar before insert on table2 for each row execute procedure foo();
create view view1 as select * from table1;
create rule view1_ins as on insert to view1 do instead insert into table1 
values(new.id);
grant insert, select on view1 to user2;
-- as user 'user2':
insert into view1 values(1);
-- fails with: ERROR:  table2: Permission denied.

No file was uploaded with this report