Re: Clarification on View Privileges and Operator Execution in PostgreSQL

2024-04-07 Thread Ayush Vatsa
Understood. Thanks David it was a nice conversation and clarification from you Regards Ayush Vatsa On Sun, 7 Apr 2024 at 23:45, David G. Johnston wrote: > On Sun, Apr 7, 2024 at 11:02 AM Ayush Vatsa > wrote: > >> > If you want to confirm what the documentation says create a custom >> operator/

Re: Clarification on View Privileges and Operator Execution in PostgreSQL

2024-04-07 Thread David G. Johnston
On Sun, Apr 7, 2024 at 11:02 AM Ayush Vatsa wrote: > > If you want to confirm what the documentation says create a custom > operator/function that alex is not permitted to execute and have them query > a view defined by postgres that uses that function. > Thanks for the suggestion, it helped and

Re: Clarification on View Privileges and Operator Execution in PostgreSQL

2024-04-07 Thread Ayush Vatsa
> If you want to confirm what the documentation says create a custom operator/function that alex is not permitted to execute and have them query a view defined by postgres that uses that function. Thanks for the suggestion, it helped and I found out alex could not execute the view as it didn't have

Re: Clarification on View Privileges and Operator Execution in PostgreSQL

2024-04-07 Thread David G. Johnston
On Sun, Apr 7, 2024 at 9:32 AM Ayush Vatsa wrote: > but who will execute the > > underlying function inside the ( > ) operator ? Is it postgres or alex? > >> I'm reasonably confident that all the built-in functions are security invoker. Not that a pure function like greater-than really cares.

Re: Clarification on View Privileges and Operator Execution in PostgreSQL

2024-04-07 Thread David G. Johnston
On Sun, Apr 7, 2024 at 9:32 AM Ayush Vatsa wrote: > > Functions in the view are executed with the privileges of the user > executing the query or the function owner > So does that imply to the function associated with the operators (both > builtin and user defined) too. > Basically wanted to know

Re: Clarification on View Privileges and Operator Execution in PostgreSQL

2024-04-07 Thread Ayush Vatsa
> Functions in the view are executed with the privileges of the user executing the query or the function owner So does that imply to the function associated with the operators (both builtin and user defined) too. Basically wanted to know about this - > Now table x will be accessed (SELECT * FROM x)

Re: Clarification on View Privileges and Operator Execution in PostgreSQL

2024-04-07 Thread David G. Johnston
On Sun, Apr 7, 2024 at 9:10 AM Ayush Vatsa wrote: > > but what about the view which contains inbuilt operators or inbuilt > functions with whose privileges those will be executed. Eg. > >From the create view documentation: Functions called in the view are treated the same as if they had been cal

Clarification on View Privileges and Operator Execution in PostgreSQL

2024-04-07 Thread Ayush Vatsa
Hi PostgreSQL community, I am recently studying about operators and views and I had doubts in two small things 1. I know if a view (security definer) is accessing a table then it is getting accessed by view owners privileges but what about the view which contains inbuilt operators or inbuilt functi