[Please reply to the list, not just to me, so that others can benefit from and contribute to the discussion]
On 31 August 2016 at 11:52, Andrea Adami <f...@fulcro.net> wrote: > Thnaks Dean, i did further investigations: > i set the owner of the view to: "mana...@scuola247.it" with: > ALTER TABLE public.policy_view OWNER TO "mana...@scuola247.it"; > and i thinking to see from the select: > select * from policy_view > the rows: 1,2,3 > then > set role 'mana...@scuola247.it'; > select * from policy_view; > return rows 1,2,3 as expected but: > set role 'teac...@scuola247.it'; > select * from policy_view; > returns rows 4,5 and > set role 'postgres' > select * from policy_view > return nothing ... > what you thinking about ? > > Andrea That's correct. With the table owned by postgres and the view owned by "mana...@scuola247.it", access to the table via the view is subject to the policies that apply to "mana...@scuola247.it". So regardless of who the current user is, when selecting from the view, the policy "standard" will be applied, and that will limit the visible rows to those for which usr = current_user. Regards, Dean -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
