Re: How to grant read only functions execute permission to read only user
On Mon, Jul 17, 2023, 08:44 Tomas Vondra wrote: > > > On 7/17/23 16:11, Yi Sun wrote: > > Hello guys, > > > > Our read only user is okay to be granted read only permission of tables. > > > > How to grant read only functions execute permission to read only user, > > is there a simple way to do it please? If not, how to get the list of > > read only functions please? Then can grant one by one based on the list, > > thanks > > What is read-only function? I don't think Postgres has anything like > that. Functions inherit the privileges of the user that executes them by > default. So if the user is read-only (i.e. has just SELECT privilege), > then the function can't do any writes either. > > > By definition any function marked stable or immutable is read-only though the system doesn't enforce that user-specified label. David J.
Re: How to grant read only functions execute permission to read only user
On 7/17/23 16:11, Yi Sun wrote: > Hello guys, > > Our read only user is okay to be granted read only permission of tables. > > How to grant read only functions execute permission to read only user, > is there a simple way to do it please? If not, how to get the list of > read only functions please? Then can grant one by one based on the list, > thanks What is read-only function? I don't think Postgres has anything like that. Functions inherit the privileges of the user that executes them by default. So if the user is read-only (i.e. has just SELECT privilege), then the function can't do any writes either. regards -- Tomas Vondra EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company
How to grant read only functions execute permission to read only user
Hello guys, Our read only user is okay to be granted read only permission of tables. How to grant read only functions execute permission to read only user, is there a simple way to do it please? If not, how to get the list of read only functions please? Then can grant one by one based on the list, thanks Best regards Dennis Sun