I have a PL/PgSQL stored procedure that performs various operations on tables (SELECT, UPDATE, INSERT, TRUNCATE
).
I want users to be able to run the stored procedure, but not themselves perform those same operations on the tables.
Is that possible?
Best Answer
Yes that's possible. Create the function with the user owning all those tables and use the
SECURITY DEFINER
modifier.Also see the example in the manual:
http://www.postgresql.org/docs/current/static/sql-createfunction.html#SQL-CREATEFUNCTION-SECURITY