Olleg Samoylov wrote:
Hmm - perhaps the documentation needs expanding. Certainly, if your view
references functions you need to make sure permissions are set correctly
on those.

How about changes along the lines of:

Ch 33.4, para 2
"... Relations that are used due to rules get checked against the
privileges of the rule owner, not the user invoking the rule. This means
that a user only needs the required privileges for the objects[1] that
he names explicitly in his queries."

then

"[1] This includes permissions on tables and views you reference in your
view definition. It might also include execute permissions on any
functions referenced, and for updates, permissions on any sequences.
This includes sequences automatically created by use of the SERIAL type."

Perhaps we should also have a reminder to read the rules chapter in the
serial description (ch 8.1.4)

--
Richard Huxton
Archonet Ltd

---------------------------(end of broadcast)---------------------------
TIP 2: you can get off all lists at once with the unregister command
(send "unregister YourEmailAddressHere" to majordomo (AT) postgresql (DOT) org)