Feature request #955

PostGIS view only accessible by superuser or table owner

Added by Bernhard Ströbl over 16 years ago. Updated over 16 years ago.

Status:Closed
Priority:Low
Assignee:Jürgen Fischer
Category:Data Provider
Pull Request or Patch supplied: Resolution:fixed
Easy fix?:No Copied to github as #:11014

Description

Only a DB-superuser and the owner of the underlying table can access a PostGIS view. Everybody else gets a message stating there was no suitable key column in the view. This message led me to qgspostgresprovider.cpp which accesses information_schema.view_column_usage. However Postgres documentation states
... A column is only included if the table that contains the column is owned by a currently enabled role.
I logged into a Postres-DB three times and executed
SELECT * FROM information_schema.view_column_usage WHERE view_name = <name_of_the_view>
  • as non-superuser with select rights on the tables and views: SELECT returned no results.
  • as the table owner (non-superuser) SELECT returns all columns
  • as superuser (non-table-owner) SELECT returns all columns

Associated revisions

Revision 1ff7509b
Added by Jürgen Fischer over 16 years ago

- applied patch from Steven Mizuno from #964. Nice work. Thank you very much.
- better privilege handling (fixes #955)
- better postgis i18n (unicode handling, identifier quotation)
- password saving fixed
- support for int8 type added
- let provider capabilities follow table privileges (fixes #976)
- use prepared statements for adding features (fixed #977)
- remove connection pooling (fixes cursor problem)
- clear attribute list on loadFields (fixes #984)
- ignore bytea fields
- handle transactions/error reporting better
- some cleanups

git-svn-id: http://svn.osgeo.org/qgis/trunk/qgis@8213 c8812cc2-4d05-0410-92ff-de0c093fc19c

Revision 2ea7615b
Added by Jürgen Fischer over 16 years ago

- applied patch from Steven Mizuno from #964. Nice work. Thank you very much.
- better privilege handling (fixes #955)
- better postgis i18n (unicode handling, identifier quotation)
- password saving fixed
- support for int8 type added
- let provider capabilities follow table privileges (fixes #976)
- use prepared statements for adding features (fixed #977)
- remove connection pooling (fixes cursor problem)
- clear attribute list on loadFields (fixes #984)
- ignore bytea fields
- handle transactions/error reporting better
- some cleanups

git-svn-id: http://svn.osgeo.org/qgis/trunk@8213 c8812cc2-4d05-0410-92ff-de0c093fc19c

History

#1 Updated by Steven Mizuno over 16 years ago

I have submitted a patch on ticket #964 that addresses this along with internationalization and a number of other problems.

#2 Updated by Jürgen Fischer over 16 years ago

  • Resolution set to fixed
  • Status changed from Open to Closed

#3 Updated by Jürgen Fischer over 16 years ago

fixed in 2ea7615b (SVN r8214)

Also available in: Atom PDF