Posts

Showing posts with the label stored procedures

Using Function with Security Access Control

Image
Introduction Continuing from the previous article about Function, we will look into how to use it with Security Access Control for efficient privilege management. Suppose you have a table storing sensitive and critical data like accounts, and you want to enforce access control to restrict regular accounts from accessing or updating account information. However, you still want to allow users to perform specific operations such as creating an account or updating a password. In this scenario, you can create a Function with SECURITY DEFINER, allowing users to simply call this Function and pass the corresponding input parameters. INVOKER and DEFINER This is an attribute of a function (or procedure) in PostgreSQL. SECURITY INVOKER is used by default, meaning the function executes with the privileges of the user calling it. It does not exceed the caller's privileges, which reduces security risks. SECURITY DEFINER specifies that the function will be executed with the privileges of the us...