Can a non-owner of a table be allowed to disable the table's triggers?












4















I would like for one user who is not a table owner, give the permissions to turn off and turn on the triggers. Can it be done?










share|improve this question









New contributor




Szymon Chowaniec is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

























    4















    I would like for one user who is not a table owner, give the permissions to turn off and turn on the triggers. Can it be done?










    share|improve this question









    New contributor




    Szymon Chowaniec is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.























      4












      4








      4








      I would like for one user who is not a table owner, give the permissions to turn off and turn on the triggers. Can it be done?










      share|improve this question









      New contributor




      Szymon Chowaniec is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.












      I would like for one user who is not a table owner, give the permissions to turn off and turn on the triggers. Can it be done?







      postgresql permissions trigger






      share|improve this question









      New contributor




      Szymon Chowaniec is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.











      share|improve this question









      New contributor




      Szymon Chowaniec is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      share|improve this question




      share|improve this question








      edited 11 hours ago









      Andriy M

      16.1k63373




      16.1k63373






      New contributor




      Szymon Chowaniec is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      asked 13 hours ago









      Szymon ChowaniecSzymon Chowaniec

      212




      212




      New contributor




      Szymon Chowaniec is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.





      New contributor





      Szymon Chowaniec is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






      Szymon Chowaniec is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






















          1 Answer
          1






          active

          oldest

          votes


















          6














          As the owner of the table, you can create a function (or, if you are on Postgres 11 or newer, a procedure) which disables the trigger of your choice like:



          CREATE OR REPLACE FUNCTION disable_this_trigger() 
          RETURNS void
          LANGUAGE SQL
          AS $$
          ALTER TABLE something DISABLE TRIGGER this_trigger;
          $$ SECURITY DEFINER;


          Then grant the necessary privilege to your user to execute the function:



          GRANT EXECUTE ON FUNCTION disable_this_trigger() TO alice;


          Now alice will be able to disable that one trigger. You can either extend this function with a switch (on/off, for example) to make enabling possible, or create a similar function that does the opposite of this one.



          The trick is in SECURITY DEFINER. It makes the function running with the privileges of the user that defines (creates) the function. As said above, this has to be the owner of the table, because only it (and superusers) can disable the triggers on it.






          share|improve this answer

























            Your Answer








            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "182"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: false,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: null,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });






            Szymon Chowaniec is a new contributor. Be nice, and check out our Code of Conduct.










            draft saved

            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fdba.stackexchange.com%2fquestions%2f230278%2fcan-a-non-owner-of-a-table-be-allowed-to-disable-the-tables-triggers%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            6














            As the owner of the table, you can create a function (or, if you are on Postgres 11 or newer, a procedure) which disables the trigger of your choice like:



            CREATE OR REPLACE FUNCTION disable_this_trigger() 
            RETURNS void
            LANGUAGE SQL
            AS $$
            ALTER TABLE something DISABLE TRIGGER this_trigger;
            $$ SECURITY DEFINER;


            Then grant the necessary privilege to your user to execute the function:



            GRANT EXECUTE ON FUNCTION disable_this_trigger() TO alice;


            Now alice will be able to disable that one trigger. You can either extend this function with a switch (on/off, for example) to make enabling possible, or create a similar function that does the opposite of this one.



            The trick is in SECURITY DEFINER. It makes the function running with the privileges of the user that defines (creates) the function. As said above, this has to be the owner of the table, because only it (and superusers) can disable the triggers on it.






            share|improve this answer






























              6














              As the owner of the table, you can create a function (or, if you are on Postgres 11 or newer, a procedure) which disables the trigger of your choice like:



              CREATE OR REPLACE FUNCTION disable_this_trigger() 
              RETURNS void
              LANGUAGE SQL
              AS $$
              ALTER TABLE something DISABLE TRIGGER this_trigger;
              $$ SECURITY DEFINER;


              Then grant the necessary privilege to your user to execute the function:



              GRANT EXECUTE ON FUNCTION disable_this_trigger() TO alice;


              Now alice will be able to disable that one trigger. You can either extend this function with a switch (on/off, for example) to make enabling possible, or create a similar function that does the opposite of this one.



              The trick is in SECURITY DEFINER. It makes the function running with the privileges of the user that defines (creates) the function. As said above, this has to be the owner of the table, because only it (and superusers) can disable the triggers on it.






              share|improve this answer




























                6












                6








                6







                As the owner of the table, you can create a function (or, if you are on Postgres 11 or newer, a procedure) which disables the trigger of your choice like:



                CREATE OR REPLACE FUNCTION disable_this_trigger() 
                RETURNS void
                LANGUAGE SQL
                AS $$
                ALTER TABLE something DISABLE TRIGGER this_trigger;
                $$ SECURITY DEFINER;


                Then grant the necessary privilege to your user to execute the function:



                GRANT EXECUTE ON FUNCTION disable_this_trigger() TO alice;


                Now alice will be able to disable that one trigger. You can either extend this function with a switch (on/off, for example) to make enabling possible, or create a similar function that does the opposite of this one.



                The trick is in SECURITY DEFINER. It makes the function running with the privileges of the user that defines (creates) the function. As said above, this has to be the owner of the table, because only it (and superusers) can disable the triggers on it.






                share|improve this answer















                As the owner of the table, you can create a function (or, if you are on Postgres 11 or newer, a procedure) which disables the trigger of your choice like:



                CREATE OR REPLACE FUNCTION disable_this_trigger() 
                RETURNS void
                LANGUAGE SQL
                AS $$
                ALTER TABLE something DISABLE TRIGGER this_trigger;
                $$ SECURITY DEFINER;


                Then grant the necessary privilege to your user to execute the function:



                GRANT EXECUTE ON FUNCTION disable_this_trigger() TO alice;


                Now alice will be able to disable that one trigger. You can either extend this function with a switch (on/off, for example) to make enabling possible, or create a similar function that does the opposite of this one.



                The trick is in SECURITY DEFINER. It makes the function running with the privileges of the user that defines (creates) the function. As said above, this has to be the owner of the table, because only it (and superusers) can disable the triggers on it.







                share|improve this answer














                share|improve this answer



                share|improve this answer








                edited 10 hours ago

























                answered 10 hours ago









                dezsodezso

                22.2k116096




                22.2k116096






















                    Szymon Chowaniec is a new contributor. Be nice, and check out our Code of Conduct.










                    draft saved

                    draft discarded


















                    Szymon Chowaniec is a new contributor. Be nice, and check out our Code of Conduct.













                    Szymon Chowaniec is a new contributor. Be nice, and check out our Code of Conduct.












                    Szymon Chowaniec is a new contributor. Be nice, and check out our Code of Conduct.
















                    Thanks for contributing an answer to Database Administrators Stack Exchange!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fdba.stackexchange.com%2fquestions%2f230278%2fcan-a-non-owner-of-a-table-be-allowed-to-disable-the-tables-triggers%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    Popular posts from this blog

                    數位音樂下載

                    When can things happen in Etherscan, such as the picture below?

                    格利澤436b