| Query goal: | Find views that have the security invoker option. Such option is possible starting from PostgreSQL 15. In case of using such views one cannot create a system where data is accessed through views and the users (applications) do not have direct access to the base tables. |
| Query type: | Problem detection (Each row in the result could represent a flaw in the design) |
| Query reliability: | Medium (Medium number of false-positive results) |
| Query license: | MIT License |
| Data source: | system catalog only |
| SQL query: | Click on query to copy it
SELECT pg_namespace.nspname, pg_class.relname FROM pg_catalog.pg_class, pg_catalog.pg_namespace WHERE pg_catalog.pg_class.relnamespace=pg_catalog.pg_namespace.oid AND 'security_invoker=true'=ANY(pg_catalog.pg_class.reloptions) ORDER BY nspname, relname; |
| Collection name | Collection description |
|---|---|
| Find problems by overview | Queries that results point to different aspects of database that might have problems. A human reviewer has to decide based on the results as to whether there are problems or not . |
| Category name | Category description |
|---|---|
| Derived tables | Queries of this category provide information about the derived tables (views, materialized views), which are used to implement virtual data layer. |
| Security | Queries of this category provide information about the security measures. |
| Reference |
|---|
| https://www.cybertec-postgresql.com/en/view-permissions-and-row-level-security-in-postgresql/ |