PostgreSQL: Permission to execute function (that inserts into a table) but no permission to insert directly

postgresql permissions database-administration

You have to have another role, that has privileges to write directly to tables. Then you create the function using this another role, and add to function definition "SECURITY DEFINER" clause. And then you grant execute on this function to your web role.

You can read more about it in documentation.

You might also want to check blog post that I once wrote about securing database.

Related

How can I determine how much memory a process is using in AIX?
Daily Activity Report On Linux [closed]
What would cause "Device not ready (errno=-16), forcing hardreset?
How to block Baidu from indexing MP3 files?
Display different motd file based on group
Google Wave vs Sharepoint
Move Windows accounts and settings to OpenLDAP
IP conflicts with a networked printer
Blackberry Enterprise server questions
is CPU actually occupied during iowait (%wa in top) on Linux / EC2?
Can I limit user bandwidth/ram usage/CPU usage in Windows 2003/2008/2008 R2?
apache/nginx html file size limit