I've been trying to create a function which returns data from a query. Selecting from the function when logged in as a user which has execute on the function but not on the underlying tables gives me a permissions error, reporting that I don't have permissions on the underlying table. Granting permissions on the underlying table makes the function work, but, as a significant purpose of the function is to prevent the user from being able to see the underlying tables, this is not a particularly happy situation.
Can one use functions in pg/plsql to prevent users from seeing the underlying tables? I was under the impression that one could.