Crie a função PostgreSQL 9 com login (usuário) apenas para executar funções

-- Create the user.
CREATE ROLE somebody WITH LOGIN PASSWORD '...';

-- Prevent all authenticated users from being able to use the database,
-- unless they have been explicitly granted permission.
REVOKE ALL PRIVILEGES ON DATABASE foo FROM PUBLIC;
REVOKE ALL PRIVILEGES ON ALL TABLES IN SCHEMA public FROM PUBLIC;
REVOKE ALL PRIVILEGES ON ALL FUNCTIONS IN SCHEMA public FROM PUBLIC;
REVOKE ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public FROM PUBLIC;

-- Allow the user to only use the specified functions.
GRANT CONNECT ON DATABASE foo TO somebody;
GRANT EXECUTE ON FUNCTION return_customers(), return_time() TO somebody;

• CREATE FUNCTION particularmente SECURITY DEFINER
• GRANT tanto para adicionar usuários a funções quanto para atribuir direitos de acesso a tabelas, sequências etc.
• REVOKE
• CREATE ROLE