Quick Links

Re: Can the username calling a function be made available within the function?

From:	Richard Huxton <dev(at)archonet(dot)com>
To:	Adam Witney <awitney(at)sghms(dot)ac(dot)uk>, pgsql-general <pgsql-general(at)postgresql(dot)org>
Subject:	Re: Can the username calling a function be made available within the function?
Date:	2004-04-07 12:25:14
Message-ID:	200404071325.14808.dev@archonet.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-general

On Wednesday 07 April 2004 11:23, Adam Witney wrote:
> I'd like to be able to have a PL/pgSQL function defined as SECURITY
> DEFINER, but still have access to the calling username within the function.
> Is this possible?
>
> I could pass current_user as a parameter, but of course this could easily
> be bypassed.
>
> Is there a way of coding this?

Just "SELECT CURRENT_USER" into a variable. You might want SESSION_USER
though.

--
Richard Huxton
Archonet Ltd

In response to

Can the username calling a function be made available within the function? at 2004-04-07 10:23:25 from Adam Witney

Browse pgsql-general by date

	From	Date	Subject
Next Message	Bob.Henkel	2004-04-07 12:29:48	Re: Can we have time based triggers in Postgresql??
Previous Message	Stephen Frost	2004-04-07 11:55:08	Re: More aggregate functions?