| From: | raf <raf(at)raf(dot)org> |
|---|---|
| To: | pgsql-general(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Invoking user of the function with SECURITY DEFINER |
| Date: | 2018-11-24 20:54:14 |
| Message-ID: | 20181124205414.awjyy2gqhuy46wrb@raf.org |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Laurenz Albe wrote:
> Madan Kumar wrote:
> > How to get the user who is invoking the function with SECURITY DEFINER?
> > When we define the function to be SECURITY DEFINER, it will execute in the
> > context of the user who created it. Let's say I've given execute permission
> > for this function to other users and wish to know who is executing it.
> > Is there a way to find that out?
> > I tried CURRENT_USER and SESSION_USER but they return the function owner
> > since they execute in that context. So is there any way to figure out the
> > user who is invoking the function?
>
> It works for me:
>
> As user "postgres":
>
> CREATE OR REPLACE FUNCTION tellme() RETURNS text LANGUAGE plpgsql
> SECURITY DEFINER AS 'BEGIN RETURN session_user; END;';
>
> As user "laurenz":
>
> SELECT tellme();
> tellme
> ---------
> laurenz
> (1 row)
>
> Yours,
> Laurenz Albe
session_user has always worked for me.
cheers,
raf
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Madan Kumar | 2018-11-25 11:50:11 | Re: Invoking user of the function with SECURITY DEFINER |
| Previous Message | Glenn Schultz | 2018-11-22 18:43:28 | Re: table value function help |