docs: set role permission checking, do I read this wrong?

From: Daniel Westermann <daniel(dot)westermann(at)dbi-services(dot)com>
To: pgsql-docs(at)lists(dot)postgresql(dot)org
Subject: docs: set role permission checking, do I read this wrong?
Date: 2023-10-18 07:05:18
Message-ID: 93e0bf53-41ae-4718-a1c5-cec36283bbc7@dbi-services.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-docs

Hi,

when reading the documentation about "set role" there is this:
https://www.postgresql.org/docs/16/sql-set-role.html

"After |SET ROLE|, permissions checking for SQL commands is carried out
as though the named role were the one that had logged in originally."

Given this:

postgres=# select session_user, current_user;
 session_user | current_user
--------------+--------------
 postgres     | postgres
(1 row)

postgres=# set role a;
SET
postgres=> create table t(a int);
ERROR:  permission denied for schema public
LINE 1: create table t(a int);
                     ^
Isn't it the other way around and permission checking is done as "a", or
do I read this wrong?

Best regards
Daniel

Responses

Browse pgsql-docs by date

  From Date Subject
Next Message David G. Johnston 2023-10-18 07:26:10 Re: docs: set role permission checking, do I read this wrong?
Previous Message jian he 2023-10-17 11:14:41 Re: No explanation of other options