| From: | Daniel Westermann <daniel(dot)westermann(at)dbi-services(dot)com> |
|---|---|
| To: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
| Cc: | "pgsql-docs(at)lists(dot)postgresql(dot)org" <pgsql-docs(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: docs: set role permission checking, do I read this wrong? |
| Date: | 2023-10-18 07:56:25 |
| Message-ID: | 985846a7-97e6-4c43-a34a-5541faf2c37c@dbi-services.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-docs |
On 10/18/23 09:26, David G. Johnston wrote:
> On Wednesday, October 18, 2023, Daniel Westermann
> <daniel(dot)westermann(at)dbi-services(dot)com> wrote:
>
>
> "After |SET ROLE|, permissions checking for SQL commands is
> carried out as though the named role were the one that had logged
> in originally."
>
> Isn't it the other way around and permission checking is done as
> "a", or do I read this wrong?
>
>
> It is saying “a” is the current_user:
>
> When you set role to (named role) a the system behaves as if (named
> role) a had logged in originally (even though, in that example,
> postgres is the role that originally logged in)
>
> David J.
>
Thank you, this is what I see in the small example. Maybe it is my
English, but this sentence sounds confusing.
Regards
Daniel
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David G. Johnston | 2023-10-18 12:35:02 | Re: docs: set role permission checking, do I read this wrong? |
| Previous Message | David G. Johnston | 2023-10-18 07:26:10 | Re: docs: set role permission checking, do I read this wrong? |