| From: | Adam Witney <awitney(at)sgul(dot)ac(dot)uk> |
|---|---|
| To: | Richard Hayward <richard(at)tortoise(dot)demon(dot)co(dot)uk>, pgsql-general <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: current_user inside SECURITY DEFINER function? |
| Date: | 2005-07-06 13:34:03 |
| Message-ID: | BEF19C5B.48BA7%awitney@sgul.ac.uk |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
I think you want to use session_user instead
Adam
> Is there any way to get the name of the current user inside a PL/pgSQL
> function that is defined with security definer?
>
> current_user gives the name of the user who created the function.
>
> The reason I want this is that I intend to use functions to maintain
> security, like this:
>
> userA has only select permission on myTable.
>
> The only way userA can insert to myTable is by providing parameters
> for and executing myFunction.
>
> myFunction was created by user postgres who does have insert
> permission on myTable. However the code inside myFunction needs to do
> different things, depending on who called it.
>
> Is there any way of getting the user?
>
> regards
> Richard
>
>
> ---------------------------(end of broadcast)---------------------------
> TIP 1: subscribe and unsubscribe commands go to majordomo(at)postgresql(dot)org
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Fuhr | 2005-07-06 13:36:12 | Re: Seg fault in postgres 7.4.7? |
| Previous Message | Stephan Szabo | 2005-07-06 13:33:58 | Re: current_user inside SECURITY DEFINER function? |