| From: | Joseph Koshakow <koshy44(at)gmail(dot)com> |
|---|---|
| To: | Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at> |
| Cc: | Tomas Vondra <tomas(dot)vondra(at)enterprisedb(dot)com>, pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Wrong security context for deferred triggers? |
| Date: | 2024-06-09 01:13:07 |
| Message-ID: | CAAvxfHecV=O-HYo=3zeG0w9YiRmiZBOvLgZ+ZZDh_E1xCyc-BQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Sat, Jun 8, 2024 at 5:36 PM Joseph Koshakow <koshy44(at)gmail(dot)com> wrote:
> Additionally, I applied your patch to master and re-ran the example and
> didn't notice any behavior change.
>
> test=# CREATE TABLE tab (i integer);
> CREATE TABLE
> test=# CREATE FUNCTION trig() RETURNS trigger
> LANGUAGE plpgsql AS
> $$BEGIN
> RAISE NOTICE 'current_user = %', current_user;
> RETURN NEW;
> END;$$;
> CREATE FUNCTION
> test=# CREATE CONSTRAINT TRIGGER trig AFTER INSERT ON tab
> DEFERRABLE INITIALLY IMMEDIATE
> FOR EACH ROW EXECUTE FUNCTION trig();
> CREATE TRIGGER
> test=# CREATE ROLE duff;
> CREATE ROLE
> test=# GRANT INSERT ON tab TO duff;
> GRANT
> test=# SET ROLE duff;
> SET
> test=> BEGIN;
> BEGIN
> test=*> INSERT INTO tab VALUES (1);
> NOTICE: current_user = duff
> INSERT 0 1
> test=*> SET CONSTRAINTS ALL DEFERRED;
> SET CONSTRAINTS
> test=*> INSERT INTO tab VALUES (2);
> INSERT 0 1
> test=*> RESET ROLE;
> RESET
> test=*# COMMIT;
> NOTICE: current_user = joe
> COMMIT
>
> Though maybe I'm just doing something wrong.
Sorry, there's definitely something wrong with my environment. You can
ignore this.
Thanks,
Joe Koshakow
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Isaac Morland | 2024-06-09 02:13:27 | Re: Wrong security context for deferred triggers? |
| Previous Message | David E. Wheeler | 2024-06-08 22:49:38 | Shouldn't jsonpath .string() Unwrap? |