| From: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
|---|---|
| To: | Daniel Westermann <daniel(dot)westermann(at)dbi-services(dot)com> |
| Cc: | "pgsql-docs(at)lists(dot)postgresql(dot)org" <pgsql-docs(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: docs: set role permission checking, do I read this wrong? |
| Date: | 2023-10-18 07:26:10 |
| Message-ID: | CAKFQuwY9pa475guw29sppEM3FqcmPRXFeLqCAx1dX2vrzsg7Fg@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-docs |
On Wednesday, October 18, 2023, Daniel Westermann <
daniel(dot)westermann(at)dbi-services(dot)com> wrote:
>
> "After |SET ROLE|, permissions checking for SQL commands is carried out as
> though the named role were the one that had logged in originally."
>
> Isn't it the other way around and permission checking is done as "a", or
> do I read this wrong?
>
It is saying “a” is the current_user:
When you set role to (named role) a the system behaves as if (named role) a
had logged in originally (even though, in that example, postgres is the
role that originally logged in)
David J.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Daniel Westermann | 2023-10-18 07:56:25 | Re: docs: set role permission checking, do I read this wrong? |
| Previous Message | Daniel Westermann | 2023-10-18 07:05:18 | docs: set role permission checking, do I read this wrong? |