| From: | Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at> |
|---|---|
| To: | Madan Kumar <madankumar1993(at)gmail(dot)com>, pgsql-general(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Invoking user of the function with SECURITY DEFINER |
| Date: | 2018-11-22 11:45:34 |
| Message-ID: | bd95ac4a16c77efa49f724e93bbabb74dfbdae38.camel@cybertec.at |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Madan Kumar wrote:
> How to get the user who is invoking the function with SECURITY DEFINER?
> When we define the function to be SECURITY DEFINER, it will execute in the
> context of the user who created it. Let's say I've given execute permission
> for this function to other users and wish to know who is executing it.
> Is there a way to find that out?
> I tried CURRENT_USER and SESSION_USER but they return the function owner
> since they execute in that context. So is there any way to figure out the
> user who is invoking the function?
It works for me:
As user "postgres":
CREATE OR REPLACE FUNCTION tellme() RETURNS text LANGUAGE plpgsql
SECURITY DEFINER AS 'BEGIN RETURN session_user; END;';
As user "laurenz":
SELECT tellme();
tellme
---------
laurenz
(1 row)
Yours,
Laurenz Albe
--
+43-670-6056265
Cybertec Schönig & Schönig GmbH
Gröhrmühlgasse 26, A-2700 Wiener Neustadt
Web: https://www.cybertec-postgresql.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Станислав Губанов | 2018-11-22 14:58:21 | a bug jsonb? |
| Previous Message | Madan Kumar | 2018-11-22 11:24:06 | Invoking user of the function with SECURITY DEFINER |