| From: | Richard Hayward <richard(at)tortoise(dot)demon(dot)co(dot)uk> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | current_user inside SECURITY DEFINER function? |
| Date: | 2005-07-05 19:15:01 |
| Message-ID: | ctllc1lqcht4a2bcn4j1vo35r0oqe28vul@4ax.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Is there any way to get the name of the current user inside a PL/pgSQL
function that is defined with security definer?
current_user gives the name of the user who created the function.
The reason I want this is that I intend to use functions to maintain
security, like this:
userA has only select permission on myTable.
The only way userA can insert to myTable is by providing parameters
for and executing myFunction.
myFunction was created by user postgres who does have insert
permission on myTable. However the code inside myFunction needs to do
different things, depending on who called it.
Is there any way of getting the user?
regards
Richard
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Clark Allan | 2005-07-05 20:01:14 | Re: PostgreSQL sequence within function |
| Previous Message | Tony Caduto | 2005-07-05 18:55:06 | Re: PostgreSQL sequence within function |