Home > mailing lists

Re: current_role of caller of a DEFINER function - Mailing list pgsql-general

From	walther@technowledgy.de
Subject	Re: current_role of caller of a DEFINER function
Date	June 26 13:11:26
Msg-id	0b7d3b22-3e98-4eca-bc14-9430c48c0217@technowledgy.de Whole thread Raw
In response to	current_role of caller of a DEFINER function (Dominique Devienne <ddevienne@gmail.com>)
Responses	Re: current_role of caller of a DEFINER function
List	pgsql-general

Tree view

Dominique Devienne:
> 1) Is there any way to know the current_role of the caller of a
> DEFINER function. I fear the answer is no, but better be sure from
> experts here.

You can do something like this:

CREATE DOMAIN current_user_only AS text
   CONSTRAINT current_user_only CHECK (VALUE = CURRENT_USER);

CREATE FUNCTION func(
   calling_user current_user_only DEFAULT CURRENT_USER
) ... SECURITY DEFINER;

The default value will be evaluated in the context of the calling user, 
the constraint forces it to never be set explicitly to something else.

Thus you can use calling_user inside your function.

Best,

Wolfgang

pgsql-general by date:

From: Erik Wienhold
Date: 26 June, 13:06:29
Subject: Re: current_role of caller of a DEFINER function

From: Dominique Devienne
Date: 26 June, 15:25:30
Subject: Re: current_role of caller of a DEFINER function

Re: current_role of caller of a DEFINER function - Mailing list pgsql-general

Previous

Next