On Sat, Apr 21, 2001 at 05:43:02PM +0200, Peter Eisentraut wrote:
> I have implemented this; it seems to do what we need:
>
> $ ~/pg-install/bin/psql -U peter
>
> peter=# set session authorization 'joeblow';
> SET VARIABLE
> peter=# create table foo (a int);
> CREATE
> peter=# \dt
> List of relations
> Name | Type | Owner
> -------+-------+---------
> foo | table | joeblow
> test | table | peter
> test2 | table | peter
> (3 rows)
Great! With this feature is possible use persisten connection and
on-the-fly changing actual user, right? It's very useful for example
web application that checking user privilege via SQL layout.
I have I question, what happen with this code:
(connected as superuser)
set session authorization 'userA';set session authorization 'userB';
IMHO it must be disable, right must be something like:
set session authorization 'userA';unset session authorization; <-- switch back to superuser set session
authorization'userB';
..like as on Linux:
# su - zakkr
$ id -u
1000
$ su - jmarek
Password:
su: Authentication failure
Sorry.
Karel
-- Karel Zak <zakkr@zf.jcu.cz>http://home.zf.jcu.cz/~zakkr/C, PostgreSQL, PHP, WWW, http://docs.linux.cz,
http://mape.jcu.cz
