Home > mailing lists

Re: SET LOCAL ROLE inside SECURITY INVOKER (LANGUAGE plpgsql) function - Mailing list pgsql-general

From	Dominique Devienne
Subject	Re: SET LOCAL ROLE inside SECURITY INVOKER (LANGUAGE plpgsql) function
Date	July 31 18:54:27
Msg-id	CAFCRh--ZOeWP6euXdXz=yri3-5V0wFHXTd2KGLb+UaTUR7k_LQ@mail.gmail.com Whole thread Raw
In response to	Re: SET LOCAL ROLE inside SECURITY INVOKER (LANGUAGE plpgsql) function (Adrian Klaver <adrian.klaver@aklaver.com>)
List	pgsql-general

Tree view

On Thu, Jul 31, 2025 at 4:13 PM Adrian Klaver <adrian.klaver@aklaver.com> wrote:
> On 7/31/25 04:37, Dominique Devienne wrote:
> So the below from the original post was not correct:
>
> "My setup ensures that the role I SET LOCAL ROLE to, has (indirectly)
> been granted DMLs on that table."

Not so. DML is Data Modification Language.
I did grant INSERT, UPDATE, DELETE.

As opposed to DQL, Data Query Language.
And yes, I failed to grant SELECT.

Normally SELECT comes from yet another role.
But not in this specific case.

pgsql-general by date:

From: Adrian Klaver
Date: 31 July, 18:45:46
Subject: Re: SET LOCAL ROLE inside SECURITY INVOKER (LANGUAGE plpgsql) function

From: Dominique Devienne
Date: 31 July, 18:59:42
Subject: Re: SET LOCAL ROLE inside SECURITY INVOKER (LANGUAGE plpgsql) function

Re: SET LOCAL ROLE inside SECURITY INVOKER (LANGUAGE plpgsql) function - Mailing list pgsql-general

Previous

Next