Re: Invoking user of the function with SECURITY DEFINER - Mailing list pgsql-general

From Laurenz Albe
Subject Re: Invoking user of the function with SECURITY DEFINER
Date
Msg-id bd95ac4a16c77efa49f724e93bbabb74dfbdae38.camel@cybertec.at
Whole thread Raw
In response to Invoking user of the function with SECURITY DEFINER  (Madan Kumar <madankumar1993@gmail.com>)
Responses Re: Invoking user of the function with SECURITY DEFINER
List pgsql-general
Madan Kumar wrote:
> How to get the user who is invoking the function with SECURITY DEFINER? 
> When we define the function to be SECURITY DEFINER, it will execute in the
> context of the user who created it. Let's say I've given execute permission
> for this function to other users and wish to know who is executing it.
> Is there a way to find that out?
> I tried CURRENT_USER and SESSION_USER but they return the function owner
> since they execute in that context. So is there any way to figure out the
> user who is invoking the function?

It works for me:

As user "postgres":

CREATE OR REPLACE FUNCTION tellme() RETURNS text LANGUAGE plpgsql
   SECURITY DEFINER AS 'BEGIN RETURN session_user; END;';

As user "laurenz":

SELECT tellme();
 tellme  
---------
 laurenz
(1 row)

Yours,
Laurenz Albe
-- 
+43-670-6056265
Cybertec Schönig & Schönig GmbH
Gröhrmühlgasse 26, A-2700 Wiener Neustadt
Web: https://www.cybertec-postgresql.com



pgsql-general by date:

Previous
From: Madan Kumar
Date:
Subject: Invoking user of the function with SECURITY DEFINER
Next
From: Станислав Губанов
Date:
Subject: a bug jsonb?