Thread: Can the username calling a function be made available within the function?

Can the username calling a function be made available within the function?

From

Adam Witney

Date:

07 April 2004, 10:24:24

I'd like to be able to have a PL/pgSQL function defined as SECURITY DEFINER,
but still have access to the calling username within the function. Is this
possible?

I could pass current_user as a parameter, but of course this could easily be
bypassed.

Is there a way of coding this?

Thanks for any help

Adam


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

Re: Can the username calling a function be made available within the function?

From

Richard Huxton

Date:

07 April 2004, 12:25:18

On Wednesday 07 April 2004 11:23, Adam Witney wrote:
> I'd like to be able to have a PL/pgSQL function defined as SECURITY
> DEFINER, but still have access to the calling username within the function.
> Is this possible?
>
> I could pass current_user as a parameter, but of course this could easily
> be bypassed.
>
> Is there a way of coding this?

Just "SELECT CURRENT_USER" into a variable. You might want SESSION_USER
though.


--
  Richard Huxton
  Archonet Ltd

Re: Can the username calling a function be made available within the function?

From

Bruno Wolff III

Date:

07 April 2004, 13:53:30

On Wed, Apr 07, 2004 at 11:23:25 +0100,
  Adam Witney <awitney@sghms.ac.uk> wrote:
>
> I'd like to be able to have a PL/pgSQL function defined as SECURITY DEFINER,
> but still have access to the calling username within the function. Is this
> possible?
>
> I could pass current_user as a parameter, but of course this could easily be
> bypassed.
>
> Is there a way of coding this?

You probably want session_user.