Skip site navigation (1) Skip section navigation (2)

Re: Data access and user id

From: "Jean-Yves F(dot) Barbier" <12ukwn(at)gmail(dot)com>
To: Richard Broersma <richard(dot)broersma(at)gmail(dot)com>
Cc: pgsql-novice(at)postgresql(dot)org
Subject: Re: Data access and user id
Date: 2009-11-21 23:14:34
Message-ID: 4B08745A.5090800@gmail.com (view raw or flat)
Thread:
Lists: pgsql-novice
Richard Broersma a écrit :
> On Sat, Nov 21, 2009 at 8:08 AM, Jean-Yves F. Barbier <12ukwn(at)gmail(dot)com> wrote:

oops, sorry for the delay: icedove biffer sometimes miss new emails :(
 
>> My PB is I just can use triggers with SECURITY DEFINER to do that, thus
>> I can't update the field 'user_mod' with user's id because triggers are
>> always executed as their owner's id, not caller's id.
> 
> http://www.postgresql.org/docs/8.4/interactive/functions-info.html
> 
> Notice that there are different user operators to choose from.
> current_user ( user ), session_user.  I believe that one of those will
> give you what you want.

Yep, but no: my purpose is to forbid any direct rights and pass through
functions & triggers (in this case, trigger *must* be SECURITY DEFINER
to bypass the lack of schema and table permissions.)

The problem is if I use either current_user or session_user in the INSERT
trigger, it returns the trigger's owner Id, not the caller one.

-- 
Make sure your code does nothing gracefully.

In response to

pgsql-novice by date

Next:From: Jean-Yves F. BarbierDate: 2009-11-21 23:35:05
Subject: Re: Data access and user id
Previous:From: Richard BroersmaDate: 2009-11-21 16:24:47
Subject: Re: Data access and user id

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group