| From: | "Jean-Yves F(dot) Barbier" <12ukwn(at)gmail(dot)com> |
|---|---|
| To: | Richard Broersma <richard(dot)broersma(at)gmail(dot)com> |
| Cc: | pgsql-novice(at)postgresql(dot)org |
| Subject: | Re: Data access and user id |
| Date: | 2009-11-21 23:14:34 |
| Message-ID: | 4B08745A.5090800@gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-novice |
Richard Broersma a écrit :
> On Sat, Nov 21, 2009 at 8:08 AM, Jean-Yves F. Barbier <12ukwn(at)gmail(dot)com> wrote:
oops, sorry for the delay: icedove biffer sometimes miss new emails :(
>> My PB is I just can use triggers with SECURITY DEFINER to do that, thus
>> I can't update the field 'user_mod' with user's id because triggers are
>> always executed as their owner's id, not caller's id.
>
> http://www.postgresql.org/docs/8.4/interactive/functions-info.html
>
> Notice that there are different user operators to choose from.
> current_user ( user ), session_user. I believe that one of those will
> give you what you want.
Yep, but no: my purpose is to forbid any direct rights and pass through
functions & triggers (in this case, trigger *must* be SECURITY DEFINER
to bypass the lack of schema and table permissions.)
The problem is if I use either current_user or session_user in the INSERT
trigger, it returns the trigger's owner Id, not the caller one.
--
Make sure your code does nothing gracefully.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jean-Yves F. Barbier | 2009-11-21 23:35:05 | Re: Data access and user id |
| Previous Message | Richard Broersma | 2009-11-21 16:24:47 | Re: Data access and user id |