Hi,
when reading the documentation about "set role" there is this:
https://www.postgresql.org/docs/16/sql-set-role.html
"After |SET ROLE|, permissions checking for SQL commands is carried out
as though the named role were the one that had logged in originally."
Given this:
postgres=# select session_user, current_user;
session_user | current_user
--------------+--------------
postgres | postgres
(1 row)
postgres=# set role a;
SET
postgres=> create table t(a int);
ERROR: permission denied for schema public
LINE 1: create table t(a int);
^
Isn't it the other way around and permission checking is done as "a", or
do I read this wrong?
Best regards
Daniel
