On Mon, Mar 22, 2010 at 10:03 AM, Stephen Frost <sfr...@snowman.net> wrote: > * Robert Haas (robertmh...@gmail.com) wrote: >> Sometimes it would be nice to conditionalize queries on a value other >> than the authenticated role. I really wish we had some kind of SQL >> variable support. Talking out of my rear end: > > I certainly agree- having variable support in the backend would > definitely be nice. I'd want it to be explicit and distinct from GUCs > though, unlike the situation we have w/ psql right now.
Agreed. > All that said, > I'm not really a huge fan of write-your-own-authorization-system in > general. If the existing authorization system isn't sufficient for what > you want, then let's improve it. There may be specific cases where > what's needed is particularly complex, but that's what security definer > functions are for.. Fortunately this functionality also has other uses, so I don't know that we really need to decide which of those uses we approve of more or less. Does the SQL standard specify anything in this area? ...Robert -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
