=?UTF-8?Q?Ulf_Lohbr=C3=BCgge?= <ulf.lohbrue...@gmail.com> writes:
> I could reproduce part of the things I described earlier in this thread. A
> guy named Andriy Senyshyn mailed me after reading this thread here (he
> could somehow not join the mailing list) and observed a difference when
> issuing "SET ROLE" as user postgres and as a non-superuser.

This isn't particularly surprising in itself.  When we know that the
session user is a superuser, SET ROLE just succeeds immediately.
Otherwise we have to determine whether the SET is allowed, ie, is
the session user a member of the specified role.

It looks like the first time such a question is asked within a session,
we build and cache a list of all the roles the session user is a member
of (directly or indirectly).  That's what's taking the time here ---
apparently in your test case, the "admin" role is a member of a whole lot
of roles?

                        regards, tom lane

Reply via email to