Re: Invoking user of the function with SECURITY DEFINER

2019-04-10 Thread Олег Самойлов 
Looked like a bug.

> 25 нояб. 2018 г., в 14:50, Madan Kumar  написал(а):
> 
> Got it..
> In my case i was getting session_user in declare section and trying to 
> validate later which always resulted in the function owner.
>  DECLARE
>   user text := SESSION_USER;
> 
> So using it within the BEGIN; ...; END; clause worked for me.
> Thanks.
> 
> 
> Warm Regards,
> Madan Kumar K
>

Re: Invoking user of the function with SECURITY DEFINER

2018-11-25 Thread Madan Kumar 
Got it..
In my case i was getting session_user in declare section and trying to
validate later which always resulted in the function owner.
 DECLARE
user text := SESSION_USER;

So using it within the BEGIN; ...; END; clause worked for me.
Thanks.


Warm Regards,
Madan Kumar K 

*"There is no Elevator to Success. You have to take the Stairs"*


On Sun, Nov 25, 2018 at 2:24 AM raf  wrote:

> Laurenz Albe wrote:
>
> > Madan Kumar wrote:
> > > How to get the user who is invoking the function with SECURITY
> DEFINER?
> > > When we define the function to be SECURITY DEFINER, it will execute in
> the
> > > context of the user who created it. Let's say I've given execute
> permission
> > > for this function to other users and wish to know who is executing it.
> > > Is there a way to find that out?
> > > I tried CURRENT_USER and SESSION_USER but they return the function
> owner
> > > since they execute in that context. So is there any way to figure out
> the
> > > user who is invoking the function?
> >
> > It works for me:
> >
> > As user "postgres":
> >
> > CREATE OR REPLACE FUNCTION tellme() RETURNS text LANGUAGE plpgsql
> >SECURITY DEFINER AS 'BEGIN RETURN session_user; END;';
> >
> > As user "laurenz":
> >
> > SELECT tellme();
> >  tellme
> > -
> >  laurenz
> > (1 row)
> >
> > Yours,
> > Laurenz Albe
>
> session_user has always worked for me.
>
> cheers,
> raf
>
>
>

Re: Invoking user of the function with SECURITY DEFINER

2018-11-24 Thread raf 
Laurenz Albe wrote:

> Madan Kumar wrote:
> > How to get the user who is invoking the function with SECURITY DEFINER? 
> > When we define the function to be SECURITY DEFINER, it will execute in the
> > context of the user who created it. Let's say I've given execute permission
> > for this function to other users and wish to know who is executing it.
> > Is there a way to find that out?
> > I tried CURRENT_USER and SESSION_USER but they return the function owner
> > since they execute in that context. So is there any way to figure out the
> > user who is invoking the function?
> 
> It works for me:
> 
> As user "postgres":
> 
> CREATE OR REPLACE FUNCTION tellme() RETURNS text LANGUAGE plpgsql
>SECURITY DEFINER AS 'BEGIN RETURN session_user; END;';
> 
> As user "laurenz":
> 
> SELECT tellme();
>  tellme  
> -
>  laurenz
> (1 row)
> 
> Yours,
> Laurenz Albe

session_user has always worked for me.

cheers,
raf

Re: Invoking user of the function with SECURITY DEFINER

2018-11-22 Thread Laurenz Albe 
Madan Kumar wrote:
> How to get the user who is invoking the function with SECURITY DEFINER? 
> When we define the function to be SECURITY DEFINER, it will execute in the
> context of the user who created it. Let's say I've given execute permission
> for this function to other users and wish to know who is executing it.
> Is there a way to find that out?
> I tried CURRENT_USER and SESSION_USER but they return the function owner
> since they execute in that context. So is there any way to figure out the
> user who is invoking the function?

It works for me:

As user "postgres":

CREATE OR REPLACE FUNCTION tellme() RETURNS text LANGUAGE plpgsql
   SECURITY DEFINER AS 'BEGIN RETURN session_user; END;';

As user "laurenz":

SELECT tellme();
 tellme  
-
 laurenz
(1 row)

Yours,
Laurenz Albe
-- 
+43-670-6056265
Cybertec Schönig & Schönig GmbH
Gröhrmühlgasse 26, A-2700 Wiener Neustadt
Web: https://www.cybertec-postgresql.com

Invoking user of the function with SECURITY DEFINER

2018-11-22 Thread Madan Kumar 
Hi,

How to get the user who is invoking the function with SECURITY DEFINER?
When we define the function to be SECURITY DEFINER, it will execute in the
context of the user who created it. Let's say I've given execute permission
for this function to other users and wish to know who is executing it. Is
there a way to find that out?
I tried CURRENT_USER and SESSION_USER but they return the function owner
since they execute in that context. So is there any way to figure out the
user who is invoking the function?

Warm Regards,
Madan Kumar K 

*"There is no Elevator to Success. You have to take the Stairs"*