Re: Postgres 12 RLS

Hi Laura,

> On 08. Jun, 2020, at 12:46, Laura Smith <n5d9xq3ti233xiyif2vp@protonmail.ch> I had a lightbulb moment just now and
triedthat, but it doesn't seem to be working. 
>
> The app returns "pg_execute(): Query failed: ERROR:  permission denied for table...."
>
> This is despite me:
> • Changing to SECURITY INVOKER on the PG function.
> • Granting the app user relevant perms on the underlying table
> • Re-granting execute for the app on the function
>
> Am I missing somehthing ?

another possibility maybe is to use session_user instead of current_user in your policy.

current_user    name    user name of current execution context
session_user    name    session user name

The latter is the name of the user who actually started the session. So it should be myappuser in your case.

https://www.postgresql.org/docs/current/functions-info.html

Cheers,
Paul