Re: SET LOCAL ROLE inside SECURITY INVOKER (LANGUAGE plpgsql) function

Поиск
Список
Период
Сортировка
От Dominique Devienne
Тема Re: SET LOCAL ROLE inside SECURITY INVOKER (LANGUAGE plpgsql) function
Дата
Msg-id CAFCRh--tSWRRCMvtSovtRDX1wce5KCOutaDRBD5JKWb9atLC_w@mail.gmail.com
обсуждение исходный текст
Ответ на Re: SET LOCAL ROLE inside SECURITY INVOKER (LANGUAGE plpgsql) function  (Guillaume Lelarge <guillaume.lelarge@dalibo.com>)
Ответы Re: SET LOCAL ROLE inside SECURITY INVOKER (LANGUAGE plpgsql) function
Re: SET LOCAL ROLE inside SECURITY INVOKER (LANGUAGE plpgsql) function
Список pgsql-general
Дерево обсуждения 
On Thu, Jul 31, 2025 at 11:35 AM Guillaume Lelarge
<guillaume.lelarge@dalibo.com> wrote:
> On 31/07/2025 10:41, Dominique Devienne wrote:
> > On Wed, Jul 30, 2025 at 9:42 PM Adrian Klaver <adrian.klaver@aklaver.com> wrote:
> > how can has_table_privilege() "lie" like this?
>
> It doesn't lie. The role has DELETE privilege. I guess what it lacks is
> the SELECT privilege. If you do a "DELETE FROM ... WHERE ...", you need
> the SELECT privilege to perform the WHERE. Without "WHERE ...", it would
> work without the SELECT privilege.

Right on the money! Merci Guillaume!!! --DD

PQ: NOTICE: can DELETE = t
PQ: NOTICE: can SELECT = f

В списке pgsql-general по дате отправления: