By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
464,589 Members | 1,017 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 464,589 IT Pros & Developers. It's quick & easy.

Can the username calling a function be made available within thefunction?

P: n/a

I'd like to be able to have a PL/pgSQL function defined as SECURITY DEFINER,
but still have access to the calling username within the function. Is this
possible?

I could pass current_user as a parameter, but of course this could easily be
bypassed.

Is there a way of coding this?

Thanks for any help

Adam
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
---------------------------(end of broadcast)---------------------------
TIP 2: you can get off all lists at once with the unregister command
(send "unregister YourEmailAddressHere" to ma*******@postgresql.org)

Nov 23 '05 #1
Share this Question
Share on Google+
2 Replies

P: n/a
On Wednesday 07 April 2004 11:23, Adam Witney wrote:
I'd like to be able to have a PL/pgSQL function defined as SECURITY
DEFINER, but still have access to the calling username within the function.
Is this possible?

I could pass current_user as a parameter, but of course this could easily
be bypassed.

Is there a way of coding this?


Just "SELECT CURRENT_USER" into a variable. You might want SESSION_USER
though.
--
Richard Huxton
Archonet Ltd

---------------------------(end of broadcast)---------------------------
TIP 2: you can get off all lists at once with the unregister command
(send "unregister YourEmailAddressHere" to ma*******@postgresql.org)

Nov 23 '05 #2

P: n/a
On Wed, Apr 07, 2004 at 11:23:25 +0100,
Adam Witney <aw*****@sghms.ac.uk> wrote:

I'd like to be able to have a PL/pgSQL function defined as SECURITY DEFINER,
but still have access to the calling username within the function. Is this
possible?

I could pass current_user as a parameter, but of course this could easily be
bypassed.

Is there a way of coding this?


You probably want session_user.

---------------------------(end of broadcast)---------------------------
TIP 8: explain analyze is your friend

Nov 23 '05 #3

This discussion thread is closed

Replies have been disabled for this discussion.