Thread: get username of user calling function?
Hi, Is it possible to get the username of the user calling a function? Just as a test, a function which would return the user their username. Thanks! George
am Thu, dem 01.03.2007, um 11:40:11 -0500 mailte George Nychis folgendes: > Hi, > > Is it possible to get the username of the user calling a function? You can use the current_user - variable. Select current_user; Andreas -- Andreas Kretschmer Kontakt: Heynitz: 035242/47150, D1: 0160/7141639 (mehr: -> Header) GnuPG-ID: 0x3FFF606C, privat 0x7F4584DA http://wwwkeys.de.pgp.net
A. Kretschmer wrote:
> You can use the current_user - variable. Select current_user;
I'm trying to create a function in which users can only kill their own processes, it works
perfectly if i hardcode a username in such as this:
CREATE FUNCTION kill_process(integer) RETURNS boolean
AS 'select pg_cancel_backend(procpid)
FROM (SELECT procpid FROM pg_stat_activity WHERE procpid=$1 and usename=''gnychis'')
AS kill;'
LANGUAGE SQL SECURITY DEFINER;
But if i try to replace usename=''gnychis'' with usename=current_user it no longer works.
Any ideas?
- George
On 3/1/07, George Nychis <gnychis@cmu.edu> wrote:
See the EXECUTE function in the pl/pgSQL language in the docs for dynamic queries.
A. Kretschmer wrote:
> You can use the current_user - variable. Select current_user;
I'm trying to create a function in which users can only kill their own processes, it works
perfectly if i hardcode a username in such as this:
CREATE FUNCTION kill_process(integer) RETURNS boolean
AS 'select pg_cancel_backend(procpid)
FROM (SELECT procpid FROM pg_stat_activity WHERE procpid=$1 and usename=''gnychis'')
AS kill;'
LANGUAGE SQL SECURITY DEFINER;
See the EXECUTE function in the pl/pgSQL language in the docs for dynamic queries.
But if i try to replace usename=''gnychis'' with usename=current_user it no longer works.
Any ideas?
- George
---------------------------(end of broadcast)---------------------------
TIP 3: Have you checked our extensive FAQ?
http://www.postgresql.org/docs/faq
David Legault wrote: > > > See the EXECUTE function in the pl/pgSQL language in the docs for dynamic > queries. > So it turns out that in a SECURITY DEFINER the current_user is the owner of the function. I had to use session_user and it works now :) - George
On 3/1/07, George Nychis <gnychis@cmu.edu> wrote:
yes because you are running it in the context of the owner of the function
there is also another SECURITY setting that will be in the context of the caller where current_user() should return the callee.
David Legault wrote:
>
>
> See the EXECUTE function in the pl/pgSQL language in the docs for dynamic
> queries.
>
So it turns out that in a SECURITY DEFINER the current_user is the owner of the function.
I had to use session_user and it works now :)
yes because you are running it in the context of the owner of the function
there is also another SECURITY setting that will be in the context of the caller where current_user() should return the callee.
- George