Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1uhOr1-00E9Xz-M4
	for pgsql-general@arkaria.postgresql.org; Thu, 31 Jul 2025 08:41:36 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1uhOqy-00ENkt-DO
	for pgsql-general@arkaria.postgresql.org; Thu, 31 Jul 2025 08:41:32 +0000
Received: from makus.postgresql.org ([2001:4800:3e1:1::229])
	by malur.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <ddevienne@gmail.com>)
	id 1uhOqy-00ENkl-2Y
	for pgsql-general@lists.postgresql.org; Thu, 31 Jul 2025 08:41:32 +0000
Received: from mail-oi1-x22b.google.com ([2607:f8b0:4864:20::22b])
	by makus.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.96)
	(envelope-from <ddevienne@gmail.com>)
	id 1uhOqw-001hHK-20
	for pgsql-general@lists.postgresql.org;
	Thu, 31 Jul 2025 08:41:31 +0000
Received: by mail-oi1-x22b.google.com with SMTP id 5614622812f47-41b4ebb15e2so344733b6e.3
        for <pgsql-general@lists.postgresql.org>; Thu, 31 Jul 2025 01:41:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1753951290; x=1754556090; darn=lists.postgresql.org;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:from:to:cc:subject:date
         :message-id:reply-to;
        bh=bZeaDZj23quP0HHMkqjFOleb0WlYMuAOVFrt0ScAnU8=;
        b=NhG2Gjs6j4kKVFhfc17W905YWdvVqMHaUWHy8j79oyGZhEo9wS28cT0E7lff7u0Cuj
         aStLEMRXdtqE4iOgryocRlWFqq6KhVAxxSRuBxlHeXROsp4DnWW6z+rydWHBeTzUVFKv
         UkOizJsWXaFWLrYpfyVld6IG7vwxx9vlqWJfaUCOMpoYKkvORKArwCst8pgA51qDKhSK
         /Qd5ZSqFyW5Vw/qTca+F3XrTRoKoPxzY/xrCZKnwUclLki30cSRCX5MYK/Q+8a0IUw7S
         I3RuDkyIFGpgsHs7T+c5LOVXQj/38hx64yFRjBgwV6eJdJLV9DFBTEAEUv7sqU9Uy97N
         0CcA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1753951290; x=1754556090;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=bZeaDZj23quP0HHMkqjFOleb0WlYMuAOVFrt0ScAnU8=;
        b=NpR9JTNby7dQ7OSNI80KY9IakBrxh73ppPPjib5BaUXnJ8Dro3RTBnHPu35VRg5ZZ3
         2G8QW3evY6QqXsPKC7QVhMCNXCt8M3OaRoIoqSBK6RhORo4cDWhrPO+ohkt4WMFyfT65
         PO1i6FiGWRyQQHPKTmpMN7iCz031QZXe7aycXyiAizZGiTOUCVLe1rKZXm6SLRiIS/Ay
         whak/vBQLli1Oqau3/J6oNJhWyOdMgCZJDbkxeFc+tFglRJdwwMSQIWvKRyfUAMfgOLA
         B7BtBKS9HBQIUOCt63Mg1DE7K7VqBVq/o5erDSrPRYcqVDQb5zI05l1ymoA9BgbTRQ8j
         WAng==
X-Gm-Message-State: AOJu0Yx8rYaQIYl3yzF7df9zqViGw7yRwFJreIVgqfCoMyE9IBuWYiWb
	Q/eWfP7KT+Sm19YTetpoMoUJa4neJ0jh9NbTQWxT5hBQCbTfXh/tYR5V6bxgyeRuVoAbySWo2Ly
	dhPEQ2ETg8Lr1JSqdANlQGYX+jNdhODk=
X-Gm-Gg: ASbGncuI+WnGnqjMYx7LfwcChCfzwVQ2qGVX5QSEMRRdlQ7cwDrYK7IiBOW9fqMRH+v
	rMH581wLeTXjC6Vn0iQ9lMgOvm+mMbi3IQ7TQegKiqNKcVZbWAhYYQeAFItRlnOrCCrfPiwC/Nj
	fNb1gP0IgV5beiLMcIi7+zvFcORGU3XmB+BYLop+ZOTzDmECO76WtLOyMrkjv8OEbEYYw51TVTe
	QhBvNcvKg==
X-Google-Smtp-Source: AGHT+IHjbob9IQk0TXQk7AR2xpbO1iZrFOyqlzyBY+tQ8C7T81g1RyqJZQw+EmYNRJSD2y1w0YS+pi1B0plHX6zmj10=
X-Received: by 2002:a05:6808:4a45:10b0:414:431:e1a7 with SMTP id
 5614622812f47-4319bc0c010mr2837622b6e.29.1753951289793; Thu, 31 Jul 2025
 01:41:29 -0700 (PDT)
MIME-Version: 1.0
References: <CAFCRh--AXoYUj8-WDuWpUcWXC0UNAL9gjbTp=1hU-NJhRyR0vQ@mail.gmail.com>
 <fa68fc72-e109-452e-8642-2b99c613f870@aklaver.com> <CAFCRh-9AzsOBd6cPFsgmbw=Mf3nN5tHj9YYQQHZG0XqxDSMK=Q@mail.gmail.com>
 <508f71c4-f1b1-4685-921d-bec8b361be10@aklaver.com> <662792ed-810d-46f1-a0c3-d4b55e5469fc@aklaver.com>
In-Reply-To: <662792ed-810d-46f1-a0c3-d4b55e5469fc@aklaver.com>
From: Dominique Devienne <ddevienne@gmail.com>
Date: Thu, 31 Jul 2025 10:41:18 +0200
X-Gm-Features: Ac12FXwydutFAa3NUEyZKydFTo6vPPVSdOCU1StCxvxm8kHVDVciUCtIxUdXsbw
Message-ID: <CAFCRh-8D+R=xufTFYN8SDDeEVwDNCb7kcspt9hsRW2T-QOMoKg@mail.gmail.com>
Subject: Re: SET LOCAL ROLE inside SECURITY INVOKER (LANGUAGE plpgsql) function
To: Adrian Klaver <adrian.klaver@aklaver.com>
Cc: pgsql-general@lists.postgresql.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
List-Id: <pgsql-general.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-general@lists.postgresql.org>
List-Owner: <mailto:pgsql-general-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-general>
Archived-At: <https://www.postgresql.org/message-id/CAFCRh-8D%2BR%3DxufTFYN8SDDeEVwDNCb7kcspt9hsRW2T-QOMoKg%40mail.gmail.com>
Precedence: bulk

On Wed, Jul 30, 2025 at 9:42=E2=80=AFPM Adrian Klaver <adrian.klaver@aklave=
r.com> wrote:
> My suspicion is that there is a missing piece in your chain of roles.

But my point Adrian is that, in my case, has_table_privilege() returns
true (t) yet the delete fails. Contrary to your example above. I can
easily accept that the problem lies on my side, but how can
has_table_privilege() "lie" like this?