Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1uhUrs-000csd-DV
	for pgsql-general@arkaria.postgresql.org; Thu, 31 Jul 2025 15:06:52 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1uhUrr-001ezN-4G
	for pgsql-general@arkaria.postgresql.org; Thu, 31 Jul 2025 15:06:51 +0000
Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29])
	by malur.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <david.g.johnston@gmail.com>)
	id 1uhUrq-001eyn-Pn
	for pgsql-general@lists.postgresql.org; Thu, 31 Jul 2025 15:06:50 +0000
Received: from mail-oo1-xc2c.google.com ([2607:f8b0:4864:20::c2c])
	by magus.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.96)
	(envelope-from <david.g.johnston@gmail.com>)
	id 1uhUro-0002Xk-1a
	for pgsql-general@lists.postgresql.org;
	Thu, 31 Jul 2025 15:06:50 +0000
Received: by mail-oo1-xc2c.google.com with SMTP id 006d021491bc7-615950642d9so433971eaf.1
        for <pgsql-general@lists.postgresql.org>; Thu, 31 Jul 2025 08:06:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1753974406; x=1754579206; darn=lists.postgresql.org;
        h=cc:to:subject:message-id:date:from:references:in-reply-to
         :mime-version:from:to:cc:subject:date:message-id:reply-to;
        bh=GDW1P9yo9iog2buqtDg7kQA6H6ABexj1f6JwGm7Rh5g=;
        b=nql2bm7TCDuf7p5++ER46K9weR9r1a0yxBmNDhXiRKBTkujcG9tgrW8CDdBZu01qvU
         lJjHrqIdvNL24q/otfMYefVc68xkWlVVJ2HJQSCuKTwoxObQwloFYxJMTh/Zlv2pQEKs
         WsLb/2hd6ZSr4ef4x7l4Ok/zGUDIAr55W7pvzDSFASwfxpbxXCunOi145vhfZrMNp+pq
         MrZ3FsFANgm7kNb17+PSYs+D0Sg6bff7m1TbbSkk7Alq/4PYi4FD7rKJ7pzILWNc4c36
         IKrJFM2XyrgOS9ZWPO872Rw1VeXKS9ckb/odGVKwOTm7gCGnH/WmJLfHNkqJBSRDIY5J
         r7wQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1753974406; x=1754579206;
        h=cc:to:subject:message-id:date:from:references:in-reply-to
         :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=GDW1P9yo9iog2buqtDg7kQA6H6ABexj1f6JwGm7Rh5g=;
        b=F6saCM3MhNRsrecdSryMlueR6fb8/4cPjd7lPdoGx6npbhtIJ3xOJD4lQhstx6zDLD
         6/wfMEaivOhZZSbNKb5ZJA4XHKRdSNEtKUeGaQt1vBzxJ2wPHOf8uLyujkaFPVfjBgFP
         EWzqgqBkoM5Eblmop4E/vw7xx26smyTYKvj4jDyzkS6QzU360zLYhSvXn4RKgsO+b/b2
         XLmTuoHpdR2pB31f7FnK8WAUhRw5nvZaguDl2IhVBAMxVHOmt5LYUGUdcjPCB1HE5STM
         TytBoY6mmygAfPqXZGhbbEIuyIjt4xbcZADZFLy/8fCD8s5vTBq7BAnB/aLIQ9cgrDnv
         CN4A==
X-Forwarded-Encrypted: i=1; AJvYcCUNGPHIFTOJWpQUWUVsFInFsIqZyYwIS676isfkYGsiQQqWnJ/zj9h9VkqMiy26vr+G4xxIaOwnlv6Dzm9e@lists.postgresql.org
X-Gm-Message-State: AOJu0YyVjTLsm5Cnwa5hub1u37TQKIOLZP8ifTmqEIP38wH9soJ5n1Dt
	WVimaChp1RNPmaTOtgx71RMAp164OFEcL+baZniYDMoXehOxT7V0Ijn5TycbLj25aF01hVCRx+d
	BgzKJaAiSkEHGeM180WYXPBImJpfQYyFOCoco
X-Gm-Gg: ASbGncupCi0t2jzJcyJeiu4U4phTt+gy6Rp6ugjqiA2t872NOaOcha1/uxr8SHCi8Ie
	KE0SlNPGd/r/5mAuWlg5Ud2OE1TnoNWPQD//tRzyfRIRVOqQCzUsSqMKl4evM9Vb6wv4Bzr8H4n
	mepJmSaWMG6GHguyhpfu8+kWjsCWysk0qvlJ1PlZH68TzsT5jEmkSMQ/Hu4lYnZ2cpWZTJvH/Of
	uvvN87kNi3yzZg8ACNSiL9VPCcPeosgqcBBni+w
X-Google-Smtp-Source: AGHT+IGP4OPunHLB8wfmuQd4Nux9tdueN1+X9K0AwsIgY8StKOiy4lOds1NJjBYDIwQ0hILCpnFi0JpPPQPaHArpu8w=
X-Received: by 2002:a05:6820:2113:b0:615:a133:a0ed with SMTP id
 006d021491bc7-6195d23bd83mr4863157eaf.2.1753974406413; Thu, 31 Jul 2025
 08:06:46 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a05:6802:3708:b0:5da:a024:6db9 with HTTP; Thu, 31 Jul 2025
 08:06:45 -0700 (PDT)
In-Reply-To: <bc2b9760-3597-477a-b199-633ba3ac36e5@aklaver.com>
References: <CAFCRh--AXoYUj8-WDuWpUcWXC0UNAL9gjbTp=1hU-NJhRyR0vQ@mail.gmail.com>
 <fa68fc72-e109-452e-8642-2b99c613f870@aklaver.com> <CAFCRh-9AzsOBd6cPFsgmbw=Mf3nN5tHj9YYQQHZG0XqxDSMK=Q@mail.gmail.com>
 <508f71c4-f1b1-4685-921d-bec8b361be10@aklaver.com> <662792ed-810d-46f1-a0c3-d4b55e5469fc@aklaver.com>
 <CAFCRh-8D+R=xufTFYN8SDDeEVwDNCb7kcspt9hsRW2T-QOMoKg@mail.gmail.com>
 <693d1252-89e4-498d-a5a6-5de6524bbb34@dalibo.com> <CAFCRh--tSWRRCMvtSovtRDX1wce5KCOutaDRBD5JKWb9atLC_w@mail.gmail.com>
 <bc2b9760-3597-477a-b199-633ba3ac36e5@aklaver.com>
From: "David G. Johnston" <david.g.johnston@gmail.com>
Date: Thu, 31 Jul 2025 08:06:45 -0700
X-Gm-Features: Ac12FXz1ocjO6a8Lo1KuYIa8vQFv22LJinGMGPVGdboB8-2fJ5L9cdO544G6x04
Message-ID: <CAKFQuwap0B96VNsVJVbyP3h1FPAGz0f=SOi_Gcf9PBM1id2HFg@mail.gmail.com>
Subject: Re: SET LOCAL ROLE inside SECURITY INVOKER (LANGUAGE plpgsql) function
To: Adrian Klaver <adrian.klaver@aklaver.com>
Cc: Dominique Devienne <ddevienne@gmail.com>, Guillaume Lelarge <guillaume.lelarge@dalibo.com>, 
	"pgsql-general@lists.postgresql.org" <pgsql-general@lists.postgresql.org>
Content-Type: multipart/alternative; boundary="000000000000708111063b3afd97"
List-Id: <pgsql-general.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-general@lists.postgresql.org>
List-Owner: <mailto:pgsql-general-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-general>
Archived-At: <https://www.postgresql.org/message-id/CAKFQuwap0B96VNsVJVbyP3h1FPAGz0f%3DSOi_Gcf9PBM1id2HFg%40mail.gmail.com>
Precedence: bulk

--000000000000708111063b3afd97
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Thursday, July 31, 2025, Adrian Klaver <adrian.klaver@aklaver.com> wrote=
:

> On 7/31/25 04:37, Dominique Devienne wrote:
>
>> On Thu, Jul 31, 2025 at 11:35=E2=80=AFAM Guillaume Lelarge
>> <guillaume.lelarge@dalibo.com> wrote:
>>
>>> On 31/07/2025 10:41, Dominique Devienne wrote:
>>>
>>>> On Wed, Jul 30, 2025 at 9:42=E2=80=AFPM Adrian Klaver <
>>>> adrian.klaver@aklaver.com> wrote:
>>>> how can has_table_privilege() "lie" like this?
>>>>
>>>
>>> It doesn't lie. The role has DELETE privilege. I guess what it lacks is
>>> the SELECT privilege. If you do a "DELETE FROM ... WHERE ...", you need
>>> the SELECT privilege to perform the WHERE. Without "WHERE ...", it woul=
d
>>> work without the SELECT privilege.
>>>
>>
>> Right on the money! Merci Guillaume!!! --DD
>>
>> PQ: NOTICE: can DELETE =3D t
>> PQ: NOTICE: can SELECT =3D f
>>
>
> So the below from the original post was not correct:
>
> "My setup ensures that the role I SET LOCAL ROLE to, has (indirectly)
> been granted DMLs on that table."
>
>
Not incorrect, just insufficient since select is not a DML action.

David J.

--000000000000708111063b3afd97
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Thursday, July 31, 2025, Adrian Klaver &lt;<a href=3D"mailto:adrian.klav=
er@aklaver.com">adrian.klaver@aklaver.com</a>&gt; wrote:<br><blockquote cla=
ss=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;pa=
dding-left:1ex">On 7/31/25 04:37, Dominique Devienne wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex">
On Thu, Jul 31, 2025 at 11:35=E2=80=AFAM Guillaume Lelarge<br>
&lt;<a href=3D"mailto:guillaume.lelarge@dalibo.com" target=3D"_blank">guill=
aume.lelarge@dalibo.com</a>&gt; wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex">
On 31/07/2025 10:41, Dominique Devienne wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex">
On Wed, Jul 30, 2025 at 9:42=E2=80=AFPM Adrian Klaver &lt;<a href=3D"mailto=
:adrian.klaver@aklaver.com" target=3D"_blank">adrian.klaver@aklaver.com</a>=
&gt; wrote:<br>
how can has_table_privilege() &quot;lie&quot; like this?<br>
</blockquote>
<br>
It doesn&#39;t lie. The role has DELETE privilege. I guess what it lacks is=
<br>
the SELECT privilege. If you do a &quot;DELETE FROM ... WHERE ...&quot;, yo=
u need<br>
the SELECT privilege to perform the WHERE. Without &quot;WHERE ...&quot;, i=
t would<br>
work without the SELECT privilege.<br>
</blockquote>
<br>
Right on the money! Merci Guillaume!!! --DD<br>
<br>
PQ: NOTICE: can DELETE =3D t<br>
PQ: NOTICE: can SELECT =3D f<br>
</blockquote>
<br>
So the below from the original post was not correct:<br>
<br>
&quot;My setup ensures that the role I SET LOCAL ROLE to, has (indirectly)<=
br>
been granted DMLs on that table.&quot;<br><br>
</blockquote><div><br></div><div>Not incorrect, just insufficient since sel=
ect is not a DML action.</div><div><br></div><div>David J.</div><div><br></=
div>

--000000000000708111063b3afd97--