Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1uh8ee-00AtZd-Az for pgsql-general@arkaria.postgresql.org; Wed, 30 Jul 2025 15:23:45 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1uh8ec-00ARJK-VE for pgsql-general@arkaria.postgresql.org; Wed, 30 Jul 2025 15:23:43 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1uh8eb-00ARJ9-Vf for pgsql-general@lists.postgresql.org; Wed, 30 Jul 2025 15:23:42 +0000 Received: from fhigh-b3-smtp.messagingengine.com ([202.12.124.154]) by makus.postgresql.org with smtp (Exim 4.96) (envelope-from ) id 1uh8eZ-001Zqr-2w for pgsql-general@lists.postgresql.org; Wed, 30 Jul 2025 15:23:41 +0000 Received: from phl-compute-04.internal (phl-compute-04.phl.internal [10.202.2.44]) by mailfhigh.stl.internal (Postfix) with ESMTP id 86A1A7A1828; Wed, 30 Jul 2025 11:23:38 -0400 (EDT) Received: from phl-mailfrontend-01 ([10.202.2.162]) by phl-compute-04.internal (MEProxy); Wed, 30 Jul 2025 11:23:38 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aklaver.com; h= cc:content-transfer-encoding:content-type:content-type:date:date :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to; s=fm2; t=1753889018; x=1753975418; bh=0o6fQGnb1Yuj7ia1gonCkmzz6u0OY4luxENI2lcl1M0=; b= lH9xEEk0xMM5fo50jjyCXCC8t4gHLJixDrtrFcXAxWCDZAs8xa/+YzK9zcDHkdxq LQI9i7Fwnpm79iWxbFhIM/3CFhuZzbiKDzqm5VrSwIS7MmRaa1vgJPg00bh/zflB 4iY3T99I+iqkQzPimzCvER5w/WRGBCribePsZ1ZfoLKt2M0unBvaT9sueZfbGP/E /r2648AgiLU/BAjTkNzVRfeF/C0Hpk31eJPu2SBklvNhlvhWt920fRcc48yuBgx/ BRKJF9rPNX/+/0X5H8q8F5oySo4duiIKIdt6f1HGwkfNEk8j8IOzizFey6Y6jElQ PRu+NNwspkjp+ao82K0buA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:subject:subject:to:to:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; t=1753889018; x=1753975418; bh=0 o6fQGnb1Yuj7ia1gonCkmzz6u0OY4luxENI2lcl1M0=; b=Zte/lehGlzDVfGzM/ KptXZ1hKbNxqJjkEdeMHB6zmz7Ac3VjLuIVKiCr3Nepqo1g26eR2ZtuM2fYYmZgv MhU8RH+rUrJ8mZAGI5fn9tzaYg+ydmQ5wYbJ+NMqpMTjhUpbCbyn3+BRJmyyUwRs TS+KPgYMQrIlb/grN0drm9YNoyNiggFBgzIJLtuNGrS0jkAQv+WoKiWcJjhHLcbc Kzms7jaQonUspCWx/Ctn/xdPoYZgggZbamog0cf262vv1tvqrphrts8/xQ3gkfdM VyLh65fHZMFZ00QzwUTBsno/itghqf8eyIQ2JDoyw4Ma+LjAeWeHD+KNXqV//IvF zSbBg== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeffedrtdefgdelkedvkecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpuffrtefokffrpgfnqfghnecuuegr ihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjug hrpefkffggfgfuvfhfhfgjtgfgsehtjeertddtvdejnecuhfhrohhmpeetughrihgrnhcu mfhlrghvvghruceorggurhhirghnrdhklhgrvhgvrhesrghklhgrvhgvrhdrtghomheqne cuggftrfgrthhtvghrnhepiedvhfeiheehgeeuieeljeeitedtjeehudegfeelkedvleek hedtgfeiffefkedunecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilh hfrhhomheprggurhhirghnrdhklhgrvhgvrhesrghklhgrvhgvrhdrtghomhdpnhgspghr tghpthhtohepvddpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohepugguvghvihgvnh hnvgesghhmrghilhdrtghomhdprhgtphhtthhopehpghhsqhhlqdhgvghnvghrrghlsehl ihhsthhsrdhpohhsthhgrhgvshhqlhdrohhrgh X-ME-Proxy: Feedback-ID: i76984098:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed, 30 Jul 2025 11:23:37 -0400 (EDT) Message-ID: Date: Wed, 30 Jul 2025 08:23:37 -0700 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: SET LOCAL ROLE inside SECURITY INVOKER (LANGUAGE plpgsql) function To: Dominique Devienne , pgsql-general@lists.postgresql.org References: Content-Language: en-US From: Adrian Klaver In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On 7/30/25 04:37, Dominique Devienne wrote: > Hi. PostgreSQL v17 here. > > I'm stumped by something, and would like pointers to sort something out. > Inside my function, I do: > ------------ > EXECUTE format('SET LOCAL ROLE %I', schema_owner); > raise notice 'CURRENT_USER = %, can DELETE = %', CURRENT_USER, > has_table_privilege('SchemaMapping', 'DELETE'); > > DELETE FROM SchemaMapping > WHERE "schema" = schema_name; > ----------- > > PQ: NOTICE: CURRENT_USER = Joe, can DELETE = t > > ERROR: permission denied for table schemamapping CONTEXT: SQL > statement "DELETE FROM SchemaMapping WHERE "schema" = schema_name" > PL/pgSQL function foo(text,text) line 28 at SQL statement > > The raise notice output is correct, and as expected. The DELETE error isn't. > How can has_table_privilege() return true, yet the DELETE fail? I don't get it. > > My setup ensures that the role I SET LOCAL ROLE to, has (indirectly) > been granted DMLs on that table. > > I also double-checked outside the routine, directly in code, for that privilege: > > c.ctx().setRole(schema_owner); > auto rset = pq::exec(c, "select > has_table_privilege('SchemaMapping', 'DELETE')"); > bool has_delete_mapping = rset.scalar(); > BOOST_CHECK(has_delete_mapping); > > Are there special consideration I'm unaware of, regarding SET ROLE > inside routines? > > (beside the fact you can't SET ROLE in a SECURITY DEFINER routime! As > I discovered recently...). > > I'd really appreciate some help here, as I don't understand what's going on. What is the ROLE that defined the function? What does "My setup ensures that the role I SET LOCAL ROLE to, has (indirectly) been granted DMLs on that table." in terms of actual GRANTs? > > Thanks, --DD > > -- Adrian Klaver adrian.klaver@aklaver.com