Participants
Aasmund Midttun Godal
Aasmund Midttun Godal
Attachments
Show all attachments
Thread Outline
#1Aasmund Midttun GodalAasmund Midttun Godal
Aug 20, 2003

Before/After Trigger User Switching

Started by Aasmund Midttun Godalover 22 years ago1 messagesbugs
Jump to latest
#1Aasmund Midttun Godal
Aasmund Midttun Godal
postgresql@aasmund.com

============================================================================
POSTGRESQL BUG REPORT TEMPLATE
============================================================================

Your name : Aasmund Godal
Your email address : postgresql@aasmund.com

System Configuration
---------------------
Architecture (example: Intel Pentium) : AMD Athlon XP

Operating System (example: Linux 2.0.26 ELF) : OpenBSD 3.1 Stable

PostgreSQL version (example: PostgreSQL-7.3.4): PostgreSQL-7.3.4

Compiler used (example: gcc 2.95.2) : gcc version 2.95.3 20010125
(prerelease)

Please enter a FULL description of your problem:
------------------------------------------------

When an operation is done throug a SECURITY DEFINER style function and
causes a trigger the current_user depends on whether it is executed BEFORE
or AFTER. I currently run 7.3.2. I believe the BEFORE behavior is correct
while the AFTER behavior is wrong. A bug? already fixed?

Please describe a way to repeat the problem. Please try to provide a
concise reproducible example, if at all possible:
----------------------------------------------------------------------

CREATE TABLE a (b text);

CREATE OR REPLACE FUNCTION public.ut () RETURNS TRIGGER SECURITY INVOKER
LANGUAGE 'plpgsql' AS'
DECLARE
t TEXT;
t2 TEXT;
BEGIN
t := current_user;
t2 := session_user;
RAISE NOTICE ''% Current: % Session: %'', TG_WHEN, t, t2;
RETURN NEW;
END
';

CREATE TRIGGER "ut_trig_before" BEFORE UPDATE OR INSERT OR DELETE
ON a FOR EACH ROW EXECUTE PROCEDURE public.ut();

CREATE TRIGGER "ut_trig_after" AFTER UPDATE OR INSERT OR DELETE
ON a FOR EACH ROW EXECUTE PROCEDURE public.ut();

CREATE OR REPLACE FUNCTION public.at_test () RETURNS TEXT SECURITY DEFINER
LANGUAGE 'sql' AS'
INSERT INTO a VALUES (current_user);
SELECT session_user::TEXT || ''/'' ||current_user::TEXT;
';

db=> SELECT at_test();
NOTICE: BEFORE Current: godal Session: www
NOTICE: AFTER Current: www Session: www
at_test
-----------
www/godal
(1 row)

If you know how this problem might be fixed, list the solution below:
---------------------------------------------------------------------

← Back to Topics