| Lists: | pgsql-general |
|---|
| From: | Олег Василенко <pulp(at)mail(dot)ru> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | How to execute 'set session role' from plpgsql function? |
| Date: | 2008-08-17 14:02:57 |
| Message-ID: | E1KUiqP-000Ojd-00.pulp-mail-ru@f182.mail.ru |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pgsql-general |
Hi,everybody!
I wish to have a function with code above, but compiller generate
syntactic error at the line "SET SESSION ROLE wishedrole;".
How to pass the wishedrole value to the structure?
CREATE OR REPLACE FUNCTION f_switch_role(INOUT text,INOUT boolean) AS
$BODY$
DECLARE
wishedrole ALIAS FOR $1;
resetrole ALIAS FOR $2;
BEGIN
if resetrole=true then
RESET ROLE;
RETURN;
end if;
>>>>ERROR OCURS AT THE NEXT LINE <<<<<<
SET SESSION ROLE wishedrole;
RETURN;
END;
$BODY$
LANGUAGE 'plpgsql' VOLATILE
| From: | "Albe Laurenz" <laurenz(dot)albe(at)wien(dot)gv(dot)at> |
|---|---|
| To: | Олег Василенко <pulp(at)mail(dot)ru>, <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: How to execute 'set session role' from plpgsql function? |
| Date: | 2008-08-19 09:49:28 |
| Message-ID: | D960CB61B694CF459DCFB4B0128514C20267A1FE@exadv11.host.magwien.gv.at |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pgsql-general |
Олег Василенко wrote:
> I wish to have a function with code above, but compiller generate
> syntactic error at the line "SET SESSION ROLE wishedrole;".
>
> How to pass the wishedrole value to the structure?
>
> CREATE OR REPLACE FUNCTION f_switch_role(INOUT text,INOUT boolean) AS
> $BODY$
> DECLARE
> wishedrole ALIAS FOR $1;
> resetrole ALIAS FOR $2;
> BEGIN
> if resetrole=true then
> RESET ROLE;
> RETURN;
> end if;
>
> >>>>ERROR OCURS AT THE NEXT LINE <<<<<<
> SET SESSION ROLE wishedrole;
You need to use dynamic SQL, e.g.
EXECUTE 'SET SESSION ROLE "' || lower(regexp_replace(wishedrole, '"', '', 'g')) || '"';
> RETURN;
>
> END;
> $BODY$
> LANGUAGE 'plpgsql' VOLATILE
The "lower" and "regexp_replace" are there to prevent SQL injection.
Yours,
Laurenz Albe
| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | "Albe Laurenz" <laurenz(dot)albe(at)wien(dot)gv(dot)at> |
| Cc: | Олег Василенко <pulp(at)mail(dot)ru>, pgsql-general(at)postgresql(dot)org |
| Subject: | Re: How to execute 'set session role' from plpgsql function? |
| Date: | 2008-08-19 14:43:50 |
| Message-ID: | 20472.1219157030@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pgsql-general |
"Albe Laurenz" <laurenz(dot)albe(at)wien(dot)gv(dot)at> writes:
> EXECUTE 'SET SESSION ROLE "' || lower(regexp_replace(wishedrole, '"', '', 'g')) || '"';
> The "lower" and "regexp_replace" are there to prevent SQL injection.
quote_ident() would be a far better solution.
regards, tom lane