Re: Wrong security context for deferred triggers?

Tom Lane <tgl@sss.pgh.pa.us>

From: Tom Lane <tgl@sss.pgh.pa.us>
To: Pavel Stehule <pavel.stehule@gmail.com>
Cc: Laurenz Albe <laurenz.albe@cybertec.at>, pgsql-hackers@lists.postgresql.org
Date: 2024-11-04T16:22:17Z
Lists: pgsql-hackers

Commits

Same data as JSON: GET /api/v1/messages/:b64id/commits the thread's linked commits as JSON, with link sources. API reference →
  1. Doc: improve description of which role runs a trigger.

  2. Change role names used in trigger test.

  3. Ensure that AFTER triggers run as the instigating user.

  4. Reverse the search order in afterTriggerAddEvent().

Pavel Stehule <pavel.stehule@gmail.com> writes:
> I'll mark this patch as ready for committer

The cfbot points out a minor problem [1]:

 create role groot;
+WARNING:  roles created by regression test cases should have names starting with "regress_"
 create role outis;
+WARNING:  roles created by regression test cases should have names starting with "regress_"
 create function whoami() returns trigger language plpgsql

(You can compile with -DENFORCE_REGRESSION_TEST_NAME_RESTRICTIONS
to enable these warnings locally.)

			regards, tom lane

[1] http://cfbot.cputube.org/highlights/all.html#4888