Hi PostgreSQL Community,
I have a scenario where I am working with two functions: one in SQL and
another in C, where the SQL function is a wrapper around C function. Here’s
an example:
CREATE OR REPLACE FUNCTION my_func(IN input text)RETURNS BIGINT AS $$DECLARE
result BIGINT;BEGIN
SELECT col2 INTO result FROM my_func_extended(input);
RETURN result;END;
$$ LANGUAGE plpgsql;
CREATE OR REPLACE FUNCTION my_func_extended(
IN input text,
OUT col1 text,
OUT col2 BIGINT
)RETURNS SETOF recordAS 'MODULE_PATHNAME', 'my_func_extended'LANGUAGE
C STRICT PARALLEL SAFE;
I need to prevent direct execution of my_func_extended from psql while
still allowing it to be called from within the wrapper function my_func.
I’m considering the following options:
1. Using GRANT/REVOKE in SQL to manage permissions.
2. Adding a check in the C function to allow execution only if my_func
is in the call stack (previous parent or something), and otherwise throwing
an error.
Is there an existing approach to achieve this, or would you recommend a
specific solution?
Best regards,
Ayush Vatsa
AWS
