On Wed, Jul 4, 2012 at 4:24 PM, Kohei KaiGai wrote:
> 2012/7/4 Robert Haas :
>> On Tue, Jul 3, 2012 at 12:46 PM, Kohei KaiGai wrote:
My point is that it seems like a bug that the secContext gets restored
in one case and not the other, depending on which user ID was specified
in SET
2012/7/4 Robert Haas :
> On Tue, Jul 3, 2012 at 12:46 PM, Kohei KaiGai wrote:
>>> My point is that it seems like a bug that the secContext gets restored
>>> in one case and not the other, depending on which user ID was specified
>>> in SET SESSION AUTHORIZATION.
>>>
>> Sorry, the above description
On Tue, Jul 3, 2012 at 12:46 PM, Kohei KaiGai wrote:
>> My point is that it seems like a bug that the secContext gets restored
>> in one case and not the other, depending on which user ID was specified
>> in SET SESSION AUTHORIZATION.
>>
> Sorry, the above description mention about a case when it
2012/7/3 Tom Lane :
> Kohei KaiGai writes:
>> 2012/7/3 Tom Lane :
>>> Um... what should happen if there was a SET SESSION AUTHORIZATION
>>> to the portal's userId? This test will think nothing happened.
>
>> In my test, all the jobs by SET SESSION AUTHORIZATION was cleaned-up...
>> It makes nothi
Kohei KaiGai writes:
> 2012/7/3 Tom Lane :
>> Um... what should happen if there was a SET SESSION AUTHORIZATION
>> to the portal's userId? This test will think nothing happened.
> In my test, all the jobs by SET SESSION AUTHORIZATION was cleaned-up...
> It makes nothing happen from viewpoint of
2012/7/3 Tom Lane :
> Kohei KaiGai writes:
>> 2012/7/3 Robert Haas :
>>> Why not just save and restore the user ID and security context
>>> unconditionally, instead of doing this kind of dance?
>>>
>>> + if (portal->userId != GetUserId())
>>> + SetUserIdAndSecCo
Kohei KaiGai writes:
> 2012/7/3 Robert Haas :
>> Why not just save and restore the user ID and security context
>> unconditionally, instead of doing this kind of dance?
>>
>> + if (portal->userId != GetUserId())
>> + SetUserIdAndSecContext(portal->userId, porta
2012/7/3 Robert Haas :
> On Mon, Jul 2, 2012 at 10:55 AM, Kohei KaiGai wrote:
>> The attached patch is delivered from the discussion around row-level
>> access control feature. A problem Florian pointed out is refcursor
>> declared in security definer function. Even though all the permission
>> ch
On Mon, Jul 2, 2012 at 10:55 AM, Kohei KaiGai wrote:
> The attached patch is delivered from the discussion around row-level
> access control feature. A problem Florian pointed out is refcursor
> declared in security definer function. Even though all the permission
> checks are applied based on pri
