Menu
In my application I have triggers that need access to things like user id. I am storing that information with
set_config('PRIVATE.'|'user_id', '221', false)
then, while I am doing operations that modify the database, triggers may do:
user_id = current_setting('PRIVATE.user_id');
it seems to work great. My database actions are mostly from python, psycopg2, once I get a connection I'll do the set_config() as my first operation, then go about my database business. Is this practice a good one or could data leak from one session to another? I was doing this sort of thing with the SD and GD variables in plpython, but that language proved too heavy for what I was trying to do so I had to shift to plpgsql.
637
We need to utilize two functions within the SELECT query on the query area to kill a process. The first one is pg_cancel_backend() function and second is pg_terminate_backend() function. The pg_cancel_backend() function is used to simply cancel out the query of a database using the process ID for a particular query.
revoke select, insert on emp from sam, jenny; Explanation: In the above example we use revoke command to flush privilege, where select and insert are the privilege, where emp is specified table name and sam, jenny are specified user. In this example we flush more than one privilege with more than one user.
pg_stat_activity is a system view that allows you to identify active SQL queries in AnalyticDB for PostgreSQL instances. The pg_stat_activity view shows a server process and its related session and query in each row.
current_setting ( setting_name text [, missing_ok boolean ] ) → text. Returns the current value of the setting setting_name . If there is no such setting, current_setting throws an error unless missing_ok is supplied and is true (in which case NULL is returned). This function corresponds to the SQL command SHOW.
While it's not really what they're designed for, you can use GUCs as session variables.
They can also be transaction scoped, with SET LOCAL or the set_config equivalent.
So long as you don't allow the user to run arbitrary SQL they're a reasonable choice, and session-local GUCs aren't shared with other sessions. They're not designed for secure session-local storage but they're handy places to stash things like an application's "current user" if you're not using SET ROLE or SET SESSION AUTHORIZATION for that.
Do be aware that the user can define them via environment variables if you let them run a libpq based client, e.g.
$ PGOPTIONS="-c myapp.user_id=fred" psql -c "SHOW myapp.user_id;"
myapp.user_id
---------------
fred
(1 row)
Also, on older PostgreSQL versions you had to declare the namespace in postgresql.conf before you could use it.
75
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
