- All Superinterfaces:
CatalogObject
,CatalogObject.AccessControlled<CatalogObject.Grant.OnRole>
,CatalogObject.Addressed<RegRole>
,CatalogObject.Named<Lexicals.Identifier.Simple>
- All Known Subinterfaces:
RegRole.Grantee
In addition to the methods returning the information in the pg_authid
system catalog, there are methods to return four different flavors of
RolePrincipal
, all representing this role.
The ...Principal()
methods should not be confused with environment
accessors returning actual information about the execution context. Each of
the methods simply returns an instance of the corresponding class that would
be appropriate to find in the execution context if this role were,
respectively, the authenticated, session, outer, or current role.
RolePrincipal.Current
implements the
UserPrincipal/GroupPrincipal
interfaces of
java.nio.file.attribute
, so
currentPrincipal()
can also be used to obtain
Principal
s that will work in the Java NIO.2 filesystem API.
The ...Principal
methods only succeed when name()
does,
therefore not when isValid
is false. The RegRole.Grantee
representing PUBLIC
is, for all other purposes, not a valid role,
including for its ...Principal
methods.
-
Nested Class Summary
Modifier and TypeInterfaceDescriptionstatic interface
Subinterface ofRegRole
returned by methods ofCatalogObject.AccessControlled
identifying the role to which a privilege has been granted.Nested classes/interfaces inherited from interface org.postgresql.pljava.model.CatalogObject
CatalogObject.AccessControlled<T extends CatalogObject.Grant>, CatalogObject.Addressed<T extends CatalogObject.Addressed<T>>, CatalogObject.Component, CatalogObject.Grant, CatalogObject.Named<T extends Lexicals.Identifier.Unqualified<T>>, CatalogObject.Namespaced<T extends Lexicals.Identifier.Unqualified<T>>, CatalogObject.Owned
-
Field Summary
Modifier and TypeFieldDescriptionstatic final RegClass.Known
<RegRole> static final RegRole.Grantee
ARegRole.Grantee
representingPUBLIC
; not a validRegRole
for other purposes.Fields inherited from interface org.postgresql.pljava.model.CatalogObject
InvalidOid
-
Method Summary
Modifier and TypeMethodDescriptiondefault RolePrincipal.Authenticated
Return aRolePrincipal
that would represent this role as a session's authenticated identity (which was established at connection time and will not change for the life of a session).boolean
boolean
canLogIn()
int
boolean
createDB()
boolean
default RolePrincipal.Current
Return aRolePrincipal
that would represent this role as the effective one for normal privilege checks, usually the same as the session or outer, but changed duringSECURITY DEFINER
functions.boolean
inherit()
memberOf()
Roles of which this role is directly a member.default RolePrincipal.Outer
Return aRolePrincipal
that would represent this role as the one last established bySET ROLE
, and outside of anySECURITY DEFINER
function.boolean
default RolePrincipal.Session
Return aRolePrincipal
that would represent this role as a session's "session" identity (which can be changed during a session bySET SESSION AUTHORIZATION
).boolean
Methods inherited from interface org.postgresql.pljava.model.CatalogObject
isValid, of, oid
Methods inherited from interface org.postgresql.pljava.model.CatalogObject.AccessControlled
grants, grants
Methods inherited from interface org.postgresql.pljava.model.CatalogObject.Addressed
classId, exists, shared
Methods inherited from interface org.postgresql.pljava.model.CatalogObject.Named
name
-
Field Details
-
CLASSID
-
PUBLIC
ARegRole.Grantee
representingPUBLIC
; not a validRegRole
for other purposes.
-
-
Method Details
-
authenticatedPrincipal
Return aRolePrincipal
that would represent this role as a session's authenticated identity (which was established at connection time and will not change for the life of a session). -
sessionPrincipal
Return aRolePrincipal
that would represent this role as a session's "session" identity (which can be changed during a session bySET SESSION AUTHORIZATION
). -
outerPrincipal
Return aRolePrincipal
that would represent this role as the one last established bySET ROLE
, and outside of anySECURITY DEFINER
function. -
currentPrincipal
Return aRolePrincipal
that would represent this role as the effective one for normal privilege checks, usually the same as the session or outer, but changed duringSECURITY DEFINER
functions.This method can also be used to obtain a
Principal
that will work in the Java NIO.2 filesystem API. -
memberOf
Roles of which this role is directly a member.For the other direction, see
grants()
. -
superuser
boolean superuser() -
inherit
boolean inherit() -
createRole
boolean createRole() -
createDB
boolean createDB() -
canLogIn
boolean canLogIn() -
replication
boolean replication() -
bypassRLS
boolean bypassRLS() -
connectionLimit
int connectionLimit()
-