Enabling Roles
By default, roles are not enabled automatically for a user account. (See Default Roles for Database Users on enabling roles automatically.) You must explicitly enable a role with SET ROLE
. When you enable a role in a session, you obtain all privileges assigned to that role. Enabling a role does not affect other roles that are active in a session. You can enable multiple roles simultaneously, thereby gaining all privileges of those roles, plus any privileges that are already granted to you directly.
=> SELECT * FROM applog; ERROR: permission denied for relation applog => SET ROLE logreader; SET => SELECT * FROM applog; id | sourceID | data | event ----+----------+----------------------------+---------------------------------------------- 1 | Loader | 2011-03-31 11:00:38.494226 | Error: Failed to open source file 2 | Reporter | 2011-03-31 11:00:38.494226 | Warning: Low disk space on volume /scratch-a (2 rows)
You can enable all roles available to your user account with SET ROLE ALL
:
=> SET ROLE ALL; SET => SHOW ENABLED_ROLES; name | setting ---------------+------------------------------ enabled roles | logreader, logwriter (1 row)