Enabling Roles

By default, roles are not enabled automatically for a user account. (See Default Roles for Database Users on enabling roles automatically.) You must explicitly enable a role with SET ROLE. When you enable a role in a session, you obtain all privileges assigned to that role. Enabling a role does not affect other roles that are active in a session. You can enable multiple roles simultaneously, thereby gaining all privileges of those roles, plus any privileges that are already granted to you directly.

=> SELECT * FROM applog;
ERROR:  permission denied for relation applog

=> SET ROLE logreader;
SET

=> SELECT * FROM applog;

 id | sourceID |            data            |                    event          
----+----------+----------------------------+----------------------------------------------
  1 | Loader   | 2011-03-31 11:00:38.494226 | Error: Failed to open source file
  2 | Reporter | 2011-03-31 11:00:38.494226 | Warning: Low disk space on volume /scratch-a
(2 rows)

You can enable all roles available to your user account with SET ROLE ALL:

=> SET ROLE ALL;
SET
=> SHOW ENABLED_ROLES;
     name      |           setting
---------------+------------------------------
 enabled roles | logreader, logwriter
(1 row)

Enabling Roles

See Also