Sets the user identifier of the current session.
Syntax
SET ROLE { rolename | NONE }
Description
This command sets the user identifier of the current SQL session context to rolename
. After you run the SET ROLE
command, privileges that the specified role have on SQL commands are checked.
The specified rolename
must be a role of the current session user.
Notes
You can use this command to add or restrict the privileges of a user. If the session
user role has the INHERITS
attribute, it is automatically assigned the privileges to run the SET
ROLE
command on all roles. In this case, the SET ROLE
command deletes all the privileges assigned to the session user and to the other
roles of the user. Only the privileges available to the specified role are retained.
If the session user role has the NOINHERITS
attribute, the SET
ROLE
deletes the privileges assigned to the session user and retains the privileges available
to the specified role. If a superuser runs the SET ROLE
command to set the user role to a non-superuser role, the superuser no longer has
superuser privileges.
Examples
Run the following command to set the role of user mary to admins:
SET ROLE admins;
Run the following command to set the role of the user back to mary:
SET ROLE NONE;