A session_role
setting can now be specified for PostgreSQL connections to set the user identifier of the active SQL session. Permissions checking for SQL commands are then carried out with the associated named role.
This is highly useful in instances where it is desirable to automatically give ownership of new objects (Tables/ Views/ Functions etc.) to the session_role
group, and share ownership and the associated rights with all members of the session_role
group.
The specified session_role
must be a role that the current session user is a member of, or if the session user is a superuser, any role can be selected.