Example:
The dbadmin user in a test system has the dbadmin and pseudosuperuser roles:
Code: Select all
dbadmin=> select current_user();
current_user
--------------
dbadmin
(1 row)
dbadmin=> show available_roles;
name | setting
-----------------+--------------------------
available roles | dbadmin, pseudosuperuser
(1 row)
Code: Select all
dbadmin=> create table test (col1 varchar);
CREATE TABLE
Code: Select all
dbadmin=> create user X;
CREATE USER
dbadmin=> grant pseudosuperuser to X;
GRANT ROLE
Code: Select all
dbadmin=> \c dbadmin X
You are now connected to database "dbadmin" as user "X".
dbadmin=> show available_roles;
name | setting
-----------------+-----------------
available roles | pseudosuperuser
dbadmin=> drop table test;
ROLLBACK: must be owner of relation test
(1 row)
Code: Select all
dbadmin=> set role pseudosuperuser;
SET
dbadmin=> drop table test;
DROP TABLE
This is from the Admin Guide:
Enabling Roles
By default, roles aren't enabled automatically for a user account (see Default Roles (page 158) for a way to make roles enabled automatically). Users must explicitly enable a role using the SET ROLE statement. When users enable a role in their session, they gain all of the privileges assigned to that role. Enabling a role does not affect any other roles that the users have active in their sessions. They can have multiple roles enabled simultaneously, gaining the combined privileges of all the roles they have enabled (plus any of the privileges that have been granted to them directly).