I am using Postgres row based security and I wish to ensure it is not possible for a specific session variable (that holds a tenant id) to remain set in between transactions / queries. The reason is because the session is shared between user queries – if that session variable is set but not cleared, […]
- Tags )}>Update, and clear the session variable using RESET or SET in between every transaction or query. RESET https://www.postgresql.org/docs/9.1/sql-reset., DELETE query. Although the Postgres rules system appears to have the capabilities to do this but I cannot find much detail. As you can see, I am using Postgres row based security and I wish to ensure it is not possible for a specific session variable (that holds a tenant id) to re, insert(), then it is possible that the next query - which is for a different application user - might be executed using the session variable from the p