Product Documentation

Appearance

All platforms

HAS_KEY_PRIVILEGE

Return true if the specified user (or current user) has the HMAC privilege on the encryption key. See also GRANT ON KEY.

HAS_KEY_PRIVILEGE(role, key, privilege)

This function returns results for the current user if no role is specified. Specify the name of the encryption key and one of the following privileges:

  • ENCRYPT
  • DECRYPT
  • HMAC

Instead of the key name, you can specify the key ID, as returned by the sys.key view.

Note: This function cannot be used in a query that has a FROM clause (with table references).

For example:

premdb=# grant hmac on key yb100key to yb100;
GRANT
premdb=# select has_key_privilege('yb100','yb100key','hmac');
 has_key_privilege 
-------------------
 t
(1 row)
premdb=# \c premdb yb100
You are now connected to database "premdb" as user "yb100".
premdb=> select has_key_privilege('yb100key','hmac');
 has_key_privilege 
-------------------
 t
(1 row)