Product Documentation

Appearance

All platforms

HAS_ROLE_PRIVILEGE

Return true if a role (or user) has the specified ROLE privilege on another specified role.

HAS_ROLE_PRIVILEGE([role1,] [role2,] privilege)

role1, role2, or both must be specified. The first role specified is the role being checked, and the second is the role that the first role may have privileges to alter, drop, or control. If only one role is specified, the function checks the privileges of the current user.

Valid privilege values are:

  • ALTER ROLE
  • DROP ROLE
  • CONTROL

Note: This function cannot be used in a query that has a FROM clause (with table references).

For example, in this session backup1 is the logged in user (current user). The results show that backup1 has privilege to alter role bar, but bar does not have privilege to alter backup1.

premdb=# \c premdb backup1
You are now connected to database "premdb" as user "backup1".
premdb=> select has_role_privilege('bar','alter role');
 has_role_privilege 
--------------------
 t
(1 row)

premdb=> select has_role_privilege('bar','backup1','alter role');
 has_role_privilege 
--------------------
 f
(1 row)