PSQL SET
variables aren't interpolated inside dollar-quoted strings. I don't know this for certain, but I think there's no escape or other trickery to turn on SET
variable interpolation in there.
One might think you could wedge an unquoted :user
between two dollar-quoted stretches of PL/pgSQL to get the desired effect. But this doesn't seem to work... I think the syntax requires a single string and not an expression concatenating strings. Might be mistaken on that.
Anyway, that doesn't matter. There's another approach (as Pasco noted): write the stored procedure to accept a PL/pgSQL argument. Here's what that would look like.
CREATE OR REPLACE FUNCTION foo("user" TEXT) RETURNS void AS
$$
BEGIN
EXECUTE 'GRANT SELECT ON my_table TO GROUP ' || quote_ident(user);
END;
$$ LANGUAGE plpgsql;
Notes on this function:
EXECUTE
generates an appropriate GRANT
on each invocation using on our procedure argument. The PG manual section called "Executing Dynamic Commands" explains EXECUTE
in detail.
- The declaration of procedure argument
user
must be double quoted. Double quotes force it to be interpreted as an identifier.
Once you define the function like this, you can call it using interpolated PSQL variables. Here's an outline.
- Run
psql --variable user="'whoever'" --file=myscript.sql
. Single quotes are required around the username!
- In myscript.sql, define function like above.
- In myscript.sql, put
select foo(:user);
. This is where we rely on those single quotes we put in the value of user
.
Although this seems to work, it strikes me as rather squirrely. I thought SET
variables were intended for runtime configuration. Carrying data around in SET
seems odd.
Edit: here's a concrete reason to not use SET
variables. From the manpage: "These assignments are done during a very early stage of startup, so variables reserved for internal purposes might get overwritten later." If Postgres decided to use a variable named user
(or whatever you pick), it could overwrite your script argument with something you never intended. In fact, psql already takes USER
for itself -- this only works because SET
is case sensitive. This very nearly broke things from the start!