SET SESSION AUTHORIZATION

Set the session user and the current user for the current SQL session.

SET [ LOCAL ] SESSION AUTHORIZATION user_name
SET [ LOCAL ] SESSION AUTHORIZATION DEFAULT
RESET SESSION AUTHORIZATION

LOCAL can only be used when this command is run within a transaction block and specifies that the command takes effect only for that transaction.

You can use this command, for example, to temporarily become an unprivileged user and later switch back to being a superuser. The session user is initially set to the authenticated user name provided by the client. The current user is the user whose permissions are checked when commands are issued. The current user is normally the same as the session user, but may be changed by the SET ROLE command.

You can change the session user only if the initial session user (the authenticated user) had superuser privileges. Otherwise, the command is accepted only if it specifies the authenticated user name.

The DEFAULT and RESET options reset the session and current users to the originally authenticated user name. Any user can run these commands.

For example:

premdb=# select current_user, session_user;
 current_user | session_user 
--------------+--------------
 yellowbrick  | yellowbrick
(1 row)

premdb=# set session authorization bobr;
SET
premdb=> select current_user, session_user;
 current_user | session_user 
--------------+--------------
 bobr         | bobr
(1 row)

premdb=> drop table match;
ERROR:  must be owner of relation match