Diagnostic Queries
Symptoms
A role lacked the EXECUTE privilege required to call a function or procedure. PostgreSQL raises SQLSTATE 42501 (insufficient_privilege).
- Missing EXECUTE on the function/procedure.
- Common after revoking PUBLIC execute or for new roles.
- Function privileges are separate from schema/table privileges.
What the server log shows
ERROR: permission denied for function calculate_totalsWhy PostgreSQL raises this — what the manual says
As the GRANT reference (Description) explains:
Calling a function or procedure requires the EXECUTE privilege; the role invoking it was not granted EXECUTE on that routine (and is not its owner or a superuser), so PostgreSQL refuses the call.
Calling a function requires the EXECUTE privilege on it. Without that grant (or membership in a role that has it), PostgreSQL denies the call with 42501.
Common causes
- The role lacks EXECUTE on the function.
- EXECUTE was revoked from PUBLIC and not granted to the role.
- A new role not covered by default privileges.
How to fix it
- Grant it:
GRANT EXECUTE ON FUNCTION calculate_totals() TO app_user;. - Set default privileges for functions created later.
- Also ensure the role has USAGE on the function’s schema.
Related & next steps
Reference: PostgreSQL 18 — GRANT.
Was this helpful?
Thanks — noted. This helps keep the database accurate.