| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Postgres Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Must be owner to truncate? |
| Date: | 2005-07-07 16:40:51 |
| Message-ID: | 20050707164050.GH24207@ns.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Greetings,
The current permissions checks for truncate seem to be excessive. It
requires that you're the owner of the relation instead of requiring
that you have delete permissions on the relation. It was pointed out
that truncate doesn't call triggers but it seems like that would be
something easy enough to check for. My thinking is to replace the
existing ownercheck with:
Must have delete permissions on the relation
If the relation has triggers:
Check that the caller is the owner of the relation, if so, then
issue a NOTICE that those triggers won't be called and perform the
truncate.
If not the owner, then error out saying there are ON DELETE triggers
and that you're not the owner.
I can submit a patch for this today if there's general agreement on
this change. An alternative that was mentioned was to make 'delete'
smart enough to know when it's delete'ing all the rows and there
aren't any triggers on it, etc, to perform like truncate, perhaps
leaving the old file around until all transactions using it have
finished. This sounds like a good idea but also sounds like it'd be a
larger change and might have to wait till 8.2.
Thanks,
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Josh Berkus | 2005-07-07 16:52:44 | Re: SQL99 - Nested Tables |
| Previous Message | Tom Lane | 2005-07-07 16:35:36 | Re: A couple of patches for PostgreSQL 64bit support |