| From: | Antonin Houska <ah(at)cybertec(dot)at> |
|---|---|
| To: | Peter Eisentraut <peter(dot)eisentraut(at)enterprisedb(dot)com> |
| Cc: | Euler Taveira <euler(at)eulerto(dot)com>, Amit Kapila <amit(dot)kapila16(at)gmail(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Privileges on PUBLICATION |
| Date: | 2022-11-03 05:43:12 |
| Message-ID: | 1537.1667454192@antos |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Peter Eisentraut <peter(dot)eisentraut(at)enterprisedb(dot)com> wrote:
> The CF entry is about privileges on publications. Please rebase that patch
> and repost it so that the CF app and the CF bot are up to date.
The rebased patch (with regression tests added) is attached here.
There's still one design issue that I haven't mentioned yet: if the USAGE
privilege on a publication is revoked after the synchronization phase
completed, the missing privilege on a publication causes ERROR in the output
plugin. If the privilege is then granted, the error does not disappear because
the same (historical) snapshot we use to decode the failed data change again
is also used to check the privileges in the catalog, so the output plugin does
not see that the privilege has already been granted.
The only solution seems to be to drop the publication from the subscription
and add it again, or to drop and re-create the whole subscription. I haven't
added a note about this problem to the documentation yet, in case someone has
better idea how to approach the problem.
--
Antonin Houska
Web: https://www.cybertec-postgresql.com
| Attachment | Content-Type | Size |
|---|---|---|
| usage_privilege_on_publication_v2.diff | text/x-diff | 32.0 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ian Lawrence Barwick | 2022-11-03 07:37:38 | Re: Improve description of XLOG_RUNNING_XACTS |
| Previous Message | John Naylor | 2022-11-03 05:40:19 | Re: Incorrect include file order in guc-file.l |