From: | Evgeniy Efimkin <efimkin(at)yandex-team(dot)ru> |
---|---|
To: | Stephen Frost <sfrost(at)snowman(dot)net> |
Cc: | "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>, Дмитрий Сарафанников <dsarafan(at)yandex-team(dot)ru>, Андрей Бородин <x4mmm(at)yandex-team(dot)ru>, Владимир Бородин <root(at)simply(dot)name> |
Subject: | Re: Special role for subscriptions |
Date: | 2018-11-09 12:24:17 |
Message-ID: | 2654451541766257@myt4-a988562a11ab.qloud-c.yandex.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Hi!
In order to support create subscription from non-superuser, we need to make it possible to choose tables on the subscriber side:
1. add `FOR TABLE` clause in `CREATE SUBSCRIPTION`:
```
CREATE SUBSCRIPTION subscription_name
CONNECTION 'conninfo'
PUBLICATION publication_name [, ...]
[ FOR TABLE [ ONLY ] table_name [ * ] [, ...]| FOR ALL TABLES ]
[ WITH ( subscription_parameter [= value] [, ... ] ) ]
```
... where `FOR ALL TABLES` is only allowed for superuser.
and table list in `FOR TABLES` clause will be stored in pg_subscription_rel table (maybe another place?)
2. Each subscription should have "all tables" attribute.
For example via a new column in pg_subscription "suballtables".
3. Add `ALTER SUBSCRIPTION (ADD TABLE | DROP TABLE)`:
```
ALTER SUBSCRIPTION subscription_name ADD TABLE [ ONLY ] table_name [WITH copy_data];
ALTER SUBSCRIPTION subscription_name DROP TABLE [ ONLY ] table_name;
```
4. On `ALTER SUBSCRIPTION <name> REFRESH PUBLICATION` should check if table owner equals subscription owner. The check is ommited if subscription owner is superuser.
5. If superuser calls `ALTER SUBSCRIPTION REFRESH PUBLICATION` on subscription with table list and non-superuser owner, we should filter tables which owner is not subscription's owner or maybe we need to raise error?
What do you think about it? Any objections?
07.11.2018, 00:52, "Stephen Frost" <sfrost(at)snowman(dot)net>:
> Greetings,
>
> * Evgeniy Efimkin (efimkin(at)yandex-team(dot)ru) wrote:
>> As a first step I suggest we allow CREATE SUBSCRIPTION for table owner only.
>
> That's a nice idea but seems like we would want to have a way to filter
> what tables a subscription follows then..? Just failing if the
> publication publishes tables that we don't have access to or are not the
> owner of seems like a poor solution..
>
> Thanks!
>
> Stephen
--------
Ефимкин Евгений
From | Date | Subject | |
---|---|---|---|
Next Message | Andrew Gierth | 2018-11-09 12:42:27 | Re: Adding a TAP test checking data consistency on standby with minRecoveryPoint |
Previous Message | Michael Paquier | 2018-11-09 12:11:10 | Re: csv format for psql |