| From: | "Hsu, John" <hsuchen(at)amazon(dot)com> |
|---|---|
| To: | "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Include RELKIND_TOASTVALUE in get_relkind_objtype |
| Date: | 2019-10-01 00:10:50 |
| Message-ID: | C652D3DF-2B0C-4128-9420-FB5379F6B1E4@amazon.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hello,
get_relkind_objtype(...) was introduced as part of 8b9e9644dc, and it doesn't include
RELKIND_TOASTVALUE. As a result when a user who has usage rights on schema pg_toast
and attempts to reindex a table it is not the owner of it fails with the wrong error
message.
testuser is a non-superuser role who has been granted all on pg_toast
postgres=> \c
You are now connected to database "postgres" as user "testuser".
postgres=> REINDEX TABLE pg_toast.pg_toast_16388;
ERROR: unexpected relkind: 116
It seems get_relkind_objtype(...) is only used as part of aclcheck_error(...)
I've attached a patch to include RELKIND_TOASTVALUE in get_relkind_objtype.
Now it fails with the proper error message.
postgres=> \c
You are now connected to database "postgres" as user "testuser".
postgres=> REINDEX TABLE pg_toast.pg_toast_16388;
ERROR: must be owner of table pg_toast_16388
Cheers,
John H
| Attachment | Content-Type | Size |
|---|---|---|
| RELKIND_TOAST_01.patch | application/octet-stream | 439 bytes |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2019-10-01 00:13:41 | Re: SSL tests failing for channel_binding with OpenSSL <= 1.0.1 |
| Previous Message | Andres Freund | 2019-09-30 23:07:26 | Re: Don't codegen deform code for virtual tuples in expr eval for scan fetch |