Re: [HACKERS] postgres_fdw super user checks

On Fri, Dec 1, 2017 at 12:31 AM, Michael Paquier
<michael(dot)paquier(at)gmail(dot)com> wrote:
> I am moving this patch to next CF 2018-01.

There now seems to be a consensus for superuser -> superuser_arg
rather than what Jeff did originally; that approach has 4 votes and
nothing else has more than 1. So, here's a patch that does it that
way.

I tried to see if some documentation update was needed, but I think
the documentation already reflects the proposed new behavior. It
says:

<para>
Only superusers may connect to foreign servers without password
authentication, so always specify the <literal>password</literal> option
for user mappings belonging to non-superusers.
</para>

Currently, however, that's not accurate. Right now you need to
specify the password option for user mappings that will be *used by*
non-superusers, not user mappings *belonging to* non-superusers. So
this patch is, I think, just making the actual behavior match the
documented behavior. Not sure if anyone has any other suggestions
here. I think this is definitely a master-only change; should we try
to insert some kind of warning into the back-branch docs? I
definitely think this should be called out in the v11 release notes.

--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company