| From: | Dilip Kumar <dilipbalaut(at)gmail(dot)com> |
|---|---|
| To: | Peter Smith <smithpb2250(at)gmail(dot)com> |
| Cc: | vignesh C <vignesh21(at)gmail(dot)com>, shveta malik <shveta(dot)malik(at)gmail(dot)com>, Amit Kapila <amit(dot)kapila16(at)gmail(dot)com>, Nisha Moond <nisha(dot)moond412(at)gmail(dot)com>, Masahiko Sawada <sawada(dot)mshk(at)gmail(dot)com>, Bharath Rupireddy <bharath(dot)rupireddyforpostgres(at)gmail(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Proposal: Conflict log history table for Logical Replication |
| Date: | 2026-06-15 11:56:48 |
| Message-ID: | CAFiTN-sEUpdMhdd0BORu+OVVK8+o_LNHxWDQ7ufgyNYfW5j9sg@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Mon, Jun 15, 2026 at 10:35 AM Peter Smith <smithpb2250(at)gmail(dot)com> wrote:
>
> Some review comments for v50-0002.
>
> ======
> Commit message
>
> 1.
> Missing commit message.
>
> ======
> GENERAL
>
> 2.
> + if (IsConflictLogTableClass(rel->rd_rel))
> + ereport(ERROR,
> + (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
> + errmsg("permission denied: \"%s\" is a conflict log table",
> + RelationGetRelationName(rel)),
> + errdetail("Conflict log tables are system-managed tables for logical
> replication conflicts.")));
>
> 2a.
> There are many duplicate "permission denied" messages in this patch,
> like above. Is it possible to do something like introduce an
> OBJECT_SUBSCRIPTION_CLT so you can delegate all these to common
> aclcheck_error(ACLCHECK_NO_PRIV, OBJECT_SUBSCRIPTION_CLT, clt_name)
> error processing?
>
> Or, if that's a bit too hacky, put a common error function in catalog.c.
>
> e.g.
> if (IsConflictLogTableClass(rel->rd_rel))
> ConflictLogTablePermissionDenied(rel);
I do not really think we need a separate function or a new error code,
but I am open for what other thinks so for now I am not fixing it.
> ~
>
> 2b.
> I'm not sure that the errdetail is really needed, since none of the
> nearby messages have extra errdetail. Instead, you could just modify
> the errmsg like:
> "permission denied: \"%s\" is a system-managed conflict log table".
>
> ======
> src/backend/commands/lockcmds.c
Yeah we can remove errdetails considering the other nearby permission
check code, provided no one else objects.
>
> 3.
> + if (IsConflictLogTableNamespace(get_rel_namespace(relid)) &&
> + lockmode > AccessShareLock)
> + ereport(ERROR,
> + (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
> + errmsg("permission denied: \"%s\" is a conflict log table",
> + rv->relname),
> + errdetail("Conflict log tables are system-managed and cannot be
> locked explicitly, except in ACCESS SHARE mode.")));
> +
>
> Is ERRCODE_INSUFFICIENT_PRIVILEGE/"permission denied" the correct
> errcode/errmsg to use here. e.g., is lack of privilege really the
> problem given it was not supposed to be locked by *anybody*?
Based on our previous discussion, we are now allowing locking of the
conflict log tables. Therefore, this code block will be removed in
upcoming version and a note will be added to explain why this is
permitted.
--
Regards,
Dilip Kumar
Google
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Potapov Alexander | 2026-06-15 12:23:36 | [Patch] Fix pg_upgrade/t/007_multixact_conversion.pl |
| Previous Message | Amit Kapila | 2026-06-15 11:31:21 | Re: [PATCH] Preserve replication origin OIDs in pg_upgrade |