| From: | shveta malik <shveta(dot)malik(at)gmail(dot)com> |
|---|---|
| To: | vignesh C <vignesh21(at)gmail(dot)com> |
| Cc: | Amit Kapila <amit(dot)kapila16(at)gmail(dot)com>, Dilip Kumar <dilipbalaut(at)gmail(dot)com>, Nisha Moond <nisha(dot)moond412(at)gmail(dot)com>, Peter Smith <smithpb2250(at)gmail(dot)com>, Masahiko Sawada <sawada(dot)mshk(at)gmail(dot)com>, Bharath Rupireddy <bharath(dot)rupireddyforpostgres(at)gmail(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>, shveta malik <shveta(dot)malik(at)gmail(dot)com> |
| Subject: | Re: Proposal: Conflict log history table for Logical Replication |
| Date: | 2026-06-16 04:26:04 |
| Message-ID: | CAJpy0uA0uXNHQA6AjaHX+0-n+7cTMsTgpirqMyxpxKFBAQB-Pg@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Jun 16, 2026 at 9:27 AM vignesh C <vignesh21(at)gmail(dot)com> wrote:
>
> On Mon, 15 Jun 2026 at 14:20, Amit Kapila <amit(dot)kapila16(at)gmail(dot)com> wrote:
> >
> > > 2. Views are disallowed, but functions are allowed
> > > Creating a view in the pg_conflict schema is rejected:
> > > postgres=# CREATE VIEW v1 AS
> > > SELECT * FROM pg_conflict.pg_conflict_log_16435;
> > > ERROR: permission denied to create "pg_conflict.v1"
> > > DETAIL: Conflict schema modifications are currently disallowed.
> > >
> > > However, creating a function in the same schema succeeds:
> > > CREATE FUNCTION pg_conflict.get_conflict_count()
> > > RETURNS bigint
> > > LANGUAGE sql
> > > AS $$
> > > SELECT count(*) FROM pg_conflict.pg_conflict_log_16404;
> > > $$;
> > > CREATE FUNCTION
> > >
> >
> > This is okay because the function is doing SELECT which we allow on
> > these tables.
>
> Shouldn’t creating a view also be allowed for the same reason?
>
> The function is permitted because it only performs a SELECT on the
> conflict log table, and such read operations are allowed. A view
> likewise represents a stored query definition and does not modify the
> conflict schema or its underlying tables. Given that direct queries on
> the conflict log tables are already permitted, allowing users to
> define views over them is consistent with the same rationale applied
> to functions.
>
I think Function creation and view creation should be allowed.
a) Views are purely logical wrappers used to inspect data. Allowing
them causes no harm and provides a benefit to DBAs, who can use them
to customize how they monitor CLT data.
b) IMO, allowing function creation is safe because we internally
enforce table-level restrictions at execution time. If a user defines
a function that only performs a 'select', it will run cleanly. But if
a function attempts a restricted operation such as an INSERT, UPDATE;
our existing checks/restrictions will naturally intercept the
execution and fail with the appropriate error.
The question is whether we should allow users to create these inside
the CLT schema or only in public/other schema?
thanks
Shveta
| From | Date | Subject | |
|---|---|---|---|
| Next Message | shveta malik | 2026-06-16 04:29:32 | Re: Proposal: Conflict log history table for Logical Replication |
| Previous Message | Dilip Kumar | 2026-06-16 04:25:55 | Re: Proposal: Conflict log history table for Logical Replication |