| From: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | loren(at)paradigm(dot)xyz, pgsql-bugs(at)lists(dot)postgresql(dot)org |
| Subject: | Re: BUG #17626: Permission denied errors should list role as well as user |
| Date: | 2022-10-03 15:40:05 |
| Message-ID: | CAKFQuwa9HccMHPkdKnhcJouVXxCwcSnmGybfpDcWw3UFv2Bm7Q@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
On Mon, Oct 3, 2022 at 6:51 AM Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> PG Bug reporting form <noreply(at)postgresql(dot)org> writes:
> > I'm running this set of commands:
> > create user elevated_user IN ROLE pg_read_all_data;
> > create user regular_user;
> > create table foo (id int);
> > set role elevated_user;
> > select * from foo; -- works
> > set role regular_user;
> > select * from foo; -- errors
>
> > The error message looks like "user=elevated_user ERROR: permission
> denied
> > for table foo".
>
> No ... it just looks like
>
> regression=> select * from foo; -- errors
> ERROR: permission denied for table foo
>
Based on the subject line the proper wording would be "the error message
should look some like ..."
Basically, a permission check requires two things and the complaint is that
only one of those things is mentioned in the error message.
David J.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2022-10-03 15:53:31 | Re: BUG #17626: Permission denied errors should list role as well as user |
| Previous Message | Tom Lane | 2022-10-03 13:50:55 | Re: BUG #17626: Permission denied errors should list role as well as user |