v1-poc-test-ownership.txt

text/plain

Filename: v1-poc-test-ownership.txt
Type: text/plain
Part: 0
Message: Re: Proposal: Conflict log history table for Logical Replication
From 4da2c755a2acc39c97195154f7bd83cd8af05726 Mon Sep 17 00:00:00 2001
From: Dilip Kumar <dilipkumarb@google.com>
Date: Tue, 5 May 2026 17:59:33 +0530
Subject: [PATCH] poc test ownership

---
 src/backend/catalog/aclchk.c | 14 +++++++++++---
 src/bin/initdb/initdb.c      |  1 +
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/src/backend/catalog/aclchk.c b/src/backend/catalog/aclchk.c
index 67424fe3b0c..a1395236ab3 100644
--- a/src/backend/catalog/aclchk.c
+++ b/src/backend/catalog/aclchk.c
@@ -3343,12 +3343,20 @@ pg_class_aclmask_ext(Oid table_oid, Oid roleid, AclMode mask,
 	 * As of 7.4 we have some updatable system views; those shouldn't be
 	 * protected in this way.  Assume the view rules can take care of
 	 * themselves.  ACL_USAGE is if we ever have system sequences.
+	 *
+	 * For conflict log tables, we allow non-superusers to perform DELETE
+	 * and TRUNCATE for maintenance, while still restricting INSERT,
+	 * UPDATE, and USAGE.
 	 */
 	if ((mask & (ACL_INSERT | ACL_UPDATE | ACL_DELETE | ACL_TRUNCATE | ACL_USAGE)) &&
-		IsSystemClass(table_oid, classForm) &&
-		classForm->relkind != RELKIND_VIEW &&
+		IsConflictClass(classForm) &&
 		!superuser_arg(roleid))
-		mask &= ~(ACL_INSERT | ACL_UPDATE | ACL_DELETE | ACL_TRUNCATE | ACL_USAGE);
+		mask &= ~(ACL_INSERT | ACL_UPDATE | ACL_USAGE);
+	else if ((mask & (ACL_INSERT | ACL_UPDATE | ACL_DELETE | ACL_TRUNCATE | ACL_USAGE)) &&
+			IsSystemClass(table_oid, classForm) &&
+			classForm->relkind != RELKIND_VIEW &&
+			!superuser_arg(roleid))
+			mask &= ~(ACL_INSERT | ACL_UPDATE | ACL_DELETE | ACL_TRUNCATE | ACL_USAGE);
 
 	/*
 	 * Otherwise, superusers bypass all permission-checking.
diff --git a/src/bin/initdb/initdb.c b/src/bin/initdb/initdb.c
index 14cb79c26be..fa3316fcb97 100644
--- a/src/bin/initdb/initdb.c
+++ b/src/bin/initdb/initdb.c
@@ -1839,6 +1839,7 @@ setup_privileges(FILE *cmdfd)
 				  "  AND relacl IS NULL;\n\n",
 				  escape_quotes(username));
 	PG_CMD_PUTS("GRANT USAGE ON SCHEMA pg_catalog, public TO PUBLIC;\n\n");
+	PG_CMD_PUTS("GRANT USAGE ON SCHEMA pg_conflict TO pg_create_subscription;\n\n");
 	PG_CMD_PUTS("REVOKE ALL ON pg_largeobject FROM PUBLIC;\n\n");
 	PG_CMD_PUTS("INSERT INTO pg_init_privs "
 				"  (objoid, classoid, objsubid, initprivs, privtype)"
-- 
2.49.0