Re: Allow pg_read_all_stats to read pg_stat_progress_*
Stephen Frost <sfrost@snowman.net>
From: Stephen Frost <sfrost@snowman.net>
To: Magnus Hagander <magnus@hagander.net>
Cc: "Andrey M. Borodin" <x4mmm@yandex-team.ru>, Kyotaro Horiguchi <horikyota.ntt@gmail.com>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2020-04-20T11:10:02Z
Lists: pgsql-hackers
Greetings, * Magnus Hagander (magnus@hagander.net) wrote: > On Mon, Apr 20, 2020 at 12:43 PM Andrey M. Borodin <x4mmm@yandex-team.ru> > wrote: > > > 16 апр. 2020 г., в 17:46, Magnus Hagander <magnus@hagander.net> > > написал(а): > > > If we do that, it may be better that we define "PGSTAT_VIEW_PRIV()" or > > > something like and replace the all occurances of the idiomatic > > > condition with it. > > > > > > You mean something like the attached? > > > > > > <allow_read_all_stats3.diff> > > > > Is it correct that we use DEFAULT_ROLE_READ_ALL_STATS regardless of > > inheritance? I'm not familiar with what is inherited and what is not, so I > > think it's better to ask explicitly. > > > > +#define HAS_PGSTAT_PERMISSIONS(role) (is_member_of_role(GetUserId(), > > DEFAULT_ROLE_READ_ALL_STATS) || has_privs_of_role(GetUserId(), role)) > > It is consistent with all the other uses of DEFAULT_ROLE_READ_ALL_STATS > that I can find. Ugh. That doesn't make it correct though.. We really should be using has_privs_of_role() for these cases (and that goes for all of the default role cases- some of which are correct and others are not, it seems). Thanks, Stephen
Commits
-
Allow pg_read_all_stats to access all stats views again
- d0bb66572e33 10.13 landed
- 3d4652f67d1f 11.8 landed
- 212e712a5eed 12.3 landed
- 7e4e574744c1 13.0 landed