Re: Skip ExecCheckRTPerms in CTAS with no data

Michael Paquier <michael@paquier.xyz>

From: Michael Paquier <michael@paquier.xyz>
To: Bharath Rupireddy <bharath.rupireddyforpostgres@gmail.com>
Cc: Peter Eisentraut <peter.eisentraut@enterprisedb.com>, Anastasia Lubennikova <a.lubennikova@postgrespro.ru>, Tom Lane <tgl@sss.pgh.pa.us>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2020-11-20T05:37:28Z
Lists: pgsql-hackers
On Thu, Nov 19, 2020 at 10:05:19PM +0530, Bharath Rupireddy wrote:
> On Thu, Nov 19, 2020 at 8:47 PM Peter Eisentraut <peter.eisentraut@enterprisedb.com> wrote:
>> Materialized views are not in the SQL standard.
>>
>> But if you consider materialized views as a variant of normal views,
>> then the INSERT privilege would be applicable if you pass an INSERT on
>> the materialized view through to the underlying tables, like for a view.

INSERT to materialized views is not supported, but perhaps you mean
having a variant of auto updatable for matviews?  I am not sure how to
clearly define that.

> For CTAS: retain the existing CREATE privilege check and remove the
> INSERT privilege check altogether for all the cases i.e. with data,
> with no data, explain analyze, plain, with execute?
> For CREATE MATERIALIZED VIEW: same as CTAS, that is retain the
> existing CREATE privilege check and remove the INSERT privilege check
> for with data, with no data, explain analyze, plain?
> For REFRESH MATERIALIZED VIEW: retain the existing behaviour i.e. no
> privilege check.

Thanks.  Based on what Peter has said, the ACL_INSERT check in
intorel_startup() could just be removed, and the tests of matview.sql
and select_into.sql would need some cleanup.  We could keep around
some scenarios with some follow-up INSERT queries after the initial
creation.
--
Michael

Commits

  1. Remove INSERT privilege check at table creation of CTAS and matview

  2. Relax INSERT privilege requirement for CTAS and matviews WITH NO DATA