Re: REASSIGN OWNED lacks support for FDWs
Etsuro Fujita <fujita.etsuro@lab.ntt.co.jp>
From: Etsuro Fujita <fujita.etsuro@lab.ntt.co.jp>
To: Alvaro Herrera <alvherre@commandprompt.com>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, Robert Haas <robertmhaas@gmail.com>, Pg Hackers <pgsql-hackers@postgresql.org>
Date: 2012-02-23T08:37:27Z
Lists: pgsql-hackers
Commits
Same data as JSON:
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
Add missing support for removing foreign data wrapper / server privileges
- e356743f3ed4 9.1.0 cited
(2012/02/23 5:32), Alvaro Herrera wrote:
>> My only concern on the patch is
>>
>> +static void
>> +AlterForeignServerOwner_internal(Relation rel, HeapTuple tup, Oid
>> newOwnerId)
>> +{
>> + Form_pg_foreign_server form;
>>
>> - srvId = HeapTupleGetOid(tup);
>> form = (Form_pg_foreign_server) GETSTRUCT(tup);
>>
>> if (form->srvowner != newOwnerId)
>> @@ -366,10 +388,15 @@ AlterForeignServerOwner(const char *name, Oid
>> newOwnerId)
>> /* Superusers can always do it */
>> if (!superuser())
>> {
>>
>> I wonder if superusers can always do it. For example, is it OK for
>> superusers to change the ownership of a foreign server owned by old_role
>> to new_role that doesn't have USAGE privilege on its foreign data wrapper.
>
> Well, permission checking are just what they were before the patch. I
> did not change them here. I didn't participate in the discussions that
> led to the current behavior, but as far as I know the guiding principle
> here is that superusers always can do whatever they please. Maybe what
> you point out is a bug in the behavior (both before and after my patch),
> but if so, please raise it separately.
OK. Thanks.
Best regards,
Etsuro Fujita