Re: ExecRTCheckPerms() and many prunable partitions
Amit Langote <amitlangote09@gmail.com>
From: Amit Langote <amitlangote09@gmail.com>
To: Alvaro Herrera <alvherre@alvh.no-ip.org>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>
Date: 2021-09-10T03:22:30Z
Lists: pgsql-hackers
Attachments
- v5-0001-Rework-query-relation-permission-checking.patch (application/octet-stream) patch v5-0001
- v5-0002-Do-not-add-OLD-NEW-RTEs-to-stored-view-rule-actio.patch (application/octet-stream) patch v5-0002
Thanks Alvaro for taking a look at this. On Tue, Sep 7, 2021 at 4:35 AM Alvaro Herrera <alvherre@alvh.no-ip.org> wrote: > Got this warning: > > /pgsql/source/master/contrib/postgres_fdw/postgres_fdw.c: In function 'GetResultRelCheckAsUser': > /pgsql/source/master/contrib/postgres_fdw/postgres_fdw.c:1898:7: warning: unused variable 'result' [-Wunused-variable] > Oid result; > ^~~~~~ Fixed. > I think the idea that GetRelPermissionInfo always has to scan the > complete list by OID is a nonstarter. Maybe it would be possible to > store the list index of the PermissionInfo element in the RelOptInfo or > the RTE? Maybe use special negative values if unknown (it knows to > search the first time) or known non-existant (probably a coding error > condition, maybe not necessary to have this) I implemented this by adding an Index field in RangeTblEntry, because GetRelPermissionInfo() is used in all phases of query processing and only RTEs exist from start to end. I did have to spend some time getting that approach right (get `make check` to pass!), especially to ensure that the indexes remain in sync during the merging of RelPermissionInfo across subqueries. The comments I wrote around GetRelPermissionInfo(), MergeRelPermissionInfos() functions should hopefully make things clear. Though, I do have a slightly uneasy feeling around the fact that RTEs now store information that is computed using some non-trivial logic, whereas most other fields are simple catalog state or trivial details extracted from how the query is spelled out by the user. I also noticed that setrefs.c: add_rtes_to_flat_rtable() was still doing things -- adding dead subquery RTEs and any RTEs referenced in the underlying subquery to flat rtable -- that the new approach of permissions handling makes unnecessary. I fixed that oversight in the updated patch. A benefit from that simplification is that there is now a single loop over rtable in that function rather than two that were needed before. -- Amit Langote EDB: http://www.enterprisedb.com
Commits
-
Add a test case for a316a3bc
- 054ff3b33a85 17.0 landed
- 0a14bca662a4 16.0 landed
-
Correctly set userid of subquery relations' child rels
- a316a3bc6d3f 16.0 landed
-
Fix buggy recursion in flatten_rtes_walker().
- c7468c73f7b6 16.0 landed
-
Remove some dead code in selfuncs.c
- 438e6b724090 16.0 landed
-
Update outdated comment in ApplyRetrieveRule
- 29861e228a47 16.0 landed
-
Rework query relation permission checking
- a61b1f74823c 16.0 landed
-
Generalize ri_RootToPartitionMap to use for non-partition children
- fb958b5da86d 16.0 landed
-
Stop accessing checkAsUser via RTE in some cases
- 599b33b9492d 16.0 landed
-
Add 'missing_ok' argument to build_attrmap_by_name
- ad86d159b6ab 16.0 landed