[PATCH] Report column-level error when lacking privilege
Steve Chavez <steve@supabase.io>
From: Steve Chavez <steve@supabase.io>
To: PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2026-03-30T01:07:31Z
Lists: pgsql-hackers
Attachments
- 0001-Report-column-level-error-when-lacking-privilege.patch (text/x-patch) patch 0001
- 0001-refactor-ExecCheckPermissionsModified-for-ACL_SELECT.patch (text/x-patch) patch 0001
Hello hackers, When a role `xx` has `grant select (name) on items to xx;`, a generic table-level error is given: select * from items; ERROR: permission denied for table items With this patch, we now give: select * from items; ERROR: permission denied for column "id" of relation "items" This only when the user has column-level privileges, if it doesn't have any the same regular table-level error is given. This makes the most sense and also keeps current tests mostly the same. * It also works for UPDATE and INSERT. * Clears the TODO mentioned on lines https://github.com/postgres/postgres/blob/45cdaf3665bedfbabb908bb84284f3db26781ad3/src/backend/executor/execMain.c#L691-L693 * This patch is on top of the patch mentioned on https://www.postgresql.org/message-id/CAGRrpzYP%2B3zEk__KZu-a5uWySfwgRFk6eoPXKrA5AdtBTXR%3Dng%40mail.gmail.com, which refactors the code to make it simpler to review. Best regards, Steve
Commits
Same data as JSON:
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
Make geometry cast functions error safe
- 45cdaf3665be 19 (unreleased) cited