Re: [PATCH] Report column-level error when lacking privilege
David G. Johnston <david.g.johnston@gmail.com>
From: "David G. Johnston" <david.g.johnston@gmail.com>
To: Steve Chavez <steve@supabase.io>
Cc: PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2026-03-30T03:34:56Z
Lists: pgsql-hackers
On Sun, Mar 29, 2026 at 6:07 PM Steve Chavez <steve@supabase.io> wrote: > When a role `xx` has `grant select (name) on items to xx;`, a generic > table-level error is given: > > select * from items; > ERROR: permission denied for table items > > With this patch, we now give: > > select * from items; > ERROR: permission denied for column "id" of relation "items" > > Not too fond of picking one column as a representative for the error message. Better to say something like: ERROR: permission denied for column subset of table items Haven't looked but it should be doable to run a query for a given relation and role and report for each column whether a grant is available or not; which would be the one-stop shop for figuring out which columns at least don't have permissions granted. The user would still have to know which ones their query is actually using. David J.
Commits
Same data as JSON:
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
Make geometry cast functions error safe
- 45cdaf3665be 19 (unreleased) cited