Thread

Commits

  1. Fix ALTER DEFAULT PRIVILEGES with duplicated objects

  1. Error messages on duplicate schema names

    Andrus <kobruleht2@hot.ee> — 2021-01-06T17:15:24Z

    Hi!
    
    ALTER DEFAULT PRIVILEGES IN SCHEMA public,public   GRANT all ON TABLES 
    TO testoig;
    
    Throws strange error
    
    Tuple already updated by self
    
    In other case which I posted duplicate schema causes another strange error
    
    duplicate key value violates unique constraint 
    "pg_default_acl_role_nsp_obj_index"DETAIL: Key (defaclrole, 
    defaclnamespace, defaclobjtype)=(30152, 186783649, r) already exists.
    
    Should duplicate schema names accepted or should their usage throw 
    better error messages.
    
    Andrus.
    
    
  2. Re: Error messages on duplicate schema names

    Michael Paquier <michael@paquier.xyz> — 2021-01-15T04:28:24Z

    On Wed, Jan 06, 2021 at 07:15:24PM +0200, Andrus wrote:
    > Should duplicate schema names accepted or should their usage throw better
    > error messages.
    
    This means that we are one call of CommandCounterIncrement() short for
    such queries, and similar safeguards already exist in this area for
    GRANT/REVOKE.  The spot where I would put this new CCI is at the end
    of SetDefaultACL(), like in the attached with a test added to
    privileges.sql.
    
    Any thoughts from others?
    --
    Michael
    
  3. Re: Error messages on duplicate schema names

    Alvaro Herrera <alvherre@alvh.no-ip.org> — 2021-01-19T20:37:51Z

    On 2021-Jan-15, Michael Paquier wrote:
    
    > On Wed, Jan 06, 2021 at 07:15:24PM +0200, Andrus wrote:
    > > Should duplicate schema names accepted or should their usage throw better
    > > error messages.
    > 
    > This means that we are one call of CommandCounterIncrement() short for
    > such queries, and similar safeguards already exist in this area for
    > GRANT/REVOKE.  The spot where I would put this new CCI is at the end
    > of SetDefaultACL(), like in the attached with a test added to
    > privileges.sql.
    > 
    > Any thoughts from others?
    
    Looks to match what we do in ExecGrant_Relation() et al, so +1.
    
    I guess you could make the case that the CCI call should be in the
    callers where we actually loop (SetDefaultACLsInSchemas,
    RemoveRoleFromObjectACL), but it's hard to get excited about the added
    clutter.
    
    -- 
    Álvaro Herrera       Valdivia, Chile
    
    
    
    
  4. Re: Error messages on duplicate schema names

    Michael Paquier <michael@paquier.xyz> — 2021-01-20T02:56:03Z

    On Tue, Jan 19, 2021 at 05:37:51PM -0300, Alvaro Herrera wrote:
    > I guess you could make the case that the CCI call should be in the
    > callers where we actually loop (SetDefaultACLsInSchemas,
    > RemoveRoleFromObjectACL), but it's hard to get excited about the added
    > clutter.
    
    Yeah, that matches my thoughts.  And I did not see any harm in putting
    the CCI in SetDefaultACL() even for the case of pg_default_acl with
    DROP OWNED BY.  So applied and backpatched.  Thanks, Alvaro and
    Andrus.
    --
    Michael