Re: Skip ExecCheckRTPerms in CTAS with no data

Peter Eisentraut <peter.eisentraut@enterprisedb.com>

From: Peter Eisentraut <peter.eisentraut@enterprisedb.com>
To: Michael Paquier <michael@paquier.xyz>, Bharath Rupireddy <bharath.rupireddyforpostgres@gmail.com>
Cc: Anastasia Lubennikova <a.lubennikova@postgrespro.ru>, Tom Lane <tgl@sss.pgh.pa.us>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2020-11-16T15:01:33Z
Lists: pgsql-hackers
On 2020-11-16 04:04, Michael Paquier wrote:
> On Fri, Nov 13, 2020 at 12:58:52PM +0530, Bharath Rupireddy wrote:
>> It's not required to set bistate to null as we have allocated myState
>> with palloc0 in CreateIntoRelDestReceiver, it will anyways be null.
>>    if (!into->skipData)
>>          myState->bistate = GetBulkInsertState();
>>
>> Attaching v4 patch. Please review it.
> 
> I have reviewed this one this morning, and applied it after some
> tweaks.  I have reworded some of the comments, fixed some typos, and
> largely refactored the test cases to stress all the combinations
> possible.  Please note that your patch would have caused failures
> in the buildfarm, as any role created needs to be prefixed with
> "regress_".

While this patch was nice enough to update the documentation about the 
requirement of the INSERT privilege, this is maybe more confusing now: 
How could a new table not have INSERT privilege?  Yes, you can do that 
with default privileges, but that's not well known and should be 
clarified in the documentation.

The SQL standard says that for CREATE TABLE AS, the INSERT "is 
effectively executed without further Access Rule checking", which means 
the INSERT privilege shouldn't be required at all.  I suggest we 
consider doing that instead.  I don't see a use for the current behavior.



Commits

  1. Remove INSERT privilege check at table creation of CTAS and matview

  2. Relax INSERT privilege requirement for CTAS and matviews WITH NO DATA