From: | Tatsuo Ishii <ishii(at)sraoss(dot)co(dot)jp> |
---|---|
To: | horiguchi(dot)kyotaro(at)lab(dot)ntt(dot)co(dot)jp |
Cc: | hoshiai(at)sraoss(dot)co(dot)jp, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: Proposal to suppress errors thrown by to_reg*() |
Date: | 2019-03-19 07:35:32 |
Message-ID: | 20190319.163532.529526338176696856.t-ishii@sraoss.co.jp |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
>> According to the document, "to_reg* functions return null rather than
>> throwing an error if the name is not found", but this is not the case
>> if the arguments to those functions are schema qualified and the
>> caller does not have access permission of the schema even if the table
>> (or other object) does exist -- we get an error.
>
> You explicitly specified the namespace and I think that it is not
> the case of not-found. It is right that the error happens since
> you explicitly tried to access a unprivileged schema.
>
>> For example, to_regclass() throws an error if its argument is
>> 'schema_name.table_name'' (i.e. contains schema name) and caller's
>> role doesn't have access permission of the schema. Same thing can be
>> said to Other functions,
>>
>> I get complain from Pgpool-II users because it uses to_regclass()
>> internally to confirm table's existence but in the case above it's
>> not useful because the error aborts user's transaction.
>
> I'm not sure how such unaccessible table names are given to the
> function there, but it is also natural that any user trying to
> access unprivileged objects gets an error.
You misunderstand the functionality of to_regclass(). Even if a user
does not have an access privilege of certain table, to_regclass() does
not raise an error.
test=> select * from t1;
ERROR: permission denied for table t1
test=> select to_regclass('t1')::oid;
to_regclass
-------------
1647238
(1 row)
So why can't we do the same thing for schema? For me, that way seems
to be more consistent.
Best regards,
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese:http://www.sraoss.co.jp
From | Date | Subject | |
---|---|---|---|
Next Message | Jamison, Kirk | 2019-03-19 07:46:52 | RE: Transaction commits VS Transaction commits (with parallel) VS query mean time |
Previous Message | Haribabu Kommi | 2019-03-19 07:34:12 | Re: pg_basebackup ignores the existing data directory permissions |