Re: Only owners can ANALYZE tables...seems overly restrictive

On 02/29/2016 09:09 AM, David G. Johnston wrote:
> ​
> Being able to run ANALYZE on a table in no way implies that ​I should be
> allowed to run ALTER TABLE SET STATISTICS on the same.
> ​
>
> Only table owners should be allowed to execute ALTER TABLE while, in my
> opinion, anyone with write capabilities on a table should be allowed to
> execute ANALYZE.​ I would accept a GRANT permission if that could get
> committed but I find the status-quo mildly annoying.

I think a better question at this point is: What is the problem you are
trying to solve? Think about the following:

1. When you run ANALYZE it will update the statistics.
2. Anyone can run SET, which means that if any user can run ANALYZE, any
user can greatly modify the statistics.
3. This can already be handled by GRANT:

* psql -U jd -h localhost;
* create table foo (id text);
* create role jd_role;
* alter table foo owner to jd_role;
* grant jd_role to boo;
* \c jd boo
* analyze foo;

Sincerely,

JD

--
Command Prompt, Inc. http://the.postgres.company/
+1-503-667-4564
PostgreSQL Centered full stack support, consulting and development.
Everyone appreciates your honesty, until you are honest with them.